eBiltegia

    • What is eBiltegia? 
    •   About eBiltegia
    •   Publish your research in open access
    • Open Access at MU 
    •   What is Open Science?
    •   Mondragon Unibertsitatea's Institutional Policy on Open Access to scientific documents and teaching materials
    •   The Library compiles and disseminates your publications

Con la colaboración de:

Euskara | Español | English
  • Contact Us
  • Open Science
  • About eBiltegia
  • Login
View Item 
  •   eBiltegia MONDRAGON UNIBERTSITATEA
  • Scientific Output
  • Conference papers
  • Conference papers - Engineering
  • View Item
  •   eBiltegia MONDRAGON UNIBERTSITATEA
  • Scientific Output
  • Conference papers
  • Conference papers - Engineering
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.
Thumbnail
View/Open
CRITIS2025_LLMS_COMPARISON_CAMERAREADY_061125.pdf (1.525Mb)
Full record
Impact

Web of Science   

Google Scholar
Compartir
EmailLinkedinFacebookTwitter
Save the reference
Mendely

Zotero

untranslated

Mets

Mods

Rdf

Marc

Exportar a BibTeX
Title
Sow Smarter, Not Harder: Evaluating LLM-Generated Seeds for Fuzzing Critical Infrastructure
Author
Barredo Ferreira, JorgeORCID
Eceiza, Maialen
Flores, Jose Luis
Iturbe Urretxa, Mikel
Research Group
Análisis de Datos y Ciberseguridad
Other institutions
https://ror.org/03hp1m080
https://ror.org/000xsnr85
Version
Postprint
Document type
Conference Object
Language
English
Rights
© Springer Nature
Access
Open access
URI
https://hdl.handle.net/20.500.11984/14625
Publisher’s version
https://doi.org/10.1007/978-3-032-19540-1_17
Published at
Critical Information Infrastructures Security  CRITIS 2025. Lecture Notes in Computer Science. Vol 16291
Publisher
Springer Nature
Keywords
LLMs
Fuzzing
Vulnerability detection
Subject (UNESCO Thesaurus)
Data analysis
Data protection
Abstract
Software vulnerabilities in critical infrastructure components can lead to severe disruptions. While fuzzing effectively identifies such weaknesses, the quality of initial seed inputs significantly im ... [+]
Software vulnerabilities in critical infrastructure components can lead to severe disruptions. While fuzzing effectively identifies such weaknesses, the quality of initial seed inputs significantly impacts its effectiveness. This study evaluates how large language models (LLMs) can generate better fuzzing seeds for critical infrastructure software. We compared seven LLMs—ChatGPT-4-Turbo, Claude 3.0 Opus, Claude 3.7 Sonnet, DeepSeek-V3, Gemini 2.0 Flash, Grok 3, and Mistral 7B—with manual baselines across six programs, including industrial control libraries, routing components, and network firmware. Over 20 independent 24-h campaigns per model and program, LLM-generated seeds achieved 14.8% higher code coverage, detected 56.3% more unique crashes, and reached first crashes 373.9% faster than manual methods. Performance patterns emerged across different infrastructure protocols, with certain models excelling at complex SCADA data formats while others performed better for network security components. The 56.5% computational efficiency improvement benefits resource-constrained operational technology environments. These findings demonstrate that LLM-generated seeds can meaningfully enhance vulnerability detection in software underlying critical infrastructure systems, offering a practical approach to strengthening resilience against cyber threats . [-]
Funder
Gobierno Español
Gobierno Vasco
Program
Transmisiones 2024
Ikertalde Convocatoria 2022-2025
Number
PLEC2024-011222
IT1676-22
Project
TeCnologías disRuptivas para la protección, evaluación y operación segura de dIsposiTivos Industriales Conectados (CRITIC)
Grupo de sistemas inteligentes para sistemas industriales
Collections
  • Conference papers - Engineering [563]

Browse

All of eBiltegiaCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsResearch groupsPublished atThis CollectionBy Issue DateAuthorsTitlesSubjectsResearch groupsPublished at

My Account

LoginRegister

Statistics

View Usage Statistics

Harvested by:

OpenAIREBASERecolecta

Validated by:

OpenAIRERebiun
MONDRAGON UNIBERTSITATEA | Library
Contact Us | Send Feedback
DSpace
 

 

Harvested by:

OpenAIREBASERecolecta

Validated by:

OpenAIRERebiun
MONDRAGON UNIBERTSITATEA | Library
Contact Us | Send Feedback
DSpace