Search Icon
2026 Program

Towards LLM-Assisted Vulnerability Detection and Repair for Open-Source 5G UE Implementations

Rupam Patir (University at Buffalo), Qiqing Huang (University at Buffalo), Keyan Guo (University at Buffalo), Wanda Guo (Texas A&M University), Guofei Gu (Texas A&M University), Haipeng Cai (University at Buffalo), Hongxin Hu (University at Buffalo)

The rapid evolution of software systems in 5G networks has heightened the need for robust security measures. Traditional code analysis methods often fail to detect vulnerabilities specific to 5G, particularly vulnerabilities stemming from complex protocol interactions. In this work, we explore the potential of LLM-assisted techniques in vulnerability detection and repair in open-source 5G implementations. We introduce a novel framework leveraging Chain-of-Thought (CoT) prompting in two phases: first, vulnerability detection based on 5G Vulnerability Properties (VPs); second, vulnerability repair guided by 5G Secure Coding Practices (SCPs). We conducted a case study on an open-source 5G User Equipment (UE) implementation that illustrates how our framework leverages vulnerability properties and SCPs to identify and remediate vulnerabilities. Our testing results indicate successful detection and repair, demonstrating the practicality and effectiveness of our approach. While challenges persist, including the identification of 5G-specific security properties and SCPs and the complexity of their integration, this study provides a foundation for advancing automated LLM-assisted solutions to strengthen the security of open-source 5G systems.

Paper

View More Papers

CENSOR: Defense Against Gradient Inversion via Orthogonal Subspace Bayesian...

Kaiyuan Zhang (Purdue University), Siyuan Cheng (Purdue University), Guangyu Shen (Purdue University), Bruno Ribeiro (Purdue University), Shengwei An (Purdue University), Pin-Yu Chen (IBM Research AI), Xiangyu Zhang (Purdue University), Ninghui Li (Purdue University)

Read More

SKILLPoV: Towards Accessible and Effective Privacy Notice for Amazon...

Jingwen Yan (Clemson University), Song Liao (Texas Tech University), Mohammed Aldeen (Clemson University), Luyi Xing (Indiana University Bloomington), Danfeng (Daphne) Yao (Virginia Tech), Long Cheng (Clemson University)

Read More

ProvGuard: Detecting SDN Control Policy Manipulation via Contextual Semantics...

Ziwen Liu (Beihang University), Jian Mao (Beihang University; Tianmushan Laboratory; Hangzhou Innovation Institute, Beihang University), Jun Zeng (National University of Singapore), Jiawei Li (Beihang University; National University of Singapore), Qixiao Lin (Beihang University), Jiahao Liu (National University of Singapore), Jianwei Zhuge (Tsinghua University; Zhongguancun Laboratory), Zhenkai Liang (National University of Singapore)

Read More