Go to ICLR 2026 Conference homepageCTFusion : A CTF-based Benchmark for LLM Agent Evaluation
Keywords: LLM, Cybersecurity Agents, CTF Benchmarks, Live Evaluation
TL;DR: We present CTFusion, a streaming evaluation framework that uses live CTF competitions to assess LLM-based cybersecurity agents.
Abstract: Recent advances in Large Language Models (LLMs) have enabled agentic systems for complex, multi-step tasks; cybersecurity is emerging as a prominent application. To evaluate such agents, researchers widely adopt Capture The Flag (CTF) benchmarks. However, current CTF benchmarks reuse existing challenges, which exposes them to data contamination and potential cheating. Notably, we confirmed these issues in practice by integrating web search tools into an existing agent. To address these limitations, we present CTFusion, a streaming evaluation framework built on Live CTFs. To achieve this, CTFusion employs virtualization and aggregation to ensure that agents interact with CTF tasks independently, while minimizing impact on real competitions. Moreover, we implement CTFusion as a Model Context Protocol (MCP) server on the widely used CTFd platform, which offers broad applicability to diverse CTF events and agent types. Through experiments with three LLMs, two agents, and five Live CTFs, we demonstrate that existing CTF benchmarks can be unreliable in assessing LLM-based agents, while CTFusion can serve as a robust solution for evaluating cybersecurity agents. We release CTFusion as open source to foster future research in this area.
Supplementary Material: zip
Primary Area: datasets and benchmarks
Submission Number: 9505
Loading