Go to DBLP homepage5GPT: 5G Vulnerability Detection by Combining Zero-Shot Capabilities of GPT-4 With Domain Aware Strategies Through Prompt Engineering
Abstract: Identifying vulnerabilities in complex 5G network protocols is a challenging task. Manual analysis is time-consuming and often inadequate. Modern ML and NLP methods, though effective, are resource-intensive and struggle to find implicit vulnerabilities. In this research, we utilize GPT-4’s advanced language understanding to detect vulnerabilities directly from 5G specifications. To assess GPT-4’s fundamental capabilities in this domain, we first adopt a zero-shot approach that relies solely on the specification text without external guidance. For detecting more sophisticated vulnerabilities that require deep contextual understanding, we introduce a novel domain-aware strategy, where we explicitly teach GPT-4 about security properties and hazard indicators from related works using few-shot learning. We further employ chain-of-thought prompting to guide the model through structured reasoning steps to identify violations or exploitations that may lead to vulnerabilities. A two-tier filtering process ensures that only promising test-cases are retained. Our method has identified 47 potential vulnerabilities in 5G mobility management procedures, including 27 previously unreported issues, and generated corresponding test-cases. Simulating 14 of them, we have found 9 vulnerabilities, five of which are new. The zero-shot approach is effective in detecting procedural and validation flaws, while the domain-aware method excels in finding protocol violations and advanced attack scenarios. These findings validate our methodology and demonstrate its strength in discovering both known and novel vulnerabilities in 5G protocols.
External IDs:dblp:journals/tifs/ShahriarHRIHHL25
Loading