PILOT: Command-line Interface Fuzzing via Path-Guided, Iterative Large Language Model Prompting

概要

Command-line interface (CLI) fuzzing tests programs by mutating command-line options and input files to discover vulnerabilities. However, many vulnerabilities can only be triggered when specific combinations of options and structured input files are provided, making them difficult to discover using existing fuzzing approaches. In this paper, we design a CLI fuzzing framework called PILOT (Path-guided, Iterative LLM-Orchestrated Testing). The key idea is to leverage large language models together with call-path information obtained from static analysis to generate semantically meaningful command-line options and input files. PILOT iteratively refines the generated inputs using coverage feedback. Our evaluation on 43 real-world CLI programs shows that PILOT discovered 51 previously unknown vulnerabilities, 41 of which were confirmed by developers and 33 already fixed.

参照

Momoko Shiraishi, Yinzhi Cao, Takahiro Shinagawa. PILOT: Command-line Interface Fuzzing via Path-Guided, Iterative Large Language Model Prompting. In Proceedings of the IEEE Symposium on Security and Privacy (IEEE S&P 2026), May, 2026. Acceptance Ratio: 13% (135/1070).