点击次数：
DOI码：10.1109/TDSC.2026.3665343
发表刊物：IEEE Transactions on Dependable and Secure Computing
关键字：Microprogramming, Internet of Things, Security, Codes, Semantics, Web services, Large language models, Accuracy, HTTP, Computer architecture
摘要：IoT devices have become deeply integrated into our daily lives, making comprehensive security research on critical infrastructure devices increasingly important. Static analysis techniques, particularly those leveraging taint propagation, have demonstrated promise in identifying security vulnerabilities within these devices, effectively detecting critical vulnerabilities. However, current solutions often struggle with limitations in both detection efficiency and accuracy. To address these challenges, this paper introduces Liva, a novel static taint analysis tool designed for detecting web vulnerabilities in IoT devices. Liva employs a large language model (LLM) multi-agent approach for static binary taint analysis, primarily leveraging fine-tuned open-source models and commercial LLMs to improve source/sink identification and taint data analysis—areas where traditional methods often fall short—thereby enhancing overall analysis efficiency. LIVA's core analysis engine leverages a Qwen3-32B open-source model that has been fine-tuned using a dataset of 3,000 real-world device samples. This fine-tuned model achieves a 3 percentage point improvement in accuracy for identifying taint data propagation relationships compared to commercial LLMs, while also increasing average analysis efficiency by 5.5%. A comprehensive evaluation of Liva, conducted on a dataset of 64 devices from 11 vendors, revealed that it detected 309 and 349 more known vulnerabilities than the state-of-the-art solutions SaTC and Karonte, respectively, while simultaneously reducing false positive rates by 59.4% and 67.6%. Liva achieves a recall of 98.1% and a precision of 74.6%, with a 6.7× reduction in analysis time compared to the best-performing baseline. Furthermore, in the realm of zero-day vulnerability detection, Liva discovered 64 previously unknown vulnerabilities, 39 of which have since been assigned official CVE/CNVD identifiers.
合写作者：Mingsheng Tang
论文类型：期刊论文
一级学科：计算机科学与技术
文献类型：期刊
是否译文：否
发表时间：2026-02-16
收录刊物：SCI