{"id":"https://openalex.org/W4416549491","doi":"https://doi.org/10.1145/3719027.3744855","title":"Measuring and Augmenting Large Language Models for Solving Capture-the-Flag Challenges","display_name":"Measuring and Augmenting Large Language Models for Solving Capture-the-Flag Challenges","publication_year":2025,"publication_date":"2025-11-19","ids":{"openalex":"https://openalex.org/W4416549491","doi":"https://doi.org/10.1145/3719027.3744855"},"language":"en","primary_location":{"id":"doi:10.1145/3719027.3744855","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3719027.3744855","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Zimo Ji","orcid":"https://orcid.org/0009-0002-7014-9030"},"institutions":[{"id":"https://openalex.org/I200769079","display_name":"Hong Kong University of Science and Technology","ror":"https://ror.org/00q4vv597","country_code":"HK","type":"education","lineage":["https://openalex.org/I200769079"]}],"countries":["HK"],"is_corresponding":false,"raw_author_name":"Zimo Ji","raw_affiliation_strings":["Hong Kong University of Science and Technology, Hong Kong, China"],"raw_orcid":"https://orcid.org/0009-0002-7014-9030","affiliations":[{"raw_affiliation_string":"Hong Kong University of Science and Technology, Hong Kong, China","institution_ids":["https://openalex.org/I200769079"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5063510532","display_name":"Daoyuan Wu","orcid":"https://orcid.org/0000-0002-3752-0718"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Daoyuan Wu","raw_affiliation_strings":["Lingnan University, Hong Kong, China"],"raw_orcid":"https://orcid.org/0000-0002-3752-0718","affiliations":[{"raw_affiliation_string":"Lingnan University, Hong Kong, China","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5111260534","display_name":"Wenyuan Jiang","orcid":"https://orcid.org/0000-0003-4646-7960"},"institutions":[{"id":"https://openalex.org/I35440088","display_name":"ETH Zurich","ror":"https://ror.org/05a28rw58","country_code":"CH","type":"education","lineage":["https://openalex.org/I2799323385","https://openalex.org/I35440088"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Wenyuan Jiang","raw_affiliation_strings":["D-INFK, ETH Zurich, Zurich, Switzerland"],"raw_orcid":"https://orcid.org/0000-0003-4646-7960","affiliations":[{"raw_affiliation_string":"D-INFK, ETH Zurich, Zurich, Switzerland","institution_ids":["https://openalex.org/I35440088"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101728918","display_name":"Pingchuan Ma","orcid":"https://orcid.org/0000-0001-7680-2817"},"institutions":[{"id":"https://openalex.org/I200769079","display_name":"Hong Kong University of Science and Technology","ror":"https://ror.org/00q4vv597","country_code":"HK","type":"education","lineage":["https://openalex.org/I200769079"]}],"countries":["HK"],"is_corresponding":false,"raw_author_name":"Pingchuan Ma","raw_affiliation_strings":["Hong Kong University of Science and Technology, Hong Kong, China"],"raw_orcid":"https://orcid.org/0000-0001-7680-2817","affiliations":[{"raw_affiliation_string":"Hong Kong University of Science and Technology, Hong Kong, China","institution_ids":["https://openalex.org/I200769079"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101884078","display_name":"Zongjie Li","orcid":"https://orcid.org/0000-0002-9897-4086"},"institutions":[{"id":"https://openalex.org/I200769079","display_name":"Hong Kong University of Science and Technology","ror":"https://ror.org/00q4vv597","country_code":"HK","type":"education","lineage":["https://openalex.org/I200769079"]}],"countries":["HK"],"is_corresponding":false,"raw_author_name":"Zongjie Li","raw_affiliation_strings":["Hong Kong University of Science and Technology, Hong Kong, China"],"raw_orcid":"https://orcid.org/0000-0002-9897-4086","affiliations":[{"raw_affiliation_string":"Hong Kong University of Science and Technology, Hong Kong, China","institution_ids":["https://openalex.org/I200769079"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100328264","display_name":"Shuai Wang","orcid":"https://orcid.org/0000-0002-0866-0308"},"institutions":[{"id":"https://openalex.org/I200769079","display_name":"Hong Kong University of Science and Technology","ror":"https://ror.org/00q4vv597","country_code":"HK","type":"education","lineage":["https://openalex.org/I200769079"]}],"countries":["HK"],"is_corresponding":false,"raw_author_name":"Shuai Wang","raw_affiliation_strings":["Hong Kong University of Science and Technology, Hong Kong, China"],"raw_orcid":"https://orcid.org/0000-0002-0866-0308","affiliations":[{"raw_affiliation_string":"Hong Kong University of Science and Technology, Hong Kong, China","institution_ids":["https://openalex.org/I200769079"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.46175172,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"603","last_page":"617"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.18950000405311584,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.18950000405311584,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.1687999963760376,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10883","display_name":"Ethics and Social Impacts of AI","score":0.05829999968409538,"subfield":{"id":"https://openalex.org/subfields/3311","display_name":"Safety Research"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/construct","display_name":"Construct (python library)","score":0.6686000227928162},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.6491000056266785},{"id":"https://openalex.org/keywords/core","display_name":"Core (optical fiber)","score":0.5932999849319458},{"id":"https://openalex.org/keywords/measure","display_name":"Measure (data warehouse)","score":0.5473999977111816},{"id":"https://openalex.org/keywords/competition","display_name":"Competition (biology)","score":0.39399999380111694},{"id":"https://openalex.org/keywords/language-model","display_name":"Language model","score":0.33149999380111694}],"concepts":[{"id":"https://openalex.org/C2780801425","wikidata":"https://www.wikidata.org/wiki/Q5164392","display_name":"Construct (python library)","level":2,"score":0.6686000227928162},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6585999727249146},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.6491000056266785},{"id":"https://openalex.org/C2164484","wikidata":"https://www.wikidata.org/wiki/Q5170150","display_name":"Core (optical fiber)","level":2,"score":0.5932999849319458},{"id":"https://openalex.org/C2780009758","wikidata":"https://www.wikidata.org/wiki/Q6804172","display_name":"Measure (data warehouse)","level":2,"score":0.5473999977111816},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.39879998564720154},{"id":"https://openalex.org/C91306197","wikidata":"https://www.wikidata.org/wiki/Q45767","display_name":"Competition (biology)","level":2,"score":0.39399999380111694},{"id":"https://openalex.org/C539667460","wikidata":"https://www.wikidata.org/wiki/Q2414942","display_name":"Management science","level":1,"score":0.3896999955177307},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.37369999289512634},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.35830000042915344},{"id":"https://openalex.org/C137293760","wikidata":"https://www.wikidata.org/wiki/Q3621696","display_name":"Language model","level":2,"score":0.33149999380111694},{"id":"https://openalex.org/C2780791683","wikidata":"https://www.wikidata.org/wiki/Q846785","display_name":"Action (physics)","level":2,"score":0.29510000348091125},{"id":"https://openalex.org/C9652623","wikidata":"https://www.wikidata.org/wiki/Q190109","display_name":"Field (mathematics)","level":2,"score":0.2888000011444092},{"id":"https://openalex.org/C164065428","wikidata":"https://www.wikidata.org/wiki/Q1201929","display_name":"Core competency","level":2,"score":0.27129998803138733},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.26010000705718994}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3719027.3744855","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3719027.3744855","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:repository.hkust.edu.hk:1783.1-167299","is_oa":false,"landing_page_url":"http://repository.hkust.edu.hk/ir/Record/1783.1-167299","pdf_url":null,"source":{"id":"https://openalex.org/S4306401796","display_name":"Rare & Special e-Zone (The Hong Kong University of Science and Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I200769079","host_organization_name":"Hong Kong University of Science and Technology","host_organization_lineage":["https://openalex.org/I200769079"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Conference paper"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":14,"referenced_works":["https://openalex.org/W2984798626","https://openalex.org/W4309193197","https://openalex.org/W4311165836","https://openalex.org/W4378591002","https://openalex.org/W4385187421","https://openalex.org/W4385507608","https://openalex.org/W4391376033","https://openalex.org/W4391579642","https://openalex.org/W4391724785","https://openalex.org/W4393160302","https://openalex.org/W4394769342","https://openalex.org/W4405938039","https://openalex.org/W4408749890","https://openalex.org/W4411552805"],"related_works":[],"abstract_inverted_index":{"Capture-the-Flag":[0],"(CTF)":[1],"competitions":[2],"are":[3],"crucial":[4],"for":[5],"cybersecurity":[6],"education":[7],"and":[8,53,71,94,104,131],"training.":[9],"With":[10],"the":[11,62],"evolution":[12],"of":[13,44,47,64,97],"large":[14],"language":[15],"models":[16],"(LLMs),":[17],"there":[18],"is":[19],"growing":[20],"interest":[21],"in":[22,67,85,100],"their":[23],"ability":[24],"to":[25,51,55,81,107,124,128],"automate":[26],"CTF":[27,69,102,109,137],"challenge":[28],"solving,":[29],"with":[30,78],"DARPA's":[31],"AIxCC":[32],"competition":[33],"(since":[34],"2023)":[35],"being":[36],"a":[37,42,74,92],"notable":[38],"example.":[39],"However,this":[40],"demands":[41],"combination":[43],"multiple":[45],"abilities":[46],"LLMs,":[48],"from":[49,136],"knowledge":[50,66,103],"reasoning":[52],"further":[54],"actions.":[56],"In":[57],"this":[58,86],"paper,":[59],"we":[60],"highlight":[61],"importance":[63],"technical":[65,120],"solving":[68],"problems":[70],"deliberately":[72],"construct":[73],"focused":[75,93],"benchmark,":[76],"CTFKnow,":[77],"3,992":[79],"questions":[80],"measure":[82],"LLMs'":[83,98],"performance":[84],"core":[87],"aspect.":[88],"Our":[89,111],"study":[90],"offers":[91],"innovative":[95],"measurement":[96],"capability":[99],"understanding":[101],"applying":[105],"it":[106,126],"solve":[108],"challenges.":[110],"key":[112],"findings":[113],"reveal":[114],"that":[115],"while":[116],"LLMs":[117],"possess":[118],"substantial":[119],"knowledge,":[121],"they":[122],"struggle":[123],"apply":[125],"accurately":[127],"specific":[129],"scenarios":[130],"adapt":[132],"based":[133],"on":[134],"feedback":[135],"environments.":[138]},"counts_by_year":[],"updated_date":"2026-07-02T09:51:11.867554","created_date":"2025-11-23T00:00:00"}
