AI for Cybersecurity Research Lunch

Format: The lunch is held every Tuesday during Fall 2025 in PETR 414 from 12:00 PM to 1:00 PM. If you’d like to give a talk, please contact Ze Sheng with an abstract (zesheng@tamu.edu).

Mailing List: aicybersecurity-research-lunch@lists.tamu.edu

Previous Meetings:: View All Past Events

Slides/Paper of Previous Meetings:Here

🍔Ordering Food🍔: Coming Soon

Upcoming Schedule

Towards AI-enabled Proactive Cyber Defense

Date: 09/16/2025

Speakers: Dr. Guofei Gu

Time: 12:00pm - 1:00pm
Location: PETR 414

Abstract: Why does security still fail? When does AI help—and when doesn’t it? This inspirational talk distills key insights and discusses new game-changing, proactive cyber defense strategies.

BIO: Dr. Guofei Gu is the Eppright Professor of Computer Science and Engineering at Texas A&M University and an IEEE Fellow. He directs the SUCCESS Lab, where his team is dedicated to making networking and computing more secure.

Please feel free to join us at 12:00pm every Tuesday. If you want to schedule a talk, email Ze Sheng at zesheng@tamu.edu.



Large Scale Vulnerability Discovery with LLMs

Date: 09/23/2025

Speakers: Tyler Nighswander

Time: 12:00pm - 1:00pm
Location: PETR 414

Abstract: LLMs and generative AI have shown effectiveness in many software domains. Despite their issues with accuracy, hallucinations, nondeterminism, and limited context windows, LLMs are already demonstrating incredible results finding real software vulnerabilities today. We will explore how agent design and structuring of the vulnerability discovery process can overcome some of these limitations to find bugs in large codebases using LLMs. We will also discuss some of the ways that LLMs can work with traditional techniques for bug finding and why LLMs offer new possibilities for this area.

BIO: Tyler Nighswander works on software security research and development at Theori. He has been playing Capture The Flag contests since 2009 with Carnegie Mellon University’s Plaid Parliament of Pwning, winning DEF CON CTF 9 times. Tyler was a member of the winning DARPA Cyber Grand Challenge team Mayhem in 2016, and was the lead for team Theori’s 3rd place team at DARPA’s AI Cyber Challenge in 2025. His research areas of interest include fuzzing, automatic bug finding, and reverse engineering.

Please feel free to join us at 12:00pm every Wednesday. If you want to schedule a talk, email Ze Sheng at zesheng@tamu.edu.



Cancelled - Mid-term Exams

Date: 09/30/2025

Speakers: N/A

Due to mid-term exams, this week’s AI for Cybersecurity Research Lunch is cancelled.

Please feel free to join us at 12:00pm every Tuesday. If you want to schedule a talk, email Ze Sheng at zesheng@tamu.edu.



All You Need Is A Fuzzing Brain: An LLM-Powered System for Automated Vulnerability Detection and Patching

Date: 10/07/2025

Speakers: Ze Sheng, Qingxiao Xu and Matthew Woodcock

Time: 12:00pm - 1:00pm
Location: PETR 414

Abstract: Our team, All You Need Is A Fuzzing Brain, was one of seven finalists in DARPA’s Artificial Intelligence Cyber Challenge (AIxCC), placing fourth in the final round. During the competition, we developed a Cyber Reasoning System (CRS) that autonomously discovered 28 security vulnerabilities—including six previously unknown zero-days—in real-world open-source C and Java projects, and successfully patched 14 of them. The complete CRS is open source at github.com/o2lab/afc-crs-all-you-need-is-a-fuzzing-brain.

This paper provides a detailed technical description of our CRS, with an emphasis on its LLM-powered components and strategies. Building on AIxCC, we further introduce a public leaderboard for benchmarking state-of-the-art LLMs on vulnerability detection and patching tasks, derived from the AIxCC dataset. The leaderboard is available at o2lab.github.io/FuzzingBrain-Leaderboard.

Speaker Bio: Ze Sheng, Qingxiaoxu and Matthew Woodcock are students advisded by De. Jeff Huang

Please feel free to join us at 12:00pm every Tuesday. If you want to schedule a talk, email Ze Sheng at zesheng@tamu.edu.



Cancelled - Fall Break

Date: 10/14/2025

Speakers: TBD

Time: 12:00pm - 1:00pm
Location: PETR 414

No meeting this week.

Please feel free to join us at 12:00pm every Tuesday. If you want to schedule a talk, email Ze Sheng at zesheng@tamu.edu.



Cancelled - Rescheduled to 11/11

Date: 10/21/2025

Speakers: Dr. Zhiyuan Yu

This talk has been rescheduled to November 11, 2025.

Please feel free to join us at 12:00pm every Tuesday. If you want to schedule a talk, email Ze Sheng at zesheng@tamu.edu.



Cyber-Physical Security Through the Lens of AI-Enabled Systems

Date: 10/28/2025

Speakers: Dr. Zhiyuan Yu

Time: 12:00pm - 1:00pm Location: PETR 414

Abstract: Cyber-physical systems (CPS), powered by emerging artificial intelligence (AI) technologies, have become integral to various critical domains such as the Internet of Things (IoTs), medical devices, and autonomous vehicles. A unique aspect of these systems lies in their interactions with the physical world, by perceiving environments through heterogeneous modalities (perception), processing digital data with intelligence algorithms (computing), and autonomously actuating controls that affect physical processes (actuation). While this intricate fusion of cyber and physical components has unlocked unprecedented capabilities, it has also introduced new security challenges. However, traditional security measures often fall short in addressing these multifaceted threats. Under this paradigm shift, I systematically explore and mitigate the threats inherent in AI-enabled cyber-physical systems. The research objectives are threefold: (1) investigating how the interplay of cyber and physical components opens up novel attack and defense vectors, (2) developing robust defense strategies grounded by physical laws and constraints, and (3) benchmarking and theoretically analyzing security trade-offs from algorithmic, system-level, and human-centric perspectives. By bridging the gap between cyber and physical domains, my research enhances the resilience and trustworthiness of modern CPS while retaining system efficiency and usability.

Speaker Bio: Dr. Zhiyuan Yu is an Assistant Professor in the Department of Computer Science and Engineering (CSE) at Texas A&M University. His research lies at the intersection of security, AI, and cyber-physical systems, with a particular focus on securing AI-enabled systems that tightly couple sensing, decision-making, and actuation. He’s especially interested in understanding and defending the complex interactions between the cyber and physical components in embodied AI, spanning domains like autonomous vehicles, medical imaging, and GenAI applications. His work has been recognized with the Distinguished Paper Award at USENIX Security 2024 and the Distinguished Artifact Award at USENIX Security 2023. One of his recent projects also won the 2024 Federal Trade Commission Voice Cloning Challenge, and he was named a Machine Learning and Systems Rising Star in 2024.

Please feel free to join us at 12:00pm every Tuesday. If you want to schedule a talk, email Ze Sheng at zesheng@tamu.edu.



Malware Detection under Concept Drift: Science and Engineering

Date: 11/04/2025

Speakers: Marcus Botacin

Time: 12:00pm - 1:00pm Location: PETR 414

Abstract: The current largest challenge in ML-based malware detection is maintaining high detection rates while samples evolve, causing classifiers to drift. What is the best way to solve this problem? In this talk, Dr. Botacin presents two views on the problem: the scientific and the engineering. In the first part of the talk, Dr. Botacin discusses how to make ML-based drift detectors explainable. The talk discusses how one can split the classifier knowledge into two: (1) the knowledge about the frontier between Malware (M) and Goodware (G); and (2) the knowledge about the concept of the (M and G) classes, to understand whether the concept or the classification frontier changed. The second part of the talk discusses how the experimental conditions in which the drift handling approaches are developed often mismatch the real deployment settings, causing the solutions to fail to achieve the desired results. Dr Botacin points out ideal assumptions that do not hold in reality, such as: (1) the amount of drifted data a system can handle, and (2) the immediate availability of oracle data for drift detection, when in practice, a scenario of label delays is much more frequent. The talk demonstrates a solution for these problems via a 5K+ experiment, which illustrates (1) how to explain every drift point in a malware detection pipeline and (2) how an explainable drift detector also makes online retraining to achieve higher detection rates and requires fewer retraining points than traditional approaches.

Speaker Bio: Dr. Botacin is a Computer Science Assistant Professor at Texas A&M University (TAMU, USA) since 2022. Ph.D. in Computer Science (UFPR, Brazil), Master’s in Computer Science and Computer Engineering (UNICAMP, Brazil). Malware Analyst since 2012. Specialist in AV engines and Sandbox Development. Dr. Botacin published research papers at major academic conferences and journals. Dr. Botacin also presented his work at major industry and hacking conferences, such as HackInTheBox and Hou.Sec.Con.

Speaker Page: https://marcusbotacin.github.io/

Please feel free to join us at 12:00pm every Tuesday. If you want to schedule a talk, email Ze Sheng at zesheng@tamu.edu.



AI-Assisted Hardware Fuzzing: From Search to Systematic Knowledge Reuse

Date: 11/11/2025

Speakers: Chen Chen

Time: 12:00pm - 1:00pm Location: PETR 414

Abstract: Hardware fuzzing has shown promise in detecting vulnerabilities in large-scale designs like modern processors. In the era of AI, a natural question arises: how can AI be leveraged to improve the efficiency of hardware fuzzing?

In this talk, Chen begins with a concise introduction to hardware fuzzing. He then frames AI techniques as two complementary roles for fuzzing: (1) search algorithms that guide test-generation and (2) learning algorithms that extract and reuse knowledge across designs. Chen first introduces a family of AI-assisted fuzzers that utilize particle-swarm optimization, multi-armed bandits, and LLM+reinforcement Learning to select mutation strategies, prioritize inputs, and allocate testing resources. He next describes the industrial processor design and verification flow, where design and test reuse are central principles, and shows how AI can add value while preserving the reuse trend. Specifically, Chen highlights a missed opportunity: most advanced fuzzers are treated as advanced alternatives to random testing rather than as strategies for systematic knowledge reuse. To address this gap, Chen introduces a contextual bandit-based approach that identifies and reuses highly effective tests from prior processors, improving fuzzing efficiency and accelerating vulnerability discovery on new processors.

Speaker Bio: Chen Chen is a Ph.D. student in the Department of Electrical and Computer Engineering at Texas A&M University, advised by Dr. Jeyavijayan (JV) Rajendran. He received his B.S. degree from Purdue University. His research focuses on hardware security. Chen has published papers in top-tier conferences, such as USENIX Security, DAC, ICCAD, and DATE. He is the recipient of the Distinguished Paper Award and the Distinguished Artifact Evaluation Reviewer Award at USENIX Security 2024. He also co-organizes HackTheSilicon, the world’s largest hardware security capture-the-flag competitions, co-located with DAC, USENIX Security, CHES, and DATE.

Speaker Page: https://www.chenc.contact/

Please feel free to join us at 12:00pm every Tuesday. If you want to schedule a talk, email Ze Sheng at zesheng@tamu.edu.



Date: 11/17/2025

Speakers:

Time: 12:00pm - 1:00pm
Location: PETR 414

Abstract: Modern web applications increasingly rely on complex client-side logic and stateful multi-request workflows that fundamentally challenge traditional black-box security testing approaches. Existing web application scanners achieve poor code coverage and miss critical vulnerability classes due to the lack of understanding in application state transitions and client-driven logic flows. We present DeepStitch, which leverages LLM-driven logic reconstruction and client-side instrumentation to understand how the application is structured. By inferring hidden application workflows from client-side observations, DeepStitch enables discovery of complex vulnerability chains that require multi-step exploits. In the evaluation of the popular GitHub repositories, DeepStitch discovered 7 previously unknown vulnerabilities. These results establish DeepStitch as a significant advancement in automated web security testing.

Speaker Bio: Jianwei is a Ph.D. student in SUCCESS Lab in the Department of Computer Science and Engineering at Texas A&M University. His research interests focus on System Security & Web Security. Besides that, he is active in finding vulnerabilities in various applications.

Please feel free to join us at 12:00pm every Tuesday. If you want to schedule a talk, email Ze Sheng at zesheng@tamu.edu.



TBD

Date: 12/02/2025

Speakers: TBD

Time: 12:00pm - 1:00pm
Location: PETR 414

Abstract: TBD

Speaker Bio: TBD

Please feel free to join us at 12:00pm every Tuesday. If you want to schedule a talk, email Ze Sheng at zesheng@tamu.edu.



TBD

Date: 12/09/2025

Speakers: TBD

Time: 12:00pm - 1:00pm
Location: PETR 414

Abstract: TBD

Speaker Bio: TBD

Please feel free to join us at 12:00pm every Tuesday. If you want to schedule a talk, email Ze Sheng at zesheng@tamu.edu.



TBD

Date: 12/16/2025

Speakers: TBD

Time: 12:00pm - 1:00pm
Location: PETR 414

Abstract: TBD

Speaker Bio: TBD

Please feel free to join us at 12:00pm every Tuesday. If you want to schedule a talk, email Ze Sheng at zesheng@tamu.edu.