LLM-Driven, Self-Improving Framework for Security Test Automation: Leveraging Karate DSL for Augmented API Resilience

Publications

LLM-Driven, Self-Improving Framework for Security Test Automation: Leveraging Karate DSL for Augmented API Resilience

LLM-Driven, Self-Improving Framework for Security Test Automation: Leveraging Karate DSL for Augmented API Resilience
Emil Marian Pasca, Daniela Delinschi, Rudolf Erdei, Oliviu Matei

Abstract. This paper introduces Karate-BOLA-Guard, an LLM-driven, self-improving framework for security test automation that leverages the Karate DSL to enhance API resilience. The framework combines Large Language Models with Retrieval-Augmented Generation (RAG) techniques to automatically synthesize security-focused test cases, with particular emphasis on Broken Object Level Authorization (BOLA) and related authorization issues. A feedback loop allows the system to refine the generated tests based on past execution results, vulnerability reports and updated API specifications. Experimental results on representative APIs demonstrate that the framework substantially increases security test coverage and detection rates while reducing manual effort, contributing to more resilient and continuously protected APIs.

Keywords: API security; LLM; Karate DSL; BOLA; self-improving frameworks; security test automation

📋 Cite this publication



Emil Marian Pasca, Daniela Delinschi, Rudolf Erdei, Oliviu Matei, "LLM-Driven, Self-Improving Framework for Security Test Automation: Leveraging Karate DSL for Augmented API Resilience", IEEE Access, vol. 13, 2025, 2023. DOI: https://doi.org/10.1109/ACCESS.2025.3554960.


Reference: IEEE Access, vol. 13, 2025. DOI: 10.1109/ACCESS.2025.3554960

Guide in Designing an Asynchronous Performance-Centric Framework for Heterogeneous Microservices in Time-Critical Cybersecurity Applications. The BIECO Use Case

Guide in Designing an Asynchronous Performance-Centric Framework for Heterogeneous Microservices in Time-Critical Cybersecurity Applications. The BIECO Use Case

The generalized traveling salesman problem (GTSP) is an extension of the classical traveling salesman
problem (TSP), and it is among the most researched combinatorial optimization problems due to its theoretical properties, complexity aspects, and real-life applications in various areas: location-routing problems, material flow design problem, distribution of medical supplies, urban waste collection management, airport selection and routing the courier airplanes, image retrieval and ranking, digital garment manufacturing, etc.

read more
Trend-Enabled Recommender System with Diversity Enhancer for Crop Recommendation

Trend-Enabled Recommender System with Diversity Enhancer for Crop Recommendation

,

The generalized traveling salesman problem (GTSP) is an extension of the classical traveling salesman
problem (TSP), and it is among the most researched combinatorial optimization problems due to its theoretical properties, complexity aspects, and real-life applications in various areas: location-routing problems, material flow design problem, distribution of medical supplies, urban waste collection management, airport selection and routing the courier airplanes, image retrieval and ranking, digital garment manufacturing, etc.

read more

Other publications

0 Comments