Augmenting API Security Testing with Automated LLM-Driven Test Generation
Augmenting API Security Testing with Automated LLM-Driven Test Generation
Emil Marian Pasca, Rudolf Erdei, Daniela Delinschi, Oliviu Matei
Abstract. API security testing is an essential step in modern software development, but manually crafting comprehensive test suites for security vulnerabilities is time-consuming and prone to human bias. This paper proposes a framework that augments API security testing with Large Language Model (LLM) driven automated test generation. The approach leverages LLMs to interpret OpenAPI specifications and produce contextually relevant security test cases that target common vulnerability classes (injection, broken object level authorization, mass assignment, etc.). The generated tests are integrated with established API testing pipelines to provide continuous and reproducible security validation. Initial experimental results indicate that the LLM-driven generation expands the coverage of security tests beyond what is typically achievable with rule-based or human-written test suites.
Keywords: API security; large language models; automated test generation; OWASP API Top 10; software testing
📋 Cite this publication
Emil Marian Pasca, Rudolf Erdei, Daniela Delinschi, Oliviu Matei, "Augmenting API Security Testing with Automated LLM-Driven Test Generation", Proc. 17th Int. Conf. on Computational Intelligence in Security for Information Systems (CISIS 2024), 2024, 2023.
Reference: Proc. 17th Int. Conf. on Computational Intelligence in Security for Information Systems (CISIS 2024), 2024.
Benefits and limitations of digitalization in managing European Social funded projects
Benefits and limitations of digitalization in managing European Social funded projectsMatei...
A new vision of social behavior on genetic algorithm performance
A new vision of social behavior on genetic algorithm performanceAndreea Tatar, Nicolae Fat, Adrian...
A comparative study of different genetic algorithms approaches to capacitated vehicle routing problem for collection of agricultural products
A comparative study of different genetic algorithms approaches to capacitated vehicle routing...
Using Machine Learning for Identifying the Intrinsic Economic Specializations of Localities
Using Machine Learning for Identifying the Intrinsic Economic Specializations of LocalitiesOliviu...
Embedding GIS in crop field bonitation computation
Embedding GIS in crop field bonitation computationBogdan Văduva, Oliviu Matei, Anca Avram, Laura...
A comparative study of machine learning models for plant disease identification
A comparative study of machine learning models for plant disease identificationMăcelaru Mara,...
A Novel CNN Approach for Accurate Tomato Disease Classification
A Novel CNN Approach for Accurate Tomato Disease ClassificationOvidiu Cosma, Laura Cosma Abstract....
Design of a collaborative network for mapping digital skills for Industry 5.0
Design of a collaborative network for mapping digital skills for Industry 5.0Maria Gustavsson,...
Solving the clustered minimum routing tree problem using Prüfer-coding based hybrid genetic algorithms
Solving the clustered minimum routing tree problem using Prüfer-coding based hybrid genetic...
Data Quality Assessment Methodology
Data Quality Assessment MethodologyDaniela Delinschi, Rudolf Erdei, Emil Pasca, Oliviu Matei...
Privacy Assessment Methodology for Machine Learning Models and Data Sources
Privacy Assessment Methodology for Machine Learning Models and Data SourcesRudolf Erdei, Emil...
Aggregation Strategy for Federated Machine Learning Algorithm
Aggregation Strategy for Federated Machine Learning AlgorithmRudolf Erdei, Daniela Delinschi,...













0 Comments