LLM-Driven, Self-Improving Framework for Security Test Automation: Leveraging Karate DSL for Augmented API Resilience

Publications

LLM-Driven, Self-Improving Framework for Security Test Automation: Leveraging Karate DSL for Augmented API Resilience

LLM-Driven, Self-Improving Framework for Security Test Automation: Leveraging Karate DSL for Augmented API Resilience
Emil Marian Pasca, Daniela Delinschi, Rudolf Erdei, Oliviu Matei

Abstract. This paper introduces Karate-BOLA-Guard, an LLM-driven, self-improving framework for security test automation that leverages the Karate DSL to enhance API resilience. The framework combines Large Language Models with Retrieval-Augmented Generation (RAG) techniques to automatically synthesize security-focused test cases, with particular emphasis on Broken Object Level Authorization (BOLA) and related authorization issues. A feedback loop allows the system to refine the generated tests based on past execution results, vulnerability reports and updated API specifications. Experimental results on representative APIs demonstrate that the framework substantially increases security test coverage and detection rates while reducing manual effort, contributing to more resilient and continuously protected APIs.

Keywords: API security; LLM; Karate DSL; BOLA; self-improving frameworks; security test automation

📋 Cite this publication



Emil Marian Pasca, Daniela Delinschi, Rudolf Erdei, Oliviu Matei, "LLM-Driven, Self-Improving Framework for Security Test Automation: Leveraging Karate DSL for Augmented API Resilience", IEEE Access, vol. 13, 2025, 2023. DOI: https://doi.org/10.1109/ACCESS.2025.3554960.


Reference: IEEE Access, vol. 13, 2025. DOI: 10.1109/ACCESS.2025.3554960

Evaluation of Feature Selection Methods in Estimation of Precipitation Based on Deep Learning Artificial Neural Networks

Evaluation of Feature Selection Methods in Estimation of Precipitation Based on Deep Learning Artificial Neural Networks

,

Precipitation is the most important element of the water cycle and an indispensable element of water resources management. This paper aims to model the monthly precipitation in 8 precipitation observation stations. The effects and role of different feature weights pre-processing methods (Weight by deviation, Weight by PCA, Weight by correlation, and Weight by Support Vector Machine) on artificial intelligence modeling were investigated.

read more
A Comparison of different crossover operators in genetic algorithms for clusters shortest-path tree problem

A Comparison of different crossover operators in genetic algorithms for clusters shortest-path tree problem

, ,

The clustered shortest-path tree (CluSPT) problem is an extension of the classical shortest path problem, given a graph with the nodes partitioned into several mutually exclusive and collectively exhaustive clusters looks for a shortest-path spanning tree from a predefined source node to all the other nodes of the graph, with the property that every cluster should generate a connected subgraph.

read more
A comprehensive survey on the generalized traveling salesman problem

A comprehensive survey on the generalized traveling salesman problem

, ,

The generalized traveling salesman problem (GTSP) is an extension of the classical traveling salesman
problem (TSP), and it is among the most researched combinatorial optimization problems due to its theoretical properties, complexity aspects, and real-life applications in various areas: location-routing problems, material flow design problem, distribution of medical supplies, urban waste collection management, airport selection and routing the courier airplanes, image retrieval and ranking, digital garment manufacturing, etc.

read more

Other publications

0 Comments