When Ying Zhang ’23 was a graduate student at Virginia Tech, she spent years learning to think like an attacker—scrutinizing software for hidden vulnerabilities that developers miss and that malicious actors exploit.
As an assistant professor at Wake Forest University, Zhang has returned to this work and the people who shaped it. She and her former doctoral supervisors in the Department of Computer Science, Associate Professor Na Meng and Professor Anfeng “Daphne” Yao, have continued to publish influential research together, this time with a new cohort of doctoral students. Students work with them.
The result is new research that says the best way for the cybersecurity community to protect against software vulnerabilities is to train artificial intelligence (AI) to identify and attack them. Their study of their approach will be presented on July 7 in Montreal, Canada, at the ACM International Conference on the Foundations of Software Engineering, one of the industry’s leading venues.
Table of Contents
Finding the exploit in the haystack
At the heart of their work is a problem that most people never see, but that affects everyone: software vulnerabilities. Every time a person uses an app, buys something online, or interacts with a digital service, their data is transferred through invisible connectors called application programming interfaces, or APIs.
“You can think of an API as a communication channel between two pieces of software,” Zhang said. “If the API accepts malicious or unexpected input without performing proper validation and security checks, attackers can exploit these vulnerabilities to exploit vulnerabilities, compromise systems, or launch successful cyberattacks.”
These vulnerabilities are everywhere. Modern applications are built in layers, stacking third-party libraries and external code on top of each other in a way that makes it nearly impossible for a developer to track every potential risk. A bug hidden deep in a layer can propagate upward, silently exposing systems that developers didn’t even know were at risk.
The problem is not just technical. It’s human. Developers, under constant pressure to deliver working software, tend to view security as an afterthought.
“Most of the time, security is viewed as a second-class citizen,” Meng said. “Developers often prioritize functionality over security, especially when the risks are not immediately visible.”
Raising awareness to protect systems
Meng and Yao’s approach to closing this gap is as clever as it is counterintuitive: To defend the software, they teach artificial intelligence to attack it.
In collaboration with Zhang and current Ph.D. As computer science students, the team developed a system that uses large language models — the same underlying technology that powers tools like ChatGPT — to automatically generate what researchers call “proof-of-concept exploits.” These are step-by-step demonstrations that show exactly how a real attacker can exploit a known vulnerability.
The logic is simple but effective. If a developer sees an abstract warning that their software has a vulnerability, they may ignore it or postpone the fix.
“When developers need strong motivation, they say, ‘Show me the exploit,'” Zhang said. “Then they will make the changes.”
During testing, the system successfully generated proof-of-concept exploits with a high level of reliability. This is a significant step forward in solving a problem that has long resisted automated solutions. The goal, Zhang said, is entirely defensive: to help developers understand and address risks before malicious actors first discover them.
The novelty of the approach has attracted widespread attention. OpenAI has shown interest in the project, an early sign that it is gaining traction beyond academic circles.
Automate security
A second important research focus of the team is on the software supply chain. This complex web of dependencies connects modern applications. The team develops automated tools to identify which specific APIs within software are vulnerable. This information is often missing or incomplete, leaving developers without a clear idea of where to focus their security efforts.
“It is difficult for developers to conduct code inspections or locate vulnerabilities when this information is missing,” Zhang said. “So we try to derive it automatically.”
The more connected software becomes, the more important this precision becomes. Knowing that a vulnerability exists somewhere in a system is far less useful than knowing exactly where it is and what it would take to exploit it.
The circle closes
For the doctoral students in the team, working with Zhang has a special resonance. She was once exactly where they are now: learning the craft of cybersecurity research in the same labs, under the same consultants, and asking the same questions.
“Working with Professor Zhang, I learned that good software engineering and security research requires patience and care,” said computer science doctoral student and co-author Zhengjie Ji. “She showed me that the results have to be solid enough for us to stand behind, and that when we write we make the logic of the work clear to others.”
Wenjia Song ’24 also worked on the project as a graduate student. She later worked at Google, Meng said.
For Meng and Yao, continued collaboration with Zhang is a reminder of how sustained mentoring produces colleagues who return to further advance the work.
“Dr. Zhang is a software developer whisperer,” Yao said. “She cares deeply about the challenges she faces every day. Her focus on developing innovative solutions to real-world needs is inspiring.”
This work was supported by the National Science Foundation, the Office of Naval Research, and the Commonwealth Cyber Initiative. Yao is affiliate faculty of the Sanghani Center for Artificial Intelligence and Data Analytics.
https://news.vt.edu/articles/2026/06/eng-cs-to-defend-your-software-teach-AI-to-break-it.html
