LLM-aided automatic modeling for security protocol verification

Author

Ziyu MAO
Jingyi WANG
Jun SUN, Singapore Management UniversityFollow
Shengchao QIN
Jiawen XIONG

Publication Type

Conference Proceeding Article

Publication Date

5-2025

Abstract

Symbolic protocol analysis serves as a pivotal technique for protocol design, security analysis, and the safeguarding of information assets. Several modern tools such as Tamarin and ProVerif have been proven successful in modeling and verifying real-world protocols, including complex protocols like TLS 1.3 and 5G AKA. However, developing formal models for protocol verification is a non-trivial task, which hinders the wide adoption of these powerful tools in practical protocol analysis. In this work, we aim to bridge the gap by developing an automatic method for generating symbolic protocol models using Large Language Models (LLMs) from protocol descriptions in natural language document. Although LLMs are powerful in various code generation tasks, it is shown to be ineffective in generating symbolic models (according to our empirical study). Therefore, rather than applying LLMs naively, we carefully decompose the symbolic protocol modeling task into several stages so that a series of formal models are incrementally developed towards generating the final correct symbolic model. Specifically, we apply LLMs for semantic parsing, enable lightweight manual interaction for disambiguation, and develop algorithms to transform the intermediate models for final symbolic model generation. To ensure the correctness of the generated symbolic model, each stage is designed based on a formal execution model and the model transformations are proven sound. To the best of our knowledge, this is the first work aiming to generate symbolic models for protocol verification from natural language documents. We also introduce a benchmark for symbolic protocol model generation, with 18 real-world security protocol's text description and their corresponding symbolic models. We then demonstrate the potential of our tool, which successfully generated correct models of moderate scale in 10 out of 18 cases. Our tool is released at [1].

Keywords

Automatic modeling, Symbolic analysis, LLMs

Discipline

Software Engineering

Research Areas

Software and Cyber-Physical Systems

Publication

Proceedings of the 2025 IEEE/ACM 47th International Conference on Software Engineering (ICSE), Ottawa, Canada, April 26 - May 6

First Page

642

Last Page

654

ISBN

9798331505691

Identifier

10.1109/ICSE55347.2025.00197

Publisher

IEEE Computer Society

City or Country

Los Alamitos, CA

Citation

MAO, Ziyu; WANG, Jingyi; SUN, Jun; QIN, Shengchao; and XIONG, Jiawen. LLM-aided automatic modeling for security protocol verification. (2025). Proceedings of the 2025 IEEE/ACM 47th International Conference on Software Engineering (ICSE), Ottawa, Canada, April 26 - May 6. 642-654.
Available at: https://ink.library.smu.edu.sg/sis_research/10297

Additional URL

https://doi.org/10.1109/ICSE55347.2025.00197