HyFuzz: A Hybrid AI-Enhanced Vulnerability Detection Framework

Fu Y, German R, Al Sardy L (2025)

Publication Type: Conference contribution

Publication year: 2025

Publisher: Institute of Electrical and Electronics Engineers Inc.

Pages Range: 350-355

Conference Proceedings Title: 2025 IEEE 9th International Forum on Research and Technologies for Society and Industry, RTSI 2025 - Conference Proceedings

Event location: Tunis, TUN TN

ISBN: 9798331597887

DOI: 10.1109/RTSI64020.2025.11212261

Abstract

Vulnerability scanning remains a crucial step of cyber defence, but at the same time, current tools face a tradeoff between detection speed and the ability to uncover unknown threats. Signature-based methods provide fast verification of known exploits but fail to detect zero-day vulnerabilities, while fuzzing enables deeper exploration at the cost of time and resources. This paper introduces HyFuzz, a two-stage hybrid scanning framework that combines deterministic Common Vulnerabilities and Exposures (CVE) correlation with adaptive, AI-driven fuzzing. The first stage performs rapid fingerprinting and version matching using service banners, cross-referenced against a local CVE database and the Metasploit framework. If an exploit is confirmed, the scan terminates within approximately 3 minutes per host. If no CVE match is found, the second stage triggers coverage-guided fuzzing using BooFuzz or Hypothesis, followed by corpus expansion via a lightweight Generative Adversarial Network (GAN) or a zero-shot prompt of the 8-billion-parameter DeepSeek-r1 language model. Experiments on Apache, Nginx, and IIS demonstrate that this hybrid strategy achieves up to 10× faster detection times and a 35% improvement in crash discovery over baseline fuzzers. Although evaluation was conducted on HTTP (Hypertext Transfer Protocol), the framework is protocol-agnostic and applicable to Message Queuing Telemetry Transport (MQTT), Modbus, or Constrained Application Protocol (CoAP). The proposed “CVE-first, fuzzing-second” pipeline offers a scalable and efficient approach to vulnerability detection across diverse networked environments.

Authors with CRIS profile

Reinhard German Computer Science 7 (Computer Networks and Communication Systems) Loui Al Sardy Computer Science 7 (Computer Networks and Communication Systems)

How to cite

APA:

Fu, Y., German, R., & Al Sardy, L. (2025). HyFuzz: A Hybrid AI-Enhanced Vulnerability Detection Framework. In 2025 IEEE 9th International Forum on Research and Technologies for Society and Industry, RTSI 2025 - Conference Proceedings (pp. 350-355). Tunis, TUN, TN: Institute of Electrical and Electronics Engineers Inc..

MLA:

Fu, Yanlei, Reinhard German, and Loui Al Sardy. "HyFuzz: A Hybrid AI-Enhanced Vulnerability Detection Framework." Proceedings of the 9th IEEE International Forum on Research and Technologies for Society and Industry, RTSI 2025, Tunis, TUN Institute of Electrical and Electronics Engineers Inc., 2025. 350-355.

BibTeX: Download