Search papers, labs, and topics across Lattice.
This paper analyzes the performance of LLM-based agentic systems for binary reverse engineering (RE) using static, dynamic, and hybrid agent approaches. The study identifies key limitations of these systems, including token constraints, difficulties with obfuscation techniques, and a lack of program guardrails. The authors then outline challenges and future research directions for improving the security applications of agentic RE systems.
LLM-powered reverse engineering agents still stumble on basic obfuscation, showing we're further from automated vulnerability discovery than recent hype suggests.
Agentic systems built on large language models (LLMs) are increasingly being used for complex security tasks, including binary reverse engineering (RE). Despite recent growth in popularity and capability, these systems continue to face limitations in realistic settings. Cutting-edge systems still fail in complex RE scenarios that involve obfuscation, timing, and unique architecture. In this work, we examine how agentic systems perform reverse engineering tasks with static, dynamic, and hybrid agents. Through an analysis of existing agentic tool usage, we identify several limitations, including token constraints, struggles with obfuscation, and a lack of program guardrails. From these findings, we outline current challenges and position future directions for system designers to overcome from a security perspective.
