Google's Naptime Framework to Boost Vulnerability Research with AI

June 25, 2024
Google's Naptime Framework to Boost Vulnerability Research with AI
  1. Home
  2. News
  3. Google's Naptime Framework to Boost Vulnerability Research with AI

Vulnerability researchers at Google’s Project Zero have introduced Naptime, a new framework that will be used to enable a large language model (LLM) to conduct vulnerability research.

The Naptime initiative started in mid-2023 and aims to improve vulnerability discovery approaches, with a particular focus on automating variant analysis.

It is called Project Naptime “because of the potential for allowing us to take regular naps while it helps us out with our jobs,” Project Zero’s Sergei Glazunov and Mark Brand wrote in a blog post on 20 June.

How Google Naptime Works

The objective of the Naptime framework is to enable an LLM to perform vulnerability research that closely mimics human security experts' iterative, hypothesis-driven approach.

“This architecture not only enhances the agent's ability to identify and analyze vulnerabilities but also ensures that the results are accurate and reproducible,” Glazunov and Brand said.

The framework’s architecture is centered around the interaction between an AI agent and its set of specialized tools designed to mimic the workflow of a human security researcher and a target codebase.

These tools include:

  • The Code Browser enables the agent to navigate through the target codebase, much like how engineers use Chromium Code Search
  • The Python enables the agent to run Python scripts in a sandboxed environment for intermediate calculations and to generate precise and complex inputs to the target program
  • The Debugger allows the agent to interact with the program and observe its behavior under different inputs. To ensure consistent reproduction and easier detection of memory corruption issues, the program is compiled with AddressSanitizer, and the debugger captures various signals indicating security-related crashes
  • The Reporter provides a structured mechanism for the agent to communicate its progress
  • When triggered by the AI agent, the Controller verifies if the success condition (typically a program crash) is met. It also allows the agent to abort the task when unable to make further progress, preventing stagnation
Tags:

No tags.

JikGuard.com, a high-tech security service provider focusing on game protection and anti-cheat, is committed to helping game companies solve the problem of cheats and hacks, and providing deeply integrated encryption protection solutions for games.

Explore Features>>

Top

Top Mobile Game Security: Essential Solutions to Protect Your Game
Top Mobile Game Security: Essential Solutions to Protect Your Game
May 7, 2025
None
Mastering String Encryption: Protect Your Games from Hackers
May 7, 2025
None
JNI Protection in Games
May 7, 2025
None
UK’s NCSC Offers Security Tips as Co-op Confirms Data Loss
May 6, 2025
None
Darcula Phishing as a Service Operation Snares 800,000+ Victims
May 6, 2025

Tags

Featured BlogsTop StoriesLayoffsBlogsCultureFeaturesGenerative AIGDC 2024Horror GamesUnityUbisoftValveStaff BlogOmdia | Game Industry AnalysisGame Developer EssentialsState of the Game Industry ReportGame Developer's 2024 Wrap-Up: Top Games Devs and TrendsGame Developer CollectiveAudioDesignerSpotlight SeriesDeep Divesunity encryption[Company] UnityArtist[Company] Xbox[Company] PlayStationCooking GamesAnti-modifierGame SecurityRootRoot detectionAssetbundle encryptionGodotCareer adviceQ&A'sGameGuardianModifierAnti-RootSignature verificationUnity Hardeningab package encryptioniOS resource encryptionCECheat EngineAnti-CrackingGame Anti-HackingAnti-Hacking

Recent

Top Mobile Game Security: Essential Solutions to Protect Your Game
Top Mobile Game Security: Essential Solutions to Protect Your Game
May 7, 2025
None
Mastering String Encryption: Protect Your Games from Hackers
May 7, 2025
None
JNI Protection in Games
May 7, 2025
None
UK’s NCSC Offers Security Tips as Co-op Confirms Data Loss
May 6, 2025
None
Darcula Phishing as a Service Operation Snares 800,000+ Victims
May 6, 2025
None
Inside DragonForce, the Group Tied to M&S, Co-op and Harrods Hacks
May 6, 2025
None
Smishing Triad Upgrades Tools and Tactics for Global Attacks
May 6, 2025
None
Texas School District Notifies Over 47,000 People of Major Data Breach
May 6, 2025
None
Bungie's content cycling on Destiny 2 causes legal kerfuffle in plagiarism suit
May 6, 2025
None
NCSoft invests in TX-based studio founded by id, Naughty Dog alums
May 6, 2025

Popular

None
Ransomware Attacks Fall in April Amid RansomHub Outage
May 5, 2025
None
TikTok Fined €530m Over Transfers of European User Data to China
May 5, 2025
None
Harrods Latest UK Retailer to Fall Victim to Cyber-Attack in Recent Days
May 2, 2025
None
Third of Online Users Hit by Account Hacks Due to Weak Passwords
May 2, 2025
None
White House Warns China of Cyber Retaliation Over Infrastructure Hacks
May 2, 2025
None
CISA Confirms Exploitation of SonicWall Vulnerabilities
May 2, 2025
None
Microsoft's Q3 report shows slight Xbox growth as fresh price hikes loom
May 2, 2025
None
GTA VI has been delayed until 2026 but now has an actual release date
May 2, 2025
None
Vox sells Polygon to Valnet in a blow to video game market
May 2, 2025
None
Compulsion Games boss: Generative AI usage 'is not mandated' at Xbox
May 2, 2025

Random

None
UK’s NCSC Offers Security Tips as Co-op Confirms Data Loss
May 6, 2025
None
UK Retailer Co-op Confirms Hack, Reports "Small Impact" to Its Systems
April 30, 2025
None
Texas School District Notifies Over 47,000 People of Major Data Breach
May 6, 2025
None
Compulsion Games boss: Generative AI usage 'is not mandated' at Xbox
May 2, 2025
None
'It was really wearing people down:' The funding challenges that followed 'runaway success' Another Crab's Treasure
May 1, 2025
None
Darcula Phishing as a Service Operation Snares 800,000+ Victims
May 6, 2025
None
Mastering String Encryption: Protect Your Games from Hackers
May 7, 2025
None
GTA VI has been delayed until 2026 but now has an actual release date
May 2, 2025
None
Smishing Triad Upgrades Tools and Tactics for Global Attacks
May 6, 2025
None
Microsoft Expands Cloud, AI Footprint Across Europe
April 30, 2025

Most Views

None
France Slams Russia’s APT28 for Four-Year Cyber-Espionage Campaign
April 30, 2025
None
JPMorgan CISO Urges SaaS Security Reset
April 30, 2025
None
US House Approves Bill to Assess Security Threats Posed by Foreign-Made Routers
April 30, 2025
None
DHS Head Accuses CISA of Acting Like “the Ministry of Truth”
April 30, 2025
None
UK Retailer Co-op Confirms Hack, Reports "Small Impact" to Its Systems
April 30, 2025
None
Microsoft Expands Cloud, AI Footprint Across Europe
April 30, 2025
None
RansomHub Refines Extortion Strategy as RaaS Market Fractures
April 30, 2025
None
Report: Russia aims to seize assets of former Wargaming subsidiary Lesta Studio
April 30, 2025
None
Report: EA lays off hundreds of workers after canceling games at Respawn Entertainment
April 30, 2025
None
'We are frustrated:' ZeniMax union workers continue to pressure Microsoft over contract negotiations
April 30, 2025