AI Chat Paper
Note: Please note that the following content is generated by AMiner AI. SciOpen does not take any responsibility related to this content.
{{lang === 'zh_CN' ? '文章概述' : 'Summary'}}
{{lang === 'en_US' ? '中' : 'Eng'}}
Chat more with AI
PDF (1.7 MB)
Collect
Submit Manuscript AI Chat Paper
Show Outline
Outline
Show full outline
Hide outline
Outline
Show full outline
Hide outline
Open Access

COAPT: Bridging Semantic-Operational Divide in Autonomous Penetration Testing Through LLM-Driven Cognitive Planning

Cyberspace Institute of Advanced Technology and Huangpu Research School, Guangzhou University, Guangzhou 510530, China
Key Laboratory of Cyberspace Security of the Ministry of Education, Information Engineering University, Zhengzhou 450000, China
Show Author Information

Abstract

The automation of penetration testing has long been constrained by the semantic-operational divide between human expert cognition and machine-executable workflows. We present COAPT, a novel architecture that bridges this gap through large language model (LLM) driven cognitive planning, enabling autonomous execution of full-cycle penetration testing aligned with the penetration testing execution standard (PTES) and MITRE adversarial tactics, techniques, and common knowledge (ATT&CK) framework. COAPT introduces three key innovations: (1) A cognitive planning architecture combining retrieval-augmented generation with chain-of-thought reasoning, grounding decisions in verified cybersecurity knowledge; (2) Formal semantic interfaces that translate strategic intent into executable commands for security tools through machine-actionable contracts; (3) Hierarchical multi-agent coordination that maintains tactical consistency across reconnaissance, exploitation, privilege escalation, and defense recommendation phases. Evaluated across diverse penetration testing scenarios, COAPT demonstrates superior performance over state-of-the-art tools in vulnerability exploitation success rates and operational efficiency, while significantly reducing LLM hallucination risks through its knowledge-grounded reasoning approach. The architecture’s ability to autonomously chain multi-stage attacks and generate ATT&CK-mapped defense strategies establishes a new paradigm for cybersecurity automation that preserves human expert workflows at machine execution scales.

References

【1】
【1】
 
 
Big Data Mining and Analytics
Pages 788-804

{{item.num}}

Comments on this article

Go to comment

< Back to all reports

Review Status: {{reviewData.commendedNum}} Commended , {{reviewData.revisionRequiredNum}} Revision Required , {{reviewData.notCommendedNum}} Not Commended Under Peer Review

Review Comment

Close
Close
Cite this article:
Zhang H, Lu H, Chen Y, et al. COAPT: Bridging Semantic-Operational Divide in Autonomous Penetration Testing Through LLM-Driven Cognitive Planning. Big Data Mining and Analytics, 2026, 9(3): 788-804. https://doi.org/10.26599/BDMA.2025.9020078

645

Views

81

Downloads

0

Crossref

0

Web of Science

0

Scopus

0

CSCD

Received: 12 April 2025
Revised: 29 May 2025
Accepted: 25 June 2025
Published: 01 June 2026
© The author(s) 2026.

The articles published in this open access journal are distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/).