To address the low efficiency and insufficient automation in discovering vulnerabilities in Internet protocols such as DNS and BGP, this paper proposes the first LLM-driven, three-stage semi-automated vulnerability discovery framework. Built upon GPT-4o and LangChain, it integrates the ReACT reasoning paradigm with DNS zone file generation to enable end-to-end attack vector synthesis, configuration construction, and validation. It marks the first systematic application of large language models to protocol-level attack discovery—requiring no manually crafted PoCs to generate and verify novel attacks. Experimental evaluation uncovered three previously undisclosed DNS DDoS vulnerabilities and successfully reproduced two known attacks. Notably, the SigCacheFlush family degrades the service capacity of mainstream DNS resolvers to just 6%, affecting latest versions of BIND, Unbound, and others. This work establishes a scalable, reproducible paradigm for protocol security assessment.

With the goal of improving the security of Internet protocols, we seek faster, semi-automatic methods to discover new vulnerabilities in protocols such as DNS, BGP, and others. To this end, we introduce the LLM-Assisted Protocol Attack Discovery (LAPRAD) methodology, enabling security researchers with some DNS knowledge to efficiently uncover vulnerabilities that would otherwise be hard to detect. LAPRAD follows a three-stage process. In the first, we consult an LLM (GPT-o1) that has been trained on a broad corpus of DNS-related sources and previous DDoS attacks to identify potential exploits. In the second stage, a different LLM automatically constructs the corresponding attack configurations using the ReACT approach implemented via LangChain (DNS zone file generation). Finally, in the third stage, we validate the attack's functionality and effectiveness. Using LAPRAD, we uncovered three new DDoS attacks on the DNS protocol and rediscovered two recently reported ones that were not included in the LLM's training data. The first new attack employs a bait-and-switch technique to trick resolvers into caching large, bogus DNSSEC RRSIGs, reducing their serving capacity to as little as 6%. The second exploits large DNSSEC encryption algorithms (RSA-4096) with multiple keys, thereby bypassing a recently implemented default RRSet limit. The third leverages ANY-type responses to produce a similar effect. These variations of a cache-flushing DDoS attack, called SigCacheFlush, circumvent existing patches, severely degrade resolver query capacity, and impact the latest versions of major DNS resolver implementations.