CybersecurityAI

Black Hat USA 2025 | How Tree-of-AST Redefines the Boundaries of Dataflow Analysis

Black Hat
Black HatMar 9, 2026

Why It Matters

Tree-of-AST promises more accurate, scalable vulnerability discovery in complex open-source and ML projects, reducing false positives and improving supply-chain security posture. That capability can speed triage, increase true-positive finds (including exploitable CVEs), and change how firms prioritize code-risk remediation.

Summary

At Black Hat USA 2025, researchers presented Tree-of-AST, a novel dataflow-analysis approach that adapts tree-based generative reasoning techniques (inspired by Tree-of-Thoughts) to program ASTs to more effectively trace sources to sinks and reason about sanitizers. The presenters — including a teenage researcher — described an algorithm that explores multiple reasoning branches, uses voting/lookahead and backtracking to prune paths, and scales to large, messy ML codebases. They demonstrated the method by rediscovering previously reported CVEs and showing improved precision and reachability grounding versus traditional linear analyses. The talk emphasized practical tooling and case studies rather than purely theoretical results.

Original Description

In recent years, vulnerability discovery has largely relied on static analysis tools with predefined pattern matching and taint analysis. These traditional methods are not as efficient for complex codebases that span multiple files and utilize atypical input processing techniques. While successful for common vulnerability patterns, they frequently miss sophisticated attack vectors that operate across multiple functions, and sometimes multiple files.
In this talk, we will be covering Tree-of-AST, a new framework that combines large language models with abstract syntax tree analysis to address the limitations above. This approach leverages a unique Locate-Trace-Vote (LTV) methodology that enables autonomous tracking of data flows within large-scale projects, even in the absence of predefined source patterns. We will be sharing conclusive benchmark analysis showing that the Tree-of-AST method outperforms established tools by discovering previously undetected vulnerabilities. The study was done on widely-used open-source projects.
Further, we demonstrate that our system autonomously generates working exploits with a success rate above the industry average for similar tools. We would wrap up the talk by examining practical defensive strategies developers could implement to protect their codebases from similar emerging techniques, and discuss how automatic exploitation capabilities reshape the modern digital security landscape.
By:
Sasha Zyuzin | Student, Bachelor's Degree, University of Maryland
Ruikai Peng | Founder, Pwno
Presentation Materials Available at:

Comments

Want to join the conversation?

Loading comments...