English

STRIATUM-CTF: A Protocol-Driven Agentic Framework for General-Purpose CTF Solving

Cryptography and Security 2026-03-25 v1 Artificial Intelligence Multiagent Systems

Abstract

Large Language Models (LLMs) have demonstrated potential in code generation, yet they struggle with the multi-step, stateful reasoning required for offensive cybersecurity operations. Existing research often relies on static benchmarks that fail to capture the dynamic nature of real-world vulnerabilities. In this work, we introduce STRIATUM-CTF (A Search-based Test-time Reasoning Inference Agent for Tactical Utility Maximization in Cybersecurity), a modular agentic framework built upon the Model Context Protocol (MCP). By standardizing tool interfaces for system introspection, decompilation, and runtime debugging, STRIATUM-CTF enables the agent to maintain a coherent context window across extended exploit trajectories. We validate this approach not merely on synthetic datasets, but in a live competitive environment. Our system participated in a university-hosted Capture-the-Flag (CTF) competition in late 2025, where it operated autonomously to identify and exploit vulnerabilities in real-time. STRIATUM-CTF secured First Place, outperforming 21 human teams and demonstrating strong adaptability in a dynamic problem-solving setting. We analyze the agent's decision-making logs to show how MCP-based tool abstraction significantly reduces hallucination compared to naive prompting strategies. These results suggest that standardized context protocols are a critical path toward robust autonomous cyber-reasoning systems.

Keywords

Cite

@article{arxiv.2603.22577,
  title  = {STRIATUM-CTF: A Protocol-Driven Agentic Framework for General-Purpose CTF Solving},
  author = {James Hugglestone and Samuel Jacob Chacko and Dawson Stoller and Ryan Schmidt and Xiuwen Liu},
  journal= {arXiv preprint arXiv:2603.22577},
  year   = {2026}
}

Comments

8 pages, 7 pages

R2 v1 2026-07-01T11:34:28.251Z