CEKER: A Generalizable LLM Framework for Literature Analysis with a Case Study in Unikernel Security

TL;DR

CEKER is a novel LLM-based framework that automates literature analysis, significantly reducing manual effort and uncovering key insights and gaps in research domains, demonstrated through a case study in unikernel security.

Contribution

This paper introduces CEKER, a scalable and generalizable LLM-driven framework for literature review and analysis across diverse research fields.

Findings

Identified reduced attack surface as a key theme in unikernel security

Highlighted security gaps like lack of ASLR and debugging tools

Revealed hypervisor reliance as a potential attack vector

Abstract

Literature reviews are a critical component of formulating and justifying new research, but are a manual and often time-consuming process. This research introduces a novel, generalizable approach to literature analysis called CEKER which uses a three-step process to streamline the collection of literature, the extraction of key insights, and the summarized analysis of key trends and gaps. Leveraging Large Language Models (LLMs), this methodology represents a significant shift from traditional manual literature reviews, offering a scalable, flexible, and repeatable approach that can be applied across diverse research domains. A case study on unikernel security illustrates CEKER's ability to generate novel insights validated against previous manual methods. CEKER's analysis highlighted reduced attack surface as the most prominent theme. Key security gaps included the absence of Address Space Layout Randomization, missing debugging tools, and limited entropy generation, all of which represent important challenges to unikernel security. The study also revealed a reliance on hypervisors as a potential attack vector and emphasized the need for dynamic security adjustments to address real-time threats.