We present a formal framework for context-aware security verification that establishes provable guarantees for ML-enhanced adaptive systems. We introduce context-completeness - a new security property - and prove: (1) sample complexity bounds showing when adaptive verification succeeds, (2) information-theoretic limits relating context richness to detection capability, (3) convergence guarantees for ML-based payload generators, and (4) compositional soundness bounds. We further provide a formal separation between static context-blind verifiers and context-aware adaptive verifiers: for a natural family of targets, any static verifier with finite payload budget achieves completeness at most alpha, while a context-aware verifier with sufficient information achieves completeness greater than alpha. We validate our theoretical predictions through controlled experiments on 97,224 exploit samples, demonstrating: detection accuracy improving from 58% to 69.93% with dataset growth, success probability increasing from 51% to 82% with context enrichment, training loss converging at O(1/sqrt(T)) rate, and false positive rate (10.19%) within theoretical bounds (12%). Our results show that theoretically-grounded adaptive verification achieves provable improvements over static approaches under stated assumptions while maintaining soundness guarantees.

翻译：我们提出了一个用于上下文感知安全验证的形式化框架，该框架为机器学习增强的自适应系统建立了可证明的保证。我们引入了上下文完备性——一种新的安全属性——并证明了：(1) 样本复杂度界限，表明自适应验证何时成功；(2) 将上下文丰富度与检测能力相关联的信息论极限；(3) 基于机器学习的载荷生成器的收敛性保证；以及(4) 组合可靠性界限。我们进一步形式化地区分了静态的上下文无关验证器与上下文感知自适应验证器：对于一个自然的目标族，任何具有有限载荷预算的静态验证器至多实现α的完备性，而一个拥有足够信息的上下文感知验证器可以实现大于α的完备性。我们通过对97,224个漏洞利用样本的受控实验验证了我们的理论预测，结果表明：随着数据集增长，检测准确率从58%提升至69.93%；随着上下文丰富化，成功概率从51%增加至82%；训练损失以O(1/√T)的速率收敛；且误报率(10.19%)在理论界限(12%)之内。我们的结果表明，在所述假设下，基于理论的自适应验证相较于静态方法实现了可证明的改进，同时保持了可靠性保证。