Semantic errors in network protocol parsers can lead to critical security vulnerabilities—including memory corruption and information leakage—yet existing verification approaches (e.g., model checking, fuzzing) either require substantial manual effort or neglect natural-language standards such as RFCs, limiting their ability to detect semantic violations. This paper introduces PARVAL, the first semantic consistency verification framework for protocol parsers based on collaborative large language models (LLMs). PARVAL employs multi-agent LLMs to jointly translate RFC specifications and parser source code into unified, structured format specifications, enabling automated, standard-driven differential semantic validation. Evaluated on the Bidirectional Forwarding Detection (BFD) protocol, PARVAL identified seven parser defects—including five previously unknown vulnerabilities—with a low false positive rate of 5.6%. To our knowledge, PARVAL is the first approach to fully automate the alignment and semantic validation pipeline from natural-language standards to implementation code.

Network protocol parsers are essential for enabling correct and secure communication between devices. Bugs in these parsers can introduce critical vulnerabilities, including memory corruption, information leakage, and denial-of-service attacks. An intuitive way to assess parser correctness is to compare the implementation with its official protocol standard. However, this comparison is challenging because protocol standards are typically written in natural language, whereas implementations are in source code. Existing methods like model checking, fuzzing, and differential testing have been used to find parsing bugs, but they either require significant manual effort or ignore the protocol standards, limiting their ability to detect semantic violations. To enable more automated validation of parser implementations against protocol standards, we propose PARVAL, a multi-agent framework built on large language models (LLMs). PARVAL leverages the capabilities of LLMs to understand both natural language and code. It transforms both protocol standards and their implementations into a unified intermediate representation, referred to as format specifications, and performs a differential comparison to uncover inconsistencies. We evaluate PARVAL on the Bidirectional Forwarding Detection (BFD) protocol. Our experiments demonstrate that PARVAL successfully identifies inconsistencies between the implementation and its RFC standard, achieving a low false positive rate of 5.6%. PARVAL uncovers seven unique bugs, including five previously unknown issues.