English

ANVIL: Anomaly-based Vulnerability Identification without Labelled Training Data

Cryptography and Security 2025-06-03 v3 Machine Learning Software Engineering

Abstract

Supervised-learning-based vulnerability detectors often fall short due to limited labelled training data. In contrast, Large Language Models (LLMs) like GPT-4 are trained on vast unlabelled code corpora, yet perform only marginally better than coin flips when directly prompted to detect vulnerabilities. In this paper, we reframe vulnerability detection as anomaly detection, based on the premise that vulnerable code is rare and thus anomalous relative to patterns learned by LLMs. We introduce ANVIL, which performs a masked code reconstruction task: the LLM reconstructs a masked line of code, and deviations from the original are scored as anomalies. We propose a hybrid anomaly score that combines exact match, cross-entropy loss, prediction confidence, and structural complexity. We evaluate our approach across multiple LLM families, scoring methods, and context sizes, and against vulnerabilities after the LLM's training cut-off. On the PrimeVul dataset, ANVIL outperforms state-of-the-art supervised detectors-LineVul, LineVD, and LLMAO-achieving up to 2x higher Top-3 accuracy, 75% better Normalized MFR, and a significant improvement on ROC-AUC. Finally, by integrating ANVIL with fuzzers, we uncover two previously unknown vulnerabilities, demonstrating the practical utility of anomaly-guided detection.

Keywords

Cite

@article{arxiv.2408.16028,
  title  = {ANVIL: Anomaly-based Vulnerability Identification without Labelled Training Data},
  author = {Weizhou Wang and Eric Liu and Xiangyu Guo and Xiao Hu and Ilya Grishchenko and David Lie},
  journal= {arXiv preprint arXiv:2408.16028},
  year   = {2025}
}
R2 v1 2026-06-28T18:26:55.602Z