This paper presents LProtector, an automated vulnerability detection system for C/C++ codebases driven by the large language model (LLM) GPT-4o and Retrieval-Augmented Generation (RAG). As software complexity grows, traditional methods face challenges in detecting vulnerabilities effectively. LProtector leverages GPT-4o's powerful code comprehension and generation capabilities to perform binary classification and identify vulnerabilities within target codebases. We conducted experiments on the Big-Vul dataset, showing that LProtector outperforms two state-of-the-art baselines in terms of F1 score, demonstrating the potential of integrating LLMs with vulnerability detection.
@article{arxiv.2411.06493,
title = {LProtector: An LLM-driven Vulnerability Detection System},
author = {Ze Sheng and Fenghua Wu and Xiangwu Zuo and Chao Li and Yuxin Qiao and Lei Hang},
journal= {arXiv preprint arXiv:2411.06493},
year = {2024}
}
Comments
5 pages, 4 figures. This is a preprint version of the article. The final version will be published in the proceedings of the IEEE conference