English
Related papers

Related papers: Towards Explainable Vulnerability Detection with L…

200 papers

Recently, Automated Vulnerability Localization (AVL) has attracted growing attention, aiming to facilitate diagnosis by pinpointing the specific lines of code responsible for vulnerabilities. Large Language Models (LLMs) have shown…

Software Engineering · Computer Science 2025-12-29 Jian Zhang , Chong Wang , Anran Li , Weisong Sun , Cen Zhang , Wei Ma , Yang Liu

Software security vulnerabilities allow attackers to perform malicious activities to disrupt software operations. Recent Transformer-based language models have significantly advanced vulnerability detection, surpassing the capabilities of…

Cryptography and Security · Computer Science 2024-06-11 Aidan Z. H. Yang , Haoye Tian , He Ye , Ruben Martins , Claire Le Goues

Large language models (LLMs) have recently shown strong potential in vulnerability detection (VD). However, accurately detecting vulnerabilities in real-world repositories requires reasoning over complex contextual interactions. Existing…

Cryptography and Security · Computer Science 2026-05-28 Youpeng Li , Fuxun Yu , Weiliang Qi , Xinda Wang

Recent advancements in generative AI have led to the widespread adoption of large language models (LLMs) in software engineering, addressing numerous long-standing challenges. However, a comprehensive study examining the capabilities of…

Software Engineering · Computer Science 2025-03-04 Ting Zhang , Chengran Yang , Yindu Su , Martin Weyssow , Hung Nguyen , Tan Bui , Hong Jin Kang , Yikun Li , Eng Lieh Ouh , Lwin Khin Shar , David Lo

Although modern vulnerability detection tools enable developers to efficiently identify numerous security flaws, indiscriminate remediation efforts often lead to superfluous development expenses. This is particularly true given that a…

Software Engineering · Computer Science 2025-06-26 Hao Shen , Ming Hu , Xiaofei Xie , Jiaye Li , Mingsong Chen

Large language models (LLMs) demonstrate considerable proficiency in numerous coding-related tasks; however, their capabilities in detecting software vulnerabilities remain limited. This limitation primarily stems from two factors: (1) the…

Artificial Intelligence · Computer Science 2025-06-10 Xin-Cheng Wen , Yijun Yang , Cuiyun Gao , Yang Xiao , Deheng Ye

The adoption of Large Language Models (LLMs) for automated software vulnerability patching has shown promising outcomes on carefully curated evaluation sets. Nevertheless, existing datasets predominantly rely on superficial validation…

Software Engineering · Computer Science 2025-09-04 Weizhe Wang , Wei Ma , Qiang Hu , Yao Zhang , Jianfei Sun , Bin Wu , Yang Liu , Guangquan Xu , Lingxiao Jiang

The significant advancements in Large Language Models (LLMs) have resulted in their widespread adoption across various tasks within Software Engineering (SE), including vulnerability detection and repair. Numerous studies have investigated…

Software Engineering · Computer Science 2024-10-08 Xin Zhou , Sicong Cao , Xiaobing Sun , David Lo

Security vulnerabilities are increasingly prevalent in modern software and they are widely consequential to our society. Various approaches to defending against these vulnerabilities have been proposed, among which those leveraging deep…

Cryptography and Security · Computer Science 2024-02-28 Yu Nong , Mohammed Aldeen , Long Cheng , Hongxin Hu , Feng Chen , Haipeng Cai

The increasing adoption of Large Language Models (LLMs) in software engineering has sparked interest in their use for software vulnerability detection. However, the rapid development of this field has resulted in a fragmented research…

Software Engineering · Computer Science 2025-12-22 Sabrina Kaniewski , Fabian Schmidt , Markus Enzweiler , Michael Menth , Tobias Heer

Software vulnerabilities, caused by unintentional flaws in source code, are a primary root cause of cyberattacks. Static analysis of source code has been widely used to detect these unintentional defects introduced by software developers.…

Software Engineering · Computer Science 2024-08-08 Andrew A Mahyari

The latest advancements in large language models (LLMs) have sparked interest in their potential for software vulnerability detection. However, there is currently a lack of research specifically focused on vulnerabilities in the PHP…

Cryptography and Security · Computer Science 2024-10-11 Di Cao , Yong Liao , Xiuwei Shang

With the emergence of Large Language Models (LLMs), there has been a significant improvement in the programming capabilities of models, attracting growing attention from researchers. Evaluating the programming capabilities of LLMs is…

Large Language Models (LLMs), characterized by being trained on broad amounts of data in a self-supervised manner, have shown impressive performance across a wide range of tasks. Indeed, their generative abilities have aroused interest on…

Machine Learning · Computer Science 2024-07-30 Jorge García-Carrasco , Alejandro Maté , Juan Trujillo

Context: Traditional software security analysis methods struggle to keep pace with the scale and complexity of modern codebases, requiring intelligent automation to detect, assess, and remediate vulnerabilities more efficiently and…

Software Engineering · Computer Science 2026-01-14 Shaznin Sultana , Sadia Afreen , Nasir U. Eisty

Large Language Models (LLMs) have been suggested for use in automated vulnerability repair, but benchmarks showing they can consistently identify security-related bugs are lacking. We thus develop SecLLMHolmes, a fully automated evaluation…

Cryptography and Security · Computer Science 2024-07-25 Saad Ullah , Mingji Han , Saurabh Pujar , Hammond Pearce , Ayse Coskun , Gianluca Stringhini

The widespread adoption of web applications has made their security a critical concern and has increased the need for systematic ways to assess whether they can be considered trustworthy. However, "trust" assessment remains an open problem…

Cryptography and Security · Computer Science 2026-03-26 Oleksandr Yarotskyi , José D'Abruzzo Pereira , João R. Campos

This paper proposes a pipeline for quantitatively evaluating interactive Large Language Models (LLMs) using publicly available datasets. We carry out an extensive technical evaluation of LLMs using Big-Vul covering four different common…

Software Engineering · Computer Science 2024-07-09 Xin Yin , Chao Ni , Shaohua Wang

Language models (LMs) show promise for vulnerability detection but struggle with long, real-world code due to sparse and uncertain vulnerability locations. These issues, exacerbated by token limits, often cause models to miss…

Software Engineering · Computer Science 2025-07-16 Xinran Zheng , Xingzhi Qian , Huichi Zhou , Shuo Yang , Yiling He , Suman Jana , Lorenzo Cavallaro

Large Language Models are a promising tool for automated vulnerability detection, thanks to their success in code generation and repair. However, despite widespread adoption, a critical question remains: Are LLMs truly effective at…

Cryptography and Security · Computer Science 2025-04-21 Yue Li , Xiao Li , Hao Wu , Minghui Xu , Yue Zhang , Xiuzhen Cheng , Fengyuan Xu , Sheng Zhong