English
Related papers

Related papers: Vul-RAG: Enhancing LLM-based Vulnerability Detecti…

200 papers

Large Language Models (LLMs) have emerged as promising tools in software development, enabling automated code generation and analysis. However, their knowledge is limited to a fixed cutoff date, making them prone to generating code…

Cryptography and Security · Computer Science 2025-12-01 Minjae Seo , Wonwoo Choi , Myoungsung You , Seungwon Shin

Detecting vulnerabilities in source code remains critical yet challenging, as conventional static analysis tools construct inaccurate program representations, while existing LLM-based approaches often miss essential vulnerability context…

Software Engineering · Computer Science 2026-04-14 Yiheng Cao , Yihao Chen , Xin Hu , Bihuan Chen , Jiayi Deng , Zhuotong Zhou , Susheng Wu , Yiheng Huang , Xueying Du , Xingman Chen , Miaohua Li , Xin Peng

Traditional vulnerability detection methods rely heavily on predefined rule matching, which often fails to capture vulnerabilities accurately. With the rise of large language models (LLMs), leveraging their ability to understand code…

Cryptography and Security · Computer Science 2025-11-26 Xiang Li , Yueci Su , Jiahao Liu , Zhiwei Lin , Yuebing Hou , Peiming Gao , Yuanchao Zhang

The significant increase in software production driven by automation and faster development lifecycles has resulted in a corresponding surge in software vulnerabilities. In parallel, the evolving landscape of software vulnerability…

Cryptography and Security · Computer Science 2024-08-30 Yuejun Guo , Constantinos Patsakis , Qiang Hu , Qiang Tang , Fran Casino

The indexing-retrieval-generation paradigm of retrieval-augmented generation (RAG) has been highly successful in solving knowledge-intensive tasks by integrating external knowledge into large language models (LLMs). However, the…

Cryptography and Security · Computer Science 2025-02-25 Xun Liang , Simin Niu , Zhiyu Li , Sensen Zhang , Hanyu Wang , Feiyu Xiong , Jason Zhaoxin Fan , Bo Tang , Shichao Song , Mengwei Wang , Jiawei Yang

Retrieval-Augmented Generation (RAG) was introduced to enhance the capabilities of Large Language Models (LLMs) beyond their encoded prior knowledge. This is achieved by providing LLMs with an external source of knowledge, which helps…

Computation and Language · Computer Science 2026-03-11 Hazem Amamou , Stéphane Gagnon , Alan Davoust , Anderson R. Avila

Automated vulnerability detection is a fundamental task in software security, yet existing learning-based methods still struggle to capture the structural dependencies, domain-specific vulnerability knowledge, and complex program semantics…

Artificial Intelligence · Computer Science 2026-05-13 Wenxin Tang , Xiang Zhang , Junliang Liu , Jingyu Xiao , Xi Xiao , Jinlong Yang , Yuehe Ma , Zhenyu Liu , Zhengheng Li , Zicheng Wang , Wang Luo , Qing Li , Lei Wang , Peng Xiangli

Large Language Models (LLMs) have emerged as a popular choice in vulnerability detection studies given their foundational capabilities, open source availability, and variety of models, but have limited scalability due to extensive compute…

Software Engineering · Computer Science 2026-04-01 Miles Farmer , Ekincan Ufuktepe , Anne Watson , Hialo Muniz Carvalho , Vadim Okun , Zineb Maasaoui , Kannappan Palaniappan

Large language models (LLMs) have achieved remarkable progress in code understanding tasks. However, they demonstrate limited performance in vulnerability detection and struggle to distinguish vulnerable code from patched code. We argue…

Software Engineering · Computer Science 2026-03-31 Hao Zhu , Jia Li , Cuiyun Gao , Jiaru Qian , Yihong Dong , Huanyu Liu , Lecheng Wang , Ziliang Wang , Xiaolong Hu , Ge Li

Large Language Models (LLMs) are increasingly used for cybersecurity threat analysis, but their deployment in security-sensitive environments raises trust and safety concerns. With over 21,000 vulnerabilities disclosed in 2025, manual…

Cryptography and Security · Computer Science 2025-09-04 Reza Fayyazi , Michael Zuzak , Shanchieh Jay Yang

Retrieval-Augmented Generation (RAG) has emerged as a widely adopted approach for enhancing LLMs in scenarios that demand extensive factual knowledge. However, current RAG evaluations concentrate primarily on correctness, which may not…

Computation and Language · Computer Science 2026-03-23 Vinh Nguyen , Cuong Dang , Jiahao Zhang , Hoa Tran , Minh Tran , Trinh Chau , Thai Le , Lu Cheng , Suhang Wang

Large language models (LLMs) have demonstrated significant potential in various tasks, including those requiring human-level intelligence, such as vulnerability detection. However, recent efforts to use LLMs for vulnerability detection…

Cryptography and Security · Computer Science 2025-06-10 Yuqiang Sun , Daoyuan Wu , Yue Xue , Han Liu , Wei Ma , Lyuye Zhang , Yang Liu , Yingjiu Li

In this paper, we present the first comprehensive empirical study of specialized LLM-based detectors and compare them with traditional static analyzers at the project scale. Specifically, our study evaluates five latest and representative…

Software Engineering · Computer Science 2026-01-28 Fengjie Li , Jiajun Jiang , Dongchi Chen , Yingfei Xiong

Retrieval-Augmented Generation (RAG) is an effective approach to enhance the factual accuracy of large language models (LLMs) by retrieving information from external databases, which are typically composed of diverse sources, to supplement…

Machine Learning · Computer Science 2025-10-15 Jeongyeon Hwang , Junyoung Park , Hyejin Park , Dongwoo Kim , Sangdon Park , Jungseul Ok

Retrieval-augmented generation (RAG) has shown impressive capability in providing reliable answer predictions and addressing hallucination problems. A typical RAG implementation uses powerful retrieval models to extract external information…

Information Retrieval · Computer Science 2024-11-19 Ziwei Liu , Liang Zhang , Qian Li , Jianghua Wu , Guangxu Zhu

Large Language Models (LLMs) are increasingly being used as security engineering tools to summarize and explain malware behavior to analysts. A common assumption is that Retrieval-Augmented Generation (RAG) improves explanation quality by…

Cryptography and Security · Computer Science 2026-05-06 Jayson Ng , Amin Milani Fard

Various deep learning-based approaches utilizing pre-trained language models (PLMs) have been proposed for automated vulnerability detection. With recent advancements in large language models (LLMs), several studies have begun exploring…

Software Engineering · Computer Science 2026-03-11 Honglin Shu , Michael Fu , Junji Yu , Dong Wang , Chakkrit Tantithamthavorn , Junjie Chen , Yasutaka Kamei

The exponential increase in software vulnerabilities has created an urgent need for automatic vulnerability repair (AVR) solutions. Recent research has formulated AVR as a sequence generation problem and has leveraged large language models…

Artificial Intelligence · Computer Science 2025-10-08 Xin-Cheng Wen , Zirui Lin , Yijun Yang , Cuiyun Gao , Deheng Ye

Software vulnerability detection is critical in software security because it identifies potential bugs in software systems, enabling immediate remediation and mitigation measures to be implemented before they may be exploited. Automatic…

Software Engineering · Computer Science 2023-06-21 Nima Shiri Harzevili , Alvine Boaye Belle , Junjie Wang , Song Wang , Zhen Ming , Jiang , Nachiappan Nagappan

Software vulnerabilities continue to be ubiquitous, even in the era of AI-powered code assistants, advanced static analysis tools, and the adoption of extensive testing frameworks. It has become apparent that we must not simply prevent…