English
Related papers

Related papers: Three Heads Are Better Than One: A Multi-perspecti…

200 papers

Large language models (LLMs) have demonstrated significant potential in various tasks, including those requiring human-level intelligence, such as vulnerability detection. However, recent efforts to use LLMs for vulnerability detection…

Cryptography and Security · Computer Science 2025-06-10 Yuqiang Sun , Daoyuan Wu , Yue Xue , Han Liu , Wei Ma , Lyuye Zhang , Yang Liu , Yingjiu Li

Large language models (LLMs) demonstrate considerable proficiency in numerous coding-related tasks; however, their capabilities in detecting software vulnerabilities remain limited. This limitation primarily stems from two factors: (1) the…

Artificial Intelligence · Computer Science 2025-06-10 Xin-Cheng Wen , Yijun Yang , Cuiyun Gao , Yang Xiao , Deheng Ye

Increasing complexity in software systems places a growing demand on reasoning tools that unlock vulnerabilities manifest in source code. Many current approaches focus on vulnerability analysis as a classifying task, oversimplifying the…

Artificial Intelligence · Computer Science 2025-09-23 Ala Jararweh , Michael Adams , Avinash Sahu , Abdullah Mueen , Afsah Anwar

Recent progress in ML and LLMs has improved vulnerability detection, and recent datasets have reduced label noise and unrelated code changes. However, most existing approaches still operate at the function level, where models are asked to…

Cryptography and Security · Computer Science 2026-02-09 Yikun Li , Ting Zhang , Jieke Shi , Chengran Yang , Junda He , Xin Zhou , Jinfeng Jiang , Huihui Huang , Wen Bin Leow , Yide Yin , Eng Lieh Ouh , Lwin Khin Shar , David Lo

Large language models (LLMs) have shown promising performance in software vulnerability detection, yet their reasoning capabilities remain unreliable. We propose R2Vul, a method that combines reinforcement learning from AI feedback (RLAIF)…

The widespread adoption of open-source software (OSS) necessitates the mitigation of vulnerability risks. Most vulnerability detection (VD) methods are limited by inadequate contextual understanding, restrictive single-round interactions,…

Cryptography and Security · Computer Science 2025-10-02 Youpeng Li , Kartik Joshi , Xinda Wang , Eric Wong

Large Language Models (LLMs) have demonstrated remarkable proficiency in vulnerability detection. However, a critical reliability gap persists: models frequently yield correct detection verdicts based on hallucinated logic or superficial…

Cryptography and Security · Computer Science 2026-02-09 Li Lu , Yanjie Zhao , Hongzhou Rao , Kechi Zhang , Haoyu Wang

Automating software vulnerability detection (SVD) remains a critical challenge in an era of increasingly complex and interdependent software systems. Despite significant advances in Large Language Models (LLMs) for code analysis, prevailing…

Software Engineering · Computer Science 2025-03-25 Arastoo Zibaeirad , Marco Vieira

Large language models (LLMs) have recently shown strong potential in vulnerability detection (VD). However, accurately detecting vulnerabilities in real-world repositories requires reasoning over complex contextual interactions. Existing…

Cryptography and Security · Computer Science 2026-05-28 Youpeng Li , Fuxun Yu , Weiliang Qi , Xinda Wang

Software vulnerabilities (SVs) pose a critical threat to safety-critical systems, driving the adoption of AI-based approaches such as machine learning and deep learning for software vulnerability detection. Despite promising results, most…

Cryptography and Security · Computer Science 2025-10-07 Van Nguyen , Surya Nepal , Xingliang Yuan , Tingmin Wu , Fengchao Chen , Carsten Rudolph

Source code and its accompanying comments are complementary yet naturally aligned modalities-code encodes structural logic while comments capture developer intent. However, existing vulnerability detection methods mostly rely on…

Software Engineering · Computer Science 2026-05-01 Zeming Dong , Yuejun Guo , Qiang Hu , Yao Zhang , Maxime Cordy , Hao Liu , Mike Papadakis , Yongqiang Lyu

Context: Software Vulnerability Assessment (SVA) plays a vital role in evaluating and ranking vulnerabilities in software systems to ensure their security and reliability. Objective: Although Large Language Models (LLMs) have recently shown…

Software Engineering · Computer Science 2025-11-24 Zhijie Chen , Xiang Chen , Ziming Li , Jiacheng Xue , Chaoyang Gao

In the context of the rising interest in code language models (code LMs) and vulnerability detection, we study the effectiveness of code LMs for detecting vulnerabilities. Our analysis reveals significant shortcomings in existing…

Software Engineering · Computer Science 2024-07-11 Yangruibo Ding , Yanjun Fu , Omniyyah Ibrahim , Chawin Sitawarin , Xinyun Chen , Basel Alomair , David Wagner , Baishakhi Ray , Yizheng Chen

We propose VulnLLM-R, the~\emph{first specialized reasoning LLM} for vulnerability detection. Our key insight is that LLMs can reason about program states and analyze the potential vulnerabilities, rather than simple pattern matching. This…

Cryptography and Security · Computer Science 2025-12-09 Yuzhou Nie , Hongwei Li , Chengquan Guo , Ruizhe Jiang , Zhun Wang , Bo Li , Dawn Song , Wenbo Guo

Large Language Models (LLMs) struggle to automate real-world vulnerability detection due to two key limitations: the heterogeneity of vulnerability patterns undermines the effectiveness of a single unified model, and manual prompt…

Software Engineering · Computer Science 2026-01-28 Zihan Wu , Jie Xu , Yun Peng , Chun Yong Chong , Xiaohua Jia

Large Language Models (LLMs) have shown promise in software vulnerability detection, particularly on function-level benchmarks like Devign and BigVul. However, real-world detection requires interprocedural analysis, as vulnerabilities often…

Cryptography and Security · Computer Science 2025-03-19 Alperen Yildiz , Sin G. Teo , Yiling Lou , Yebo Feng , Chong Wang , Dinil M. Divakaran

Large language models for code (i.e., code LLMs) have shown strong code understanding and generation capabilities. To evaluate the capabilities of code LLMs in various aspects, many benchmarks have been proposed (e.g., HumanEval and…

Software Engineering · Computer Science 2024-09-24 Junkai Chen , Zhiyuan Pan , Xing Hu , Zhenhao Li , Ge Li , Xin Xia

Large Language Models are a promising tool for automated vulnerability detection, thanks to their success in code generation and repair. However, despite widespread adoption, a critical question remains: Are LLMs truly effective at…

Cryptography and Security · Computer Science 2025-04-21 Yue Li , Xiao Li , Hao Wu , Minghui Xu , Yue Zhang , Xiuzhen Cheng , Fengyuan Xu , Sheng Zhong

The latest advancements in large language models (LLMs) have sparked interest in their potential for software vulnerability detection. However, there is currently a lack of research specifically focused on vulnerabilities in the PHP…

Cryptography and Security · Computer Science 2024-10-11 Di Cao , Yong Liao , Xiuwei Shang

Detecting vulnerabilities in source code remains critical yet challenging, as conventional static analysis tools construct inaccurate program representations, while existing LLM-based approaches often miss essential vulnerability context…

Software Engineering · Computer Science 2026-04-14 Yiheng Cao , Yihao Chen , Xin Hu , Bihuan Chen , Jiayi Deng , Zhuotong Zhou , Susheng Wu , Yiheng Huang , Xueying Du , Xingman Chen , Miaohua Li , Xin Peng
‹ Prev 1 2 3 10 Next ›