Litcius/Paper detail

Research on the LLM-Driven Vulnerability Detection System Using LProtector

Ze Sheng, Fengying Wu, Xiangwu Zuo, Chao Li, Yuxin Qiao, Hang Lei

202415 citationsDOI

Abstract

The security issues of large-scale software systems and frameworks have become increasingly severe with the development of technology. As complexity of software grows, vulnerabilities are becoming more challenging to detect. Although traditional machine learning methods have been applied in cybersecurity for a long time, there has been no significant breakthrough until now. With the recent rise of large language models (LLMs), a turning point seems to have arrived. The powerful code comprehension and generation capabilities of LLMs make fully automated vulnerability detection systems a possibility. This paper presents LProtector, an automated vulnerability detection system for C/C++ codebases based on GPT-4o and Retrieval-Augmented Generation (RAG). LProtector performs binary classification to identify vulnerabilities in target codebases. To evaluate its effectiveness, we conducted experiments on the Big- Vul dataset. Results show that LProtector outperforms two state-of-the-art baselines in terms of F1 score, demonstrating the potential of integrating LLMs with vulnerability detection.

Topics & Concepts

Computer scienceVulnerability (computing)Computer securityNetwork Security and Intrusion Detection