Large language model for vulnerability detection: Emerging results and future directions

Previous learning-based vulnerability detection methods relied on either medium-sized pre-trained models or smaller neural networks from scratch. Recent advancements in Large Pre-Trained Language Models (LLMs) have showcased remarkable few-shot learning capabilities in various tasks. However, the ef...

Full description

Saved in:
Bibliographic Details
Main Authors: ZHOU, Xin, ZHANG, Ting, LO, David
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2024
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/9245
https://ink.library.smu.edu.sg/context/sis_research/article/10245/viewcontent/3639476.3639762.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-10245
record_format dspace
spelling sg-smu-ink.sis_research-102452024-10-17T07:34:26Z Large language model for vulnerability detection: Emerging results and future directions ZHOU, Xin ZHANG, Ting LO, David Previous learning-based vulnerability detection methods relied on either medium-sized pre-trained models or smaller neural networks from scratch. Recent advancements in Large Pre-Trained Language Models (LLMs) have showcased remarkable few-shot learning capabilities in various tasks. However, the effectiveness of LLMs in detecting software vulnerabilities is largely unexplored. This paper aims to bridge this gap by exploring how LLMs perform with various prompts, particularly focusing on two state-of-the-art LLMs: GPT-3.5 and GPT-4. Our experimental results showed that GPT-3.5 achieves competitive performance with the prior state-of-the-art vulnerability detection approach and GPT-4 consistently outperformed the state-of-the-art. 2024-04-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/9245 info:doi/10.1145/3639476.3639762 https://ink.library.smu.edu.sg/context/sis_research/article/10245/viewcontent/3639476.3639762.pdf http://creativecommons.org/licenses/by/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Programming Languages and Compilers Software Engineering
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Programming Languages and Compilers
Software Engineering
spellingShingle Programming Languages and Compilers
Software Engineering
ZHOU, Xin
ZHANG, Ting
LO, David
Large language model for vulnerability detection: Emerging results and future directions
description Previous learning-based vulnerability detection methods relied on either medium-sized pre-trained models or smaller neural networks from scratch. Recent advancements in Large Pre-Trained Language Models (LLMs) have showcased remarkable few-shot learning capabilities in various tasks. However, the effectiveness of LLMs in detecting software vulnerabilities is largely unexplored. This paper aims to bridge this gap by exploring how LLMs perform with various prompts, particularly focusing on two state-of-the-art LLMs: GPT-3.5 and GPT-4. Our experimental results showed that GPT-3.5 achieves competitive performance with the prior state-of-the-art vulnerability detection approach and GPT-4 consistently outperformed the state-of-the-art.
format text
author ZHOU, Xin
ZHANG, Ting
LO, David
author_facet ZHOU, Xin
ZHANG, Ting
LO, David
author_sort ZHOU, Xin
title Large language model for vulnerability detection: Emerging results and future directions
title_short Large language model for vulnerability detection: Emerging results and future directions
title_full Large language model for vulnerability detection: Emerging results and future directions
title_fullStr Large language model for vulnerability detection: Emerging results and future directions
title_full_unstemmed Large language model for vulnerability detection: Emerging results and future directions
title_sort large language model for vulnerability detection: emerging results and future directions
publisher Institutional Knowledge at Singapore Management University
publishDate 2024
url https://ink.library.smu.edu.sg/sis_research/9245
https://ink.library.smu.edu.sg/context/sis_research/article/10245/viewcontent/3639476.3639762.pdf
_version_ 1814047927541170176