Real-VulLLM: An LLM Based Assessment Framework in the Wild
By: Rijha Safdar , Danyail Mateen , Syed Taha Ali and more
Potential Business Impact:
Finds computer bugs to make software safer.
Artificial Intelligence (AI) and more specifically Large Language Models (LLMs) have demonstrated exceptional progress in multiple areas including software engineering, however, their capability for vulnerability detection in the wild scenario and its corresponding reasoning remains underexplored. Prompting pre-trained LLMs in an effective way offers a computationally effective and scalable solution. Our contributions are (i)varied prompt designs for vulnerability detection and its corresponding reasoning in the wild. (ii)a real-world vector data store constructed from the National Vulnerability Database, that will provide real time context to vulnerability detection framework, and (iii)a scoring measure for combined measurement of accuracy and reasoning quality. Our contribution aims to examine whether LLMs are ready for wild deployment, thus enabling the reliable use of LLMs stronger for the development of secure software's.
Similar Papers
LLMpatronous: Harnessing the Power of LLMs For Vulnerability Detection
Cryptography and Security
AI finds computer bugs better and faster.
Everything You Wanted to Know About LLM-based Vulnerability Detection But Were Afraid to Ask
Cryptography and Security
Finds computer bugs better with more code info.
Evaluating LLMs for One-Shot Patching of Real and Artificial Vulnerabilities
Cryptography and Security
Fixes computer bugs automatically, better on real ones.