7 matches found
When Labels Are Scarce: A Systematic Mapping of Label-Efficient Code Vulnerability Detection
Machine-learning-based code vulnerability detection CVD has progressed rapidly, from deep program representations to pretrained code models and LLM-centered pipelines. Yet dependable vulnerability labeling remains expensive, noisy, and uneven across projects, languages, and CWE types, motivating...
The New Era of Application Security: Reasoning-Based Agents, Runtime Reality, and Risk Intelligence
Key Takeaways AI reasoning systems improve vulnerability detection in source code, but do not address the full spectrum of application security risk. Modern application security must account for APIs, runtime environments, and externally exposed assets beyond the source repository. Continuous...
An Empirical Evaluation of LLM-Based Approaches for Code Vulnerability Detection: RAG, SFT, and Dual-Agent Systems
The rapid advancement of Large Language Models LLMs presents new opportunities for automated software vulnerability detection, a crucial task in securing modern codebases. This paper presents a comparative study on the effectiveness of LLM-based techniques for detecting software vulnerabilities...
Retrieval-Augmented Few-Shot Prompting Versus Fine-Tuning for Code Vulnerability Detection
Few-shot prompting has emerged as a practical alternative to fine-tuning for leveraging the capabilities of large language models LLMs in specialized tasks. However, its effectiveness depends heavily on the selection and quality of in-context examples, particularly in complex domains. In this wor...
On Selecting Few-Shot Examples for LLM-Based Code Vulnerability Detection
Large language models LLMs have demonstrated impressive capabilities for many coding tasks, including summarization, translation, completion, and code generation. However, detecting code vulnerabilities remains a challenging task for LLMs. An effective way to improve LLM performance is in-context...
Ensembling Large Language Models for Code Vulnerability Detection: an Empirical Evaluation
Code vulnerability detection is crucial for ensuring the security and reliability of modern software systems. Recently, Large Language Models LLMs have shown promising capabilities in this domain. However, notable discrepancies in detection results often arise when analyzing identical code segmen...
White-Basilisk: a Hybrid Model for Code Vulnerability Detection
The proliferation of software vulnerabilities presents a significant challenge to cybersecurity, necessitating more effective detection methodologies. We introduce White-Basilisk, a novel approach to vulnerability detection that demonstrates superior performance while challenging prevailing...