arXiv:2408.16028v4 Announce Type: replace-cross Abstract: Supervised-learning-based vulnerability detectors often fall short due to limited labelled training data. In contrast, Large Language Models (LLMs) are trained on vast unlabelled code corpora, yet perform only marginally better than coin flips when directly prompted to detect vulnerabilities. In this paper, we reframe vulnerability detection as anomaly detection, based on the premise that vulnerable code is rare and thus anomalous relative to patterns learned by LLMs. We introduce ANVIL, which performs a masked code reconstruction task:
The proliferation of LLMs and the persistent challenge of securing software against vulnerabilities necessitates new approaches for automated detection, especially given the scarcity of labeled training data.
This research introduces a novel, unsupervised method for vulnerability detection leveraging LLMs, potentially enhancing software supply chain security and reducing development costs significantly.
Vulnerability detection shifts from heavily relying on scarce labeled datasets and expensive manual analysis to more autonomous, anomaly-based detection using readily available unlabelled code corpora.
- · Cybersecurity sector
- · Software development companies
- · Organizations with large codebases
- · AI/ML security solution providers
- · Manual security auditors (routine tasks)
Improved detection of zero-day vulnerabilities in software will enhance digital infrastructure security.
Reduced incidence of software exploits will lead to increased trust in digital systems and services.
More secure software supply chains could accelerate innovation by mitigating risks associated with rapid deployment of new technologies.
This signal links to a primary source. Continuum Brief monitors and indexes it as part of the live intelligence stream — we do not republish source content.
Read at arXiv cs.LG