Large Language Model for Vulnerability Detection and Repair: Literature Review and the Road Ahead
Xin Zhou, Sicong Cao, Xiaobing Sun, David Lo
TL;DR
This paper systematically reviews how Large Language Models are used for vulnerability detection and repair in software engineering, highlighting current approaches, limitations, and future research directions.
Contribution
It provides the first comprehensive survey of LLM applications in vulnerability detection and repair, categorizing techniques and identifying research gaps.
Findings
Reviewed 58 papers from top venues and preprints.
Categorized LLM adaptation techniques for detection and repair.
Outlined future research opportunities and limitations.
Abstract
The significant advancements in Large Language Models (LLMs) have resulted in their widespread adoption across various tasks within Software Engineering (SE), including vulnerability detection and repair. Numerous studies have investigated the application of LLMs to enhance vulnerability detection and repair tasks. Despite the increasing research interest, there is currently no existing survey that focuses on the utilization of LLMs for vulnerability detection and repair. In this paper, we aim to bridge this gap by offering a systematic literature review of approaches aimed at improving vulnerability detection and repair through the utilization of LLMs. The review encompasses research work from leading SE, AI, and Security conferences and journals, encompassing 43 papers published across 25 distinct venues, along with 15 high-quality preprint papers, bringing the total to 58 papers. By…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection · Software System Performance and Reliability · Topic Modeling