Assessing the Effectiveness of LLMs in Android Application Vulnerability Analysis

TL;DR

This study evaluates nine state-of-the-art large language models' effectiveness in detecting Android application vulnerabilities, comparing their performance on a dataset of vulnerable code samples and exploring retrieval-augmented techniques.

Contribution

It provides a comprehensive comparison of LLMs in Android vulnerability detection and introduces insights into context augmentation methods like RAG for improved security analysis.

Findings

Significant performance differences among LLMs in vulnerability detection

Retrieval-augmented generation enhances detection capabilities

Performance varies with obfuscated code samples

Abstract

The increasing frequency of attacks on Android applications coupled with the recent popularity of large language models (LLMs) necessitates a comprehensive understanding of the capabilities of the latter in identifying potential vulnerabilities, which is key to mitigate the overall risk. To this end, the work at hand compares the ability of nine state-of-the-art LLMs to detect Android code vulnerabilities listed in the latest Open Worldwide Application Security Project (OWASP) Mobile Top 10. Each LLM was evaluated against an open dataset of over 100 vulnerable code samples, including obfuscated ones, assessing each model's ability to identify key vulnerabilities. Our analysis reveals the strengths and weaknesses of each LLM, identifying important factors that contribute to their performance. Additionally, we offer insights into context augmentation with retrieval-augmented generation (RAG) for detecting Android code vulnerabilities, which in turn may propel secure application development. Finally, while the reported findings regarding code vulnerability analysis show promise, they also reveal significant discrepancies among the different LLMs.