The reviewed record of science sign in
Pith

arxiv: 2406.11147 · v3 · pith:5LBZH3EQ · submitted 2024-06-17 · cs.SE · cs.AI

Vul-RAG: Enhancing LLM-based Vulnerability Detection via Knowledge-level RAG

Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel pith:5LBZH3EQrecord.jsonopen to challenge →

classification cs.SE cs.AI
keywords vulnerabilitydetectionllmsaccuracyvul-ragcodeenhancingknowledge
0
0 comments X
read the original abstract

Although LLMs have shown promising potential in vulnerability detection, this study reveals their limitations in distinguishing between vulnerable and similar-but-benign patched code (only 0.06 - 0.14 accuracy). It shows that LLMs struggle to capture the root causes of vulnerabilities during vulnerability detection. To address this challenge, we propose enhancing LLMs with multi-dimensional vulnerability knowledge distilled from historical vulnerabilities and fixes. We design a novel knowledge-level Retrieval-Augmented Generation framework Vul-RAG, which improves LLMs with an accuracy increase of 16% - 24% in identifying vulnerable and patched code. Additionally, vulnerability knowledge generated by Vul-RAG can further (1) serve as high-quality explanations to improve manual detection accuracy (from 60% to 77%), and (2) detect 10 previously-unknown bugs in the recent Linux kernel release with 6 assigned CVEs.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 9 Pith papers

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. Acoda: Adversarial Code Obfuscation for Defending against LLM-based Analysis

    cs.SE 2026-06 unverdicted novelty 6.0

    Acoda uses a genetic algorithm to optimize eight obfuscation methods that reduce LLM code analysis success rates to as low as 30% while preserving original semantics.

  2. FuzzingBrain V2: A Multi-Agent LLM System for Automated Vulnerability Discovery and Reproduction

    cs.CR 2026-05 unverdicted novelty 6.0

    FuzzingBrain V2, a multi-agent LLM system with a novel Suspicious Point abstraction and dual-layer fuzzing, reports 90% detection on a C/C++ benchmark and 29 confirmed zero-day vulnerabilities in real open-source projects.

  3. Three Heads Are Better Than One: A Multi-perspective Reasoning Framework for Enhanced Vulnerability Detection

    cs.SE 2026-05 conditional novelty 6.0

    ReasonVul deploys three LLM agents with independent analysis and structured debate to achieve 40% PairAcc and 72.52% F1 on PrimeVul, outperforming baselines by 81% in PairAcc.

  4. Comprehensive AI governance requires addressing non-model gains

    cs.CY 2026-05 unverdicted novelty 6.0

    Non-model gains via inference, systems, and assets can drive AI capabilities independently of base models, requiring governance beyond model-level evaluation and mitigation.

  5. AnyPoC: Universal Proof-of-Concept Test Generation for Scalable LLM-Based Bug Detection

    cs.SE 2026-04 conditional novelty 6.0

    AnyPoC introduces a multi-agent system for generating and validating PoC tests from LLM bug reports, producing 1.3x more valid PoCs, rejecting 9.8x more false positives, and discovering 122 new bugs across 12 major projects.

  6. QuiLL: An LLM-Based Vulnerability Assessment Framework for the Wild

    cs.CR 2025-10 unverdicted novelty 6.0

    QuiLL is a new evaluation pipeline that uses optimized LLM prompts, dynamic in-context learning from an NVD vector store, and a novel accuracy-plus-reasoning metric to benchmark vulnerability detection in real code.

  7. Evaluating LLMs for Real-World Web Vulnerability Detection

    cs.CR 2026-06 unverdicted novelty 5.0

    Frontier LLMs detect up to 63% of web vulnerabilities in WordPress plugins with scoped prompts outperforming open-ended ones, but all show low consistency across runs and miss some baseline issues.

  8. Evaluating Retrieval-Augmented Generation for Explainable Malware Analysis

    cs.CR 2026-05 unverdicted novelty 5.0

    RAG frequently degrades LLM malware explanations when structured VirusTotal input is already available by introducing irrelevant context and narrative noise.

  9. Large Language Model-Based Agents for Software Engineering: A Survey

    cs.SE 2024-09 unverdicted novelty 4.0

    A literature survey that collects and categorizes 124 papers on LLM-based agents for software engineering from SE and agent perspectives.