The field of cybersecurity is rapidly evolving, with a growing focus on developing innovative solutions to detect and mitigate vulnerabilities. Recent research has made significant strides in improving the accuracy and efficiency of vulnerability detection, particularly through the use of large language models (LLMs) and machine learning algorithms. One notable trend is the integration of LLMs with traditional vulnerability detection methods, enabling more effective identification of potential threats. Additionally, there is a increasing interest in exploring alternative approaches to malware analysis, such as signal-based classification and audio bug reporting. Noteworthy papers in this area include LLM-HyPZ, which proposes a hybrid framework for zero-shot knowledge extraction and refinement to identify hardware-related vulnerabilities, and VulRTex, which presents a reasoning-guided approach to identify vulnerability-related issue reports with rich-text information. Overall, these advancements have the potential to significantly enhance the security and resilience of software systems.
Advances in Vulnerability Detection and Malware Analysis
Sources
Cross-Domain Malware Detection via Probability-Level Fusion of Lightweight Gradient Boosting Models
Bug Whispering: Towards Audio Bug Reporting
LLM-HyPZ: Hardware Vulnerability Discovery using an LLM-Assisted Hybrid Platform for Zero-Shot Knowledge Extraction and Refinement
VULSOVER: Vulnerability Detection via LLM-Driven Constraint Solving
A Survey on the Techniques and Tools for Automated Requirements Elicitation and Analysis of Mobile Apps
From Attack Descriptions to Vulnerabilities: A Sentence Transformer-Based Approach
From CVE Entries to Verifiable Exploits: An Automated Multi-Agent Framework for Reproducing CVEs
TraceLLM: Security Diagnosis Through Traces and Smart Contracts in Ethereum
VulnRepairEval: An Exploit-Based Evaluation Framework for Assessing Large Language Model Vulnerability Repair Capabilities
Towards the Datasets Used in Requirements Engineering of Mobile Apps: Preliminary Findings from a Systematic Mapping Study
BIDO: A Unified Approach to Address Obfuscation and Concept Drift Challenges in Image-based Malware Detection
VulRTex: A Reasoning-Guided Approach to Identify Vulnerabilities from Rich-Text Issue Report
Vulnerability-Affected Versions Identification: How Far Are We?
Revisiting Third-Party Library Detection: A Ground Truth Dataset and Its Implications Across Security Tasks
An Empirical Study of Vulnerabilities in Python Packages and Their Detection
FaaSGuard: Secure CI/CD for Serverless Applications -- An OpenFaaS Case Study
RINSER: Accurate API Prediction Using Masked Language Models
Adversarial Bug Reports as a Security Risk in Language Model-Based Automated Program Repair
Empirical Study of Code Large Language Models for Binary Security Patch Detection
Breaking SafetyCore: Exploring the Risks of On-Device AI Deployment
NeuroDeX: Unlocking Diverse Support in Decompiling Deep Neural Network Executables
When Code Crosses Borders: A Security-Centric Evaluation of LLM-based Code Translation
Signal-Based Malware Classification Using 1D CNNs