Advances in Software Security and Vulnerability Detection

The field of software security and vulnerability detection is rapidly evolving, with a focus on developing innovative techniques to identify and mitigate potential threats. Recent research has explored the use of graph-based reasoning, hybrid network models, and large language models (LLMs) to improve the accuracy and efficiency of vulnerability detection. These approaches have shown promising results, with some studies achieving significant improvements in detection rates and reduced false positives. The use of LLMs, in particular, has emerged as a key area of research, with applications in code generation, code review, and vulnerability detection. Noteworthy papers in this area include Hound, which introduces a relation-first graph engine for complex-system reasoning in security audits, and GRASP, which explores a new direction in fortifying LLM-based code generation with graph-based reasoning on secure coding practices. Additionally, papers such as Lexo and TITAN have demonstrated the potential of LLMs in eliminating stealthy supply-chain attacks and graph-executable reasoning for cyber threat intelligence, respectively.

Sources

Hound: Relation-First Knowledge Graphs for Complex-System Reasoning in Security Audits

Fortifying LLM-Based Code Generation with Graph-Based Reasoning on Secure Coding Practices

Learning Joint Embeddings of Function and Process Call Graphs for Malware Detection

OBsmith: Testing JavaScript Obfuscator using LLM-powered sketching

Bridging Semantics & Structure for Software Vulnerability Detection using Hybrid Network Models

Abstract String Domain Defined with Word Equations as a Reduced Product (Extended Version)

Evaluating Line-level Localization Ability of Learning-based Code Vulnerability Detection Models

Living Off the LLM: How LLMs Will Change Adversary Tactics

iCodeReviewer: Improving Secure Code Review with Mixture of Prompts

Clutch Control: An Attention-based Combinatorial Bandit for Efficient Mutation in JavaScript Engine Fuzzing

Applying Graph Analysis for Unsupervised Fast Malware Fingerprinting

Benchmarking Correctness and Security in Multi-Turn Code Generation

Match & Mend: Minimally Invasive Local Reassembly for Patching N-day Vulnerabilities in ARM Binaries

Lexo: Eliminating Stealthy Supply-Chain Attacks via LLM-Assisted Program Regeneration

TITAN: Graph-Executable Reasoning for Cyber Threat Intelligence

Leveraging Code Cohesion Analysis to Identify Source Code Supply Chain Attacks

Built with on top of