Security Vulnerability Detection with Multitask Self-Instructed Fine-Tuning of Large Language Models

arXiv:2406.05892v1 Announce Type: new
Abstract: Software security vulnerabilities allow attackers to perform malicious activities to disrupt software operations. Recent Transformer-based language models have significantly advanced vulnerability detection, surpassing the capabilities of static analysis based deep learning models. However, language models trained solely on code tokens do not capture either the explanation of vulnerability type or the data flow structure information of code, both of which are crucial for vulnerability detection. We propose a novel technique that integrates a multitask sequence-to-sequence …

advanced analysis arxiv attackers capabilities capture code cs.cr cs.lg cs.se deep learning detection disrupt fine-tuning language language models large malicious malicious activities operations security security vulnerability software software security static static analysis tokens vulnerabilities vulnerability vulnerability detection