Code Vulnerability Detection with Large Language Models Based on Multi-Agent

Bachelor & Master Thesis

Although large language models currently possess powerful code generation capabilities, the security of code generated by these models remains a concern. Current large language models cannot guarantee that the code they generate is free from vulnerabilities. Once this potentially vulnerable code is applied in real software, it could be exploited by hackers to launch attacks, leading to significant economic losses. To enhance the trustworthiness of code generated by large models, it is essential to perform vulnerability detection on the generated code.

Based on existing research, directly using large language models for vulnerability detection has not yielded satisfactory results [1,2]. Therefore, designing effective methods to leverage large language models for efficient vulnerability detection has become a hot research topic.

In this project, students will be required to investigate and summarize existing literature on using large language models for code vulnerability detection. They will also learn about cutting-edge technologies such as multi-agent systems in large language models and apply these techniques to code vulnerability detection.

Required knowledge:

Strong programming background, especially proficient in python. u Experience of training deep learning models with Pytorch.
Familiar with static analysis techniques.

Reference:

[1] Noever, D. (2023). Can large language models find and fix vulnerable software?. arXiv preprint arXiv:2308.10345.

[2] Steenhoek, B., Rahman, M. M., Roy, M. K., Alam, M. S., Barr, E. T., & Le, W. (2024). A Comprehensive Study of the Capabilities of Large Language Models for Vulnerability Detection. arXiv preprint arXiv:2403.17218.

To top

Chair of Software Engineering & AI

Prof. Chunyang Chen

Technische Universität München
TUM School of Computation, Information and Technology
Bildungscampus 2
74076 Heilbronn