Enhancing Large Language Models with Faster Code Preprocessing for Vulnerability Detection
This work addresses the problem of efficient and adaptable code preprocessing for software vulnerability detection, primarily benefiting developers and security analysts, and is incremental as it builds on an existing framework.
The paper tackled the challenge of standardizing code representation for vulnerability detection by enhancing the SCoPE framework to SCoPE2, resulting in a 97.3% reduction in processing time and an improved F1-score for a Large Language Model.
The application of Artificial Intelligence has become a powerful approach to detecting software vulnerabilities. However, effective vulnerability detection relies on accurately capturing the semantic structure of code and its contextual relationships. Given that the same functionality can be implemented in various forms, a preprocessing tool that standardizes code representation is important. This tool must be efficient, adaptable across programming languages, and capable of supporting new transformations. To address this challenge, we build on the existing SCoPE framework and introduce SCoPE2, an enhanced version with improved performance. We compare both versions in terms of processing time and memory usage and evaluate their impact on a Large Language Model (LLM) for vulnerability detection. Our results show a 97.3\% reduction in processing time with SCoPE2, along with an improved F1-score for the LLM, solely due to the refined preprocessing approach.