VulTriage: LLM-Based Vulnerability Detection with Triple-Path Context
VulTriage is a framework for LLM-based vulnerability detection that augments input through three paths: Control Path (AST, CFG, DFG), Knowledge Path (CWE patterns), and Semantic Path. It addresses limitations of raw code prompting.
Key facts
- arXiv:2605.09461
- VulTriage uses triple-path context augmentation
- Control Path extracts AST, CFG, DFG
- Knowledge Path retrieves CWE patterns
- Aims to reduce missed vulnerabilities and false alarms
- Focuses on subtle semantic differences
- Proposed for LLM-based vulnerability detection
- Automated vulnerability detection task
Entities
Institutions
- arXiv