System for Automatic Bug Detection in Code and Programs Using LLMs and AI Agents
摘要
We propose an automated vulnerability detection system that synergizes static analysis and fuzzing target identification through LLMs and AI agents. Building on the Dante system, our solution integrates various reasoning models and leverages a dynamic dataset from student code contributions. The system employs reinforcement learning, prompt crafting, and test-time computing techniques to refine the detection of critical vulnerabilities in C codebases. A multi-step automated workflow performs detailed static code analysis, extracts fuzzing targets, and iteratively compiles and tests code snippets. Log outputs are summarized using reasoning models, highlighting only the most relevant errors.