Evaluating LLM Adaptation Techniques for Cybersecurity Vulnerability Detection: A Comparative Review of Retrieval-Augmented Generation and Fine-Tuning
摘要
Confronting sophisticated cyber threats necessitates advanced vulnerability detection techniques. While Large Language Models (LLMs) offer transformative potential, the optimal strategies for their adaptation remain debated. This paper presents the first systematic literature review, guided by the PRISMA methodology, to comparatively analyze Retrieval-Augmented Generation (RAG) and Fine-Tuning for vulnerability detection based on 35 key studies (2020–2024). We demonstrate that both methods elevate performance over traditional methods, with RAG showing superior adaptability (85–90% precision) for dynamic threats, and Fine-Tuning excelling in specialized tasks (80–85% precision). Our analysis provides crucial, evidence-based guidance on selecting LLM strategies tailored to operational needs. By synthesizing performance benchmarks and operational trade-offs, this review provides a crucial, evidence-based decision framework for selecting the optimal LLM adaptation strategy in cybersecurity.