LLM-Based Vulnerability Detection in Decompiled Binary Code for Automated Reverse Engineering
摘要
A portable and interpretable model of function-lvl static vulnerability finding has been created with the help of pretrained large language design. Devign dataset provided Code snippets which were embedded by means of CodeT5, transformer-based model pretrained on code representation tasks. These embeddings were seen as fixed length feature vectors and were tested using standard machine learning classifiers such as logistic regression, random forest, multilayer perceptron, and XGBoost. To make the classification more robust a stacking ensemble was also tested. The proposed pipeline is preferable to the traditional methods based on graph neural networks or a program analysis framework in that no fine-tuning is necessary and the implementation of static semantic embedding is suggested, which is efficient to train and convenient to apply to practice. By showing that transformer-based code comprehension with simpler classifiers can be used as an effective method of finding function-level vulnerability, the approach has provided a valid path needed to integrate LLM-based vulnerability researching into reliable security review automation pipelines.