Recent advances in Large Language Models (LLMs) have shown considerable potential for automating source-level vulnerability detection. However, existing supervised fine-tuning approaches for LLMs are constrained by the scarcity of high-quality SFT datasets, and therefore typically produce only binary predictions indicating the presence or absence of vulnerabilities. As a result, they fail to fully leverage a key advantage of LLMs: providing developers with informative reasoning about vulnerability causes and actionable remediation guidance. To enable developer-friendly vulnerability analysis under limited labeled data, we propose MCTS-VUL, a teacher–student self-training framework that integrates LLMs with Monte Carlo Tree Search (MCTS) to generate structured reasoning traces for vulnerability detection. MCTS-VUL employs a value model to guide the search process and identify high-quality reasoning paths. Experimental results demonstrate that our approach not only generates developer-oriented reasoning traces, but also achieves competitive or state-of-the-art performance across three public datasets. These results further indicate that the generated reasoning traces effectively facilitate LLMs in learning the underlying causes of vulnerabilities.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

MCTS-VUL: Self-training Large Language Models via Monte Carlo Tree Search for Vulnerability Detection

  • Jujie Wang,
  • Kangfeng Zheng,
  • Bin Wu,
  • Chunhua Wu,
  • Yulin Yao,
  • Jiaqi Gao,
  • Minjiao Yang

摘要

Recent advances in Large Language Models (LLMs) have shown considerable potential for automating source-level vulnerability detection. However, existing supervised fine-tuning approaches for LLMs are constrained by the scarcity of high-quality SFT datasets, and therefore typically produce only binary predictions indicating the presence or absence of vulnerabilities. As a result, they fail to fully leverage a key advantage of LLMs: providing developers with informative reasoning about vulnerability causes and actionable remediation guidance. To enable developer-friendly vulnerability analysis under limited labeled data, we propose MCTS-VUL, a teacher–student self-training framework that integrates LLMs with Monte Carlo Tree Search (MCTS) to generate structured reasoning traces for vulnerability detection. MCTS-VUL employs a value model to guide the search process and identify high-quality reasoning paths. Experimental results demonstrate that our approach not only generates developer-oriented reasoning traces, but also achieves competitive or state-of-the-art performance across three public datasets. These results further indicate that the generated reasoning traces effectively facilitate LLMs in learning the underlying causes of vulnerabilities.