{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,28]],"date-time":"2026-04-28T17:27:48Z","timestamp":1777397268695,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":35,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,4,14]],"date-time":"2024-04-14T00:00:00Z","timestamp":1713052800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,4,14]]},"DOI":"10.1145\/3639476.3639762","type":"proceedings-article","created":{"date-parts":[[2024,5,24]],"date-time":"2024-05-24T15:15:01Z","timestamp":1716563701000},"page":"47-51","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":106,"title":["Large Language Model for Vulnerability Detection: Emerging Results and Future Directions"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4558-0622","authenticated-orcid":false,"given":"Xin","family":"Zhou","sequence":"first","affiliation":[{"name":"School of Computing and Information Systems, Singapore Management University, Singapore, Singapore"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6001-1372","authenticated-orcid":false,"given":"Ting","family":"Zhang","sequence":"additional","affiliation":[{"name":"School of Computing and Information Systems, Singapore Management University, Singapore, Singapore"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4367-7201","authenticated-orcid":false,"given":"David","family":"Lo","sequence":"additional","affiliation":[{"name":"School of Computing and Information Systems, Singapore Management University, Singapore, Singapore"}]}],"member":"320","published-online":{"date-parts":[[2024,5,24]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"https:\/\/www.bankinfosecurity.com\/ms-exchange-flaw-causes-spike-intrdownloader-gen-trojans-a-16236","author":"Flaw Microsoft Exchange","year":"2022","unstructured":"Microsoft Exchange Flaw: Attacks Surge After Code Published. https:\/\/www.bankinfosecurity.com\/ms-exchange-flaw-causes-spike-intrdownloader-gen-trojans-a-16236, 2022."},{"key":"e_1_3_2_1_2_1","first-page":"1","article-title":"Symantec global internet security threat report-trends for july-december 07","volume":"13","author":"Turner Dean","year":"2008","unstructured":"Dean Turner, Marc Fossi, Eric Johnson, Trevor Mack, Joseph Blackbird, Stephen Entwisle, Mo King Low, David McKinney, and Candid Wueest. Symantec global internet security threat report-trends for july-december 07. Symantec Enterprise Security, 13:1--36, 2008.","journal-title":"Symantec Enterprise Security"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN55064.2022.9892280"},{"key":"e_1_3_2_1_4_1","first-page":"608","volume-title":"Proceedings of the 19th International Conference on Mining Software Repositories","author":"Fu Michael","year":"2022","unstructured":"Michael Fu and Chakkrit Tantithamthavorn. Linevul: a transformer-based line-level vulnerability prediction. In Proceedings of the 19th International Conference on Mining Software Repositories, pages 608--620, 2022."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"crossref","first-page":"178","DOI":"10.1145\/3510454.3516865","volume-title":"Proceedings of the ACM\/IEEE 44th International Conference on Software Engineering: Companion Proceedings","author":"Nguyen Van-Anh","year":"2022","unstructured":"Van-Anh Nguyen, Dai Quoc Nguyen, Van Nguyen, Trung Le, Quan Hung Tran, and Dinh Phung. Regvd: Revisiting graph neural networks for vulnerability detection. In Proceedings of the ACM\/IEEE 44th International Conference on Software Engineering: Companion Proceedings, pages 178--182, 2022."},{"key":"e_1_3_2_1_6_1","volume-title":"Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks. Advances in neural information processing systems, 32","author":"Zhou Yaqin","year":"2019","unstructured":"Yaqin Zhou, Shangqing Liu, Jingkai Siow, Xiaoning Du, and Yang Liu. Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks. Advances in neural information processing systems, 32, 2019."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2020.findings-emnlp.139"},{"key":"e_1_3_2_1_8_1","volume-title":"Keep the conversation going: Fixing 162 out of 337 bugs for $0.42 each using chatgpt. In arXiv preprint arXiv:2304.00385","author":"Xia Chunqiu Steven","year":"2023","unstructured":"Chunqiu Steven Xia and Lingming Zhang. Keep the conversation going: Fixing 162 out of 337 bugs for $0.42 each using chatgpt. In arXiv preprint arXiv:2304.00385, 2023."},{"key":"e_1_3_2_1_9_1","volume-title":"Ferdian Thung, and David Lo. Cupid: Leveraging chatgpt for more accurate duplicate bug report detection. arXiv preprint arXiv:2308.10022","author":"Zhang Ting","year":"2023","unstructured":"Ting Zhang, Ivana Clairine Irsan, Ferdian Thung, and David Lo. Cupid: Leveraging chatgpt for more accurate duplicate bug report detection. arXiv preprint arXiv:2308.10022, 2023."},{"key":"e_1_3_2_1_10_1","volume-title":"Ferdian Thung, and David Lo. Revisiting sentiment analysis for software engineering in the era of large language models. arXiv preprint arXiv:2310.11113","author":"Zhang Ting","year":"2023","unstructured":"Ting Zhang, Ivana Clairine Irsan, Ferdian Thung, and David Lo. Revisiting sentiment analysis for software engineering in the era of large language models. arXiv preprint arXiv:2310.11113, 2023."},{"key":"e_1_3_2_1_11_1","volume-title":"Exploring parameter-efficient fine-tuning techniques for code generation with large language models. arXiv preprint arXiv:2308.10462","author":"Weyssow Martin","year":"2023","unstructured":"Martin Weyssow, Xin Zhou, Kisub Kim, David Lo, and Houari Sahraoui. Exploring parameter-efficient fine-tuning techniques for code generation with large language models. arXiv preprint arXiv:2308.10462, 2023."},{"key":"e_1_3_2_1_12_1","volume-title":"Patchzero: Zero-shot automatic patch correctness assessment. arXiv preprint arXiv:2303.00202","author":"Zhou Xin","year":"2023","unstructured":"Xin Zhou, Bowen Xu, Kisub Kim, DongGyun Han, Thanh Le-Cong, Junda He, Bach Le, and David Lo. Patchzero: Zero-shot automatic patch correctness assessment. arXiv preprint arXiv:2303.00202, 2023."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"crossref","first-page":"70","DOI":"10.1109\/ICSME46990.2020.00017","volume-title":"2020 IEEE International Conference on Software Maintenance and Evolution (ICSME)","author":"Zhang Ting","year":"2020","unstructured":"Ting Zhang, Bowen Xu, Ferdian Thung, Stefanus Agus Haryono, David Lo, and Lingxiao Jiang. Sentiment analysis for software engineering: How far can pre-trained transformer models go? In 2020 IEEE International Conference on Software Maintenance and Evolution (ICSME), pages 70--80. IEEE, 2020."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"crossref","first-page":"425","DOI":"10.1109\/ICSME52107.2021.00044","volume-title":"2021 IEEE International Conference on Software Maintenance and Evolution (ICSME)","author":"Zhou Xin","year":"2021","unstructured":"Xin Zhou, DongGyun Han, and David Lo. Assessing generalizability of codebert. In 2021 IEEE International Conference on Software Maintenance and Evolution (ICSME), pages 425--436. IEEE, 2021."},{"key":"e_1_3_2_1_15_1","volume-title":"Lora: Low-rank adaptation of large language models. ArXiv, abs\/2106.09685","author":"Hu Edward J.","year":"2022","unstructured":"Edward J. Hu, Yelong Shen, Phillip Wallis, Zeyuan Allen-Zhu, Yuanzhi Li, Shean Wang, and Weizhu Chen. Lora: Low-rank adaptation of large language models. ArXiv, abs\/2106.09685, 2022."},{"key":"e_1_3_2_1_16_1","volume-title":"Language models are few-shot learners. Advances in neural information processing systems, 33:1877--1901","author":"Brown Tom","year":"2020","unstructured":"Tom Brown, Benjamin Mann, Nick Ryder, Melanie Subbiah, Jared D Kaplan, Prafulla Dhariwal, Arvind Neelakantan, Pranav Shyam, Girish Sastry, Amanda Askell, et al. Language models are few-shot learners. Advances in neural information processing systems, 33:1877--1901, 2020."},{"key":"e_1_3_2_1_17_1","volume-title":"Yangtian Zi, Niklas Muennighoff, Denis Kocetkov, Chenghao Mou, Marc Marone, Christopher Akiki, Jia Li, Jenny Chim, et al. Starcoder: may the source be with you! arXiv preprint arXiv:2305.06161","author":"Li Raymond","year":"2023","unstructured":"Raymond Li, Loubna Ben Allal, Yangtian Zi, Niklas Muennighoff, Denis Kocetkov, Chenghao Mou, Marc Marone, Christopher Akiki, Jia Li, Jenny Chim, et al. Starcoder: may the source be with you! arXiv preprint arXiv:2305.06161, 2023."},{"key":"e_1_3_2_1_18_1","unstructured":"https:\/\/cwe.mitre.org\/top25\/archive\/2022\/2022_cwe_top25.html 2022."},{"key":"e_1_3_2_1_19_1","volume-title":"45th International Conference on Software Engineering, ICSE 2023","author":"Pan Shengyi","year":"2023","unstructured":"Shengyi Pan, Lingfeng Bao, Xin Xia, David Lo, and Shanping Li. Fine-grained commit-level vulnerability type prediction by cwe tree structure. In 45th International Conference on Software Engineering, ICSE 2023, 2023."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/3379597.3387501"},{"key":"e_1_3_2_1_21_1","unstructured":"https:\/\/openai.com\/pricing 2023."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE48619.2023.00188"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2931037.2931051"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3540250.3549171"},{"key":"e_1_3_2_1_25_1","volume-title":"Burpgpt - chatgpt powered automated vulnerability detection tool. https:\/\/burpgpt.app\/#faq","author":"Teyar Alexandre","year":"2023","unstructured":"Alexandre Teyar. Burpgpt - chatgpt powered automated vulnerability detection tool. https:\/\/burpgpt.app\/#faq, 2023."},{"key":"e_1_3_2_1_26_1","unstructured":"PortSwigger. Burp suite - application security testing software. https:\/\/portswigger.net\/burp."},{"key":"e_1_3_2_1_27_1","unstructured":"Vicarius. vuln_gpt debuts as ai-powered approach to find and remediate software vulnerabilities. https:\/\/venturebeat.com\/ai\/got-vulns-vuln_gpt-debuts-as-ai-powered-approach-to-find-and-remediate-software-vulnerabilities\/ 2023."},{"key":"e_1_3_2_1_28_1","volume-title":"Prompt-enhanced software vulnerability detection using chatgpt. arXiv preprint arXiv:2308.12697","author":"Zhang Chenyuan","year":"2023","unstructured":"Chenyuan Zhang, Hao Liu, Jiutian Zeng, Kejing Yang, Yuhong Li, and Hui Li. Prompt-enhanced software vulnerability detection using chatgpt. arXiv preprint arXiv:2308.12697, 2023."},{"key":"e_1_3_2_1_29_1","volume-title":"Pentagon testing generative AI in 'global information dominance' experiments. https:\/\/defensescoop.com\/2023\/07\/14\/pentagon-testing-generative-ai-in-global-information-dominance-experiments\/","author":"Harper Jon","year":"2023","unstructured":"Jon Harper. Pentagon testing generative AI in 'global information dominance' experiments. https:\/\/defensescoop.com\/2023\/07\/14\/pentagon-testing-generative-ai-in-global-information-dominance-experiments\/, 2023."},{"key":"e_1_3_2_1_30_1","volume-title":"Samsung Bans Use of Generative AI Tools on Company-Owned Devices Over Security Concerns. https:\/\/www.tech360.tv\/samsung-bans-use-generative-ai-tools","author":"Chua Kyle","year":"2023","unstructured":"Kyle Chua. Samsung Bans Use of Generative AI Tools on Company-Owned Devices Over Security Concerns. https:\/\/www.tech360.tv\/samsung-bans-use-generative-ai-tools, 2023."},{"key":"e_1_3_2_1_31_1","volume-title":"Apple Bans Internal Use of ChatGPT GitHub Copilot Over Fear of Leaks. https:\/\/www.tech360.tv\/apple-bans-internal-use-chatgpt-github-copilot-over-fears-of-leaks","author":"Chua Kyle","year":"2023","unstructured":"Kyle Chua. Apple Bans Internal Use of ChatGPT GitHub Copilot Over Fear of Leaks. https:\/\/www.tech360.tv\/apple-bans-internal-use-chatgpt-github-copilot-over-fears-of-leaks, 2023."},{"key":"e_1_3_2_1_32_1","volume-title":"Llama 2: Open foundation and fine-tuned chat models. arXiv preprint arXiv:2307.09288","author":"Touvron Hugo","year":"2023","unstructured":"Hugo Touvron, Louis Martin, Kevin Stone, Peter Albert, Amjad Almahairi, Yasmine Babaei, Nikolay Bashlykov, Soumya Batra, Prajjwal Bhargava, Shruti Bhosale, et al. Llama 2: Open foundation and fine-tuned chat models. arXiv preprint arXiv:2307.09288, 2023."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3510003.3510146"},{"key":"e_1_3_2_1_34_1","volume-title":"The devil is in the tails: How long-tailed code distributions impact large language models. arXiv preprint arXiv:2309.03567","author":"Zhou Xin","year":"2023","unstructured":"Xin Zhou, Kisub Kim, Bowen Xu, Jiakun Liu, DongGyun Han, and David Lo. The devil is in the tails: How long-tailed code distributions impact large language models. arXiv preprint arXiv:2309.03567, 2023."},{"key":"e_1_3_2_1_35_1","volume-title":"Trustworthy and synergistic artificial intelligence for software engineering: Vision and roadmaps. CoRR, abs\/2309.04142","author":"Lo David","year":"2023","unstructured":"David Lo. Trustworthy and synergistic artificial intelligence for software engineering: Vision and roadmaps. CoRR, abs\/2309.04142, 2023."}],"event":{"name":"ICSE-NIER'24: 2024 ACM\/IEEE 44th International Conference on Software Engineering: New Ideas and Emerging Results","location":"Lisbon Portugal","acronym":"ICSE-NIER'24","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering","IEEE CS","Faculty of Engineering of University of Porto"]},"container-title":["Proceedings of the 2024 ACM\/IEEE 44th International Conference on Software Engineering: New Ideas and Emerging Results"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3639476.3639762","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3639476.3639762","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T22:53:38Z","timestamp":1750287218000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3639476.3639762"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,4,14]]},"references-count":35,"alternative-id":["10.1145\/3639476.3639762","10.1145\/3639476"],"URL":"https:\/\/doi.org\/10.1145\/3639476.3639762","relation":{},"subject":[],"published":{"date-parts":[[2024,4,14]]},"assertion":[{"value":"2024-05-24","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}