{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T23:14:41Z","timestamp":1780355681578,"version":"3.54.1"},"reference-count":53,"publisher":"SAGE Publications","issue":"1","license":[{"start":{"date-parts":[[2025,8,19]],"date-time":"2025-08-19T00:00:00Z","timestamp":1755561600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/journals.sagepub.com\/page\/policies\/text-and-data-mining-license"}],"content-domain":{"domain":["journals.sagepub.com"],"crossmark-restriction":true},"short-container-title":["Integrated Computer-Aided Engineering"],"published-print":{"date-parts":[[2026,2]]},"abstract":"Organizations nowadays rely on intensive software systems to support their business operations but vulnerabilities within these systems can cause potential risks for major disruption. AI-based techniques are now widely considered for vulnera-bility identification; however effectiveness heavily relies on the dataset\u2019s size and quality. These techniques often lack contextual information while processing data and pose challenges in resource-constrained environments. AI models are generally black box in nature which creates additional challenges to understand decision making processes. This work proposes a novel hybrid framework using LLM model based on CodeBERT with integration of fine-tuning and Model-Agnostic Meta-Learning for performing effective vulnerability detection. It includes few-shot learning technique for new vulnerability detection tasks while maintaining high performance on known cases. The approach adopts Explainable AI techniques from four dimensions including attention mechanisms, layer-wise analysis, feature contribution, and model confidence scores to explain model decision making. An experiment demonstrates the framework\u2019s effectiveness, show-ing steady decrease in meta-loss from 0.45 to 0.14, accompanied by increase in support accuracy from 85.2% to 92.5%. These findings establish the proposed framework as a robust and interpretable solution for vulnerability detection and management.<\/jats:p>","DOI":"10.1177\/10692509251368663","type":"journal-article","created":{"date-parts":[[2025,8,19]],"date-time":"2025-08-19T07:03:50Z","timestamp":1755587030000},"page":"38-54","update-policy":"https:\/\/doi.org\/10.1177\/sage-journals-update-policy","source":"Crossref","is-referenced-by-count":4,"title":["Large language model based hybrid framework for automatic vulnerability detection with explainable AI for cybersecurity enhancement"],"prefix":"10.1177","volume":"33","author":[{"given":"Nihala","family":"Basheer","sequence":"first","affiliation":[{"name":"Anglia Ruskin University"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Shareeful","family":"Islam","sequence":"additional","affiliation":[{"name":"Anglia Ruskin University"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Mohammed KS","family":"Alwaheidi","sequence":"additional","affiliation":[{"name":"Cybersecurity Consultancy Services Department, Securology, Jeddah, Saudi Arabia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2599-0712","authenticated-orcid":false,"given":"Haralambos","family":"Mouratidis","sequence":"additional","affiliation":[{"name":"University of Essex"},{"name":"Security Labs Consulting, Cork, Ireland"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Spyridon","family":"Papastergiou","sequence":"additional","affiliation":[{"name":"MAGGIOLI S.P.A."},{"name":"Department of Informatics, University of Piraeus, Greece"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"179","published-online":{"date-parts":[[2025,8,19]]},"reference":[{"key":"e_1_3_3_2_2","unstructured":"NVD. Statistics. 2024. Available at: https:\/\/nvd.nist.gov\/vuln\/search\/statistics?form_type=Basic&isCpeNameSearch=false&search_type=all (Accessed: 10 December 2024)."},{"key":"e_1_3_3_3_2","unstructured":"Huang Q Zhao T. Data collection and labeling techniques for machine learning. arXiv preprint arXiv:2407.12793 2024."},{"key":"e_1_3_3_4_2","doi-asserted-by":"crossref","unstructured":"Mahyari AA. Harnessing the power of LLMs in source code vulnerability detection. arXiv preprint arXiv:2408.03489 2024.","DOI":"10.1109\/MILCOM61039.2024.10774025"},{"key":"e_1_3_3_5_2","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v38i19.30160"},{"key":"e_1_3_3_6_2","doi-asserted-by":"crossref","unstructured":"Li G Wang P Liu J et\u00a0al. Meta In-Context learning makes large language models better zero and Few-Shot relation extractors. arXiv preprint arXiv:2404.17807 2024.","DOI":"10.18653\/v1\/2023.findings-emnlp.459"},{"key":"e_1_3_3_7_2","unstructured":"Zheng H Shen L Tang A et\u00a0al. Learn from Model Beyond Fine-Tuning: a survey. arXiv preprint arXiv:2310.08184 2023."},{"key":"e_1_3_3_8_2","doi-asserted-by":"crossref","unstructured":"Sinha S Yue Y Soto V et\u00a0al. MAML-en-LLM: Model Agnostic Meta-Training of LLMs for Improved In-Context Learning. arXiv preprint arXiv:2405.11446 2024a.","DOI":"10.1145\/3637528.3671905"},{"key":"e_1_3_3_9_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2022.11.073"},{"key":"e_1_3_3_10_2","unstructured":"Vertsel A Rumiantsau M. Hybrid LLM\/Rule-based Approaches to Business Insights Generation from Structured Data. arXiv preprint arXiv:2404.15604 2024."},{"key":"e_1_3_3_11_2","doi-asserted-by":"publisher","DOI":"10.1109\/TCCN.2025.3528892"},{"key":"e_1_3_3_12_2","first-page":"100598","article-title":"Vulnerability detection using BERT based LLM model with transparency obligation practice towards trustworthy AI","volume":"18","author":"Haurogn\u00e9 J","year":"2024","unstructured":"Haurogn\u00e9 J, Basheer N, Islam S. Vulnerability detection using BERT based LLM model with transparency obligation practice towards trustworthy AI. Mach Learn Appl 2024; 18: 100598.","journal-title":"Mach Learn Appl"},{"key":"e_1_3_3_13_2","first-page":"132293C","article-title":"MAML-BERT in addressing low-resource text classification tasks","volume":"112","author":"Hu Y","year":"2024","unstructured":"Hu Y, Zhang G. MAML-BERT in addressing low-resource text classification tasks. Proceedings Volume 13229, Seventh International Conference on Advanced Electronic Materials, Computers, and Software Engineering (AEMCSE 2024) 2024; 112: 132293C.","journal-title":"Proceedings Volume 13229, Seventh International Conference on Advanced Electronic Materials, Computers, and Software Engineering (AEMCSE 2024)"},{"key":"e_1_3_3_14_2","doi-asserted-by":"publisher","DOI":"10.3233\/ICA-220689"},{"key":"e_1_3_3_15_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-023-00769-w"},{"key":"e_1_3_3_16_2","doi-asserted-by":"crossref","unstructured":"Sahoo SA. Meta-Learning for Large Language Models: Teaching LLMs to Learn New Tasks with Minimal Data. Available at SSRN 4977093 2024.","DOI":"10.2139\/ssrn.4977093"},{"key":"e_1_3_3_17_2","unstructured":"Wu M Vu T Qu L et\u00a0al. The Best of Both Worlds: Bridging Quality and Diversity in Data Selection with Bipartite Graph. arXiv preprint arXiv:2410.12458 2024a."},{"key":"e_1_3_3_18_2","unstructured":"Wu X Zhao H Zhu Y et\u00a0al. Usable XAI: 10 Strategies Towards Exploiting Explainability in the LLM Era. arXiv preprint arXiv:2403.08946 2024b."},{"key":"e_1_3_3_19_2","unstructured":"Bhattacharjee A Moraffah R Garland J et\u00a0al. LLMs as counterfactual explanation modules: Can ChatGPT explain black-box text classifiers? arXiv preprint arXiv:2309.13340 2023."},{"key":"e_1_3_3_20_2","unstructured":"Mavrepis P Makridis G Fatouros G et\u00a0al. XAI for All: Can Large Language Models Simplify Explainable AI? arXiv preprint arXiv:2401.13110 2024."},{"key":"e_1_3_3_21_2","unstructured":"Nicholls J Kuppa A Le-Khac N. Enhancing Illicit Activity Detection using XAI: A Multimodal Graph-LLM Framework. arXiv preprint arXiv:2310.13787 2023."},{"key":"e_1_3_3_22_2","doi-asserted-by":"crossref","unstructured":"Khediri A Slimi H Yahiaoui A et\u00a0al. Enhancing Machine Learning Model Interpretability in Intrusion Detection Systems through SHAP Explanations and LLM-Generated Descriptions. In: 2024 6th International Conference on Pattern Analysis and Intelligent Systems (PAIS) EL OUED Algeria 2024 pp.1\u20136.","DOI":"10.1109\/PAIS62114.2024.10541168"},{"key":"e_1_3_3_23_2","doi-asserted-by":"crossref","unstructured":"Zhou S Alon U Agarwal S et\u00a0al. CodeBERTScore: Evaluating Code Generation with Pretrained Models of Code. arXiv preprint arXiv:2302.05527 2023b.","DOI":"10.18653\/v1\/2023.emnlp-main.859"},{"key":"e_1_3_3_24_2","doi-asserted-by":"publisher","DOI":"10.1051\/wujns\/2023283237"},{"key":"e_1_3_3_25_2","doi-asserted-by":"crossref","unstructured":"Chai Y Zhang H Shen B et\u00a0al. Cross-domain deep code search with meta learning. In: Proceedings of the 44th International Conference on Software Engineering 2022.","DOI":"10.1145\/3510003.3510125"},{"key":"e_1_3_3_26_2","unstructured":"Cambria E Malandri L Mercorio F et\u00a0al. XAI meets LLMs: A Survey of the Relation between Explainable AI and Large Language Models. arXiv preprint arXiv:2407.15248 2024."},{"key":"e_1_3_3_27_2","doi-asserted-by":"publisher","DOI":"10.3390\/s24154859"},{"key":"e_1_3_3_28_2","unstructured":"Wikipedia contributors. Attention (machine learning). 2024. Available at: https:\/\/en.wikipedia.org\/wiki\/Attention_(machine_learning) (Accessed: 24 November 2024)."},{"key":"e_1_3_3_29_2","unstructured":"Vig J. Visualizing attention in Transformer-Based Language Representation models. arXiv preprint arXiv:1904.02679 2019."},{"key":"e_1_3_3_30_2","doi-asserted-by":"crossref","unstructured":"Pasad A Chou JC Livescu K. Layer-Wise Analysis of a Self-Supervised Speech Representation Model. In: 2021 IEEE Automatic Speech Recognition and Understanding Workshop (ASRU) Cartagena Colombia 2021 pp. 914\u2013921.","DOI":"10.1109\/ASRU51503.2021.9688093"},{"key":"e_1_3_3_31_2","doi-asserted-by":"publisher","DOI":"10.1021\/acs.analchem.4c02329"},{"key":"e_1_3_3_32_2","doi-asserted-by":"crossref","unstructured":"Basheer N Pranggono B Islam S et\u00a0al. Enhancing Malware Detection Through Machine Learning Using XAI with SHAP Framework. In: IFIP advances in information and communication technology 2024b pp. 316\u2013329.","DOI":"10.1007\/978-3-031-63211-2_24"},{"key":"e_1_3_3_33_2","unstructured":"Grandperrin J. How to use confidence scores in machine learning models. 2024. Available at: https:\/\/www.mindee.com\/blog\/how-use-confidence-scores-ml-models (Accessed: 26 November 2024)."},{"key":"e_1_3_3_34_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.csl.2024.101648"},{"key":"e_1_3_3_35_2","doi-asserted-by":"publisher","DOI":"10.1007\/s00138-023-01403-4"},{"key":"e_1_3_3_36_2","unstructured":"Finn C Abbeel P Levine S. Model-Agnostic Meta-Learning for fast adaptation of deep networks. arXiv preprint arXiv:1703.03400 2017."},{"key":"e_1_3_3_37_2","unstructured":"Miranda B Yu P Wang Y et\u00a0al. The Curse of Low Task Diversity: on the failure of transfer learning to outperform MAML and their empirical equivalence. arXiv preprint arXiv:2208.01545 2022."},{"key":"e_1_3_3_38_2","doi-asserted-by":"publisher","DOI":"10.1049\/cps2.12080"},{"key":"e_1_3_3_39_2","unstructured":"Tursun O Denman S Sridharan S et\u00a0al. Towards Self-Explainability of Deep Neural Networks with Heatmap Captioning and Large-Language Models. arXiv preprint arXiv:2304.02202 2023."},{"key":"e_1_3_3_40_2","unstructured":"Lubrano M Bellahsen-Harrar Y Fick R et\u00a0al. Simple and efficient confidence score for grading whole slide images. arXiv preprint arXiv:2303.04604 2023."},{"key":"e_1_3_3_41_2","doi-asserted-by":"crossref","unstructured":"Chen Y Ding Z Chen X et\u00a0al. DiverseVul: A new vulnerable source code dataset for deep learning based vulnerability detection. arXiv preprint arXiv:2304.00409 2023a.","DOI":"10.1145\/3607199.3607242"},{"key":"e_1_3_3_42_2","unstructured":"Lundberg SM. SHAP (SHapley Additive exPlanations) documentation \u2013 Decision Plot. 2023. Available at: https:\/\/shap.readthedocs.io\/en\/latest\/example_notebooks\/api_examples\/plots\/decision_plot.html."},{"key":"e_1_3_3_43_2","unstructured":"Nguyen V Nepal S Wu T et\u00a0al. SAFE: Advancing large language models in leveraging semantic and syntactic relationships for software vulnerability detection. arXiv preprint arXiv:2409.00882 2024."},{"key":"e_1_3_3_44_2","unstructured":"Chayti EM Jaggi M. A New First-Order Meta-Learning Algorithm with Convergence Guarantees. arXiv preprint arXiv:2409.03682 2024."},{"key":"e_1_3_3_45_2","unstructured":"Weltevrede M Spaan MTJ B\u00f6hmer W. The role of diverse replay for generalisation in reinforcement learning. arXiv preprint arXiv:2306.05727 2023."},{"key":"e_1_3_3_46_2","doi-asserted-by":"publisher","DOI":"10.52783\/pst.193"},{"key":"e_1_3_3_47_2","unstructured":"Sander J Cohen A Dasari VR et\u00a0al. On Accelerating Edge AI: Optimizing Resource-Constrained Environments. arXiv preprint arXiv:2501.15014 2025."},{"key":"e_1_3_3_48_2","doi-asserted-by":"crossref","unstructured":"Xia Y Shao H SNMDeng X. VulCoB: A CodeBERT-Based System for Source Code Vulnerability Detection. In: GAIIS \u201924: Proceedings of the 2024 International Conference on Generative Artificial Intelligence and Information Security 2024 pp. 249\u2013252.","DOI":"10.1145\/3665348.3665391"},{"key":"e_1_3_3_49_2","unstructured":"Ni C Shen L Xu X et\u00a0al. Learning-based Models for Vulnerability Detection: an extensive study. arXiv preprint arXiv:2408.07526 2024."},{"key":"e_1_3_3_50_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2024.112234"},{"key":"e_1_3_3_51_2","unstructured":"Sultana S Afreen S Eisty NU. Code Vulnerability Detection: A comparative analysis of emerging large language models. arXiv preprint arXiv:2409.10490 2024."},{"key":"e_1_3_3_52_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2024.103992"},{"key":"e_1_3_3_53_2","doi-asserted-by":"crossref","unstructured":"Chen Y Ding Z Chen X et\u00a0al. DiverseVul: A new vulnerable source code dataset for deep learning based vulnerability detection. arXiv preprint arXiv:2304.00409 2023b.","DOI":"10.1145\/3607199.3607242"},{"key":"e_1_3_3_54_2","doi-asserted-by":"crossref","unstructured":"Zhou X Zhang T Lo D. Large language model for vulnerability detection: Emerging results and future directions. arXiv preprint arXiv:2401.15468 2024.","DOI":"10.1145\/3639476.3639762"}],"container-title":["Integrated Computer-Aided Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.1177\/10692509251368663","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/full-xml\/10.1177\/10692509251368663","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.1177\/10692509251368663","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,29]],"date-time":"2026-04-29T09:15:01Z","timestamp":1777454101000},"score":1,"resource":{"primary":{"URL":"https:\/\/journals.sagepub.com\/doi\/10.1177\/10692509251368663"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,8,19]]},"references-count":53,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2026,2]]}},"alternative-id":["10.1177\/10692509251368663"],"URL":"https:\/\/doi.org\/10.1177\/10692509251368663","relation":{},"ISSN":["1069-2509","1875-8835"],"issn-type":[{"value":"1069-2509","type":"print"},{"value":"1875-8835","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,8,19]]}}}