Benchmarking LLM for Zero-day Vulnerabilities

被引:0
|
作者
Lisha, M. [1 ]
Agarwal, Vedika [2 ]
Kamthania, Supriya [2 ]
Vutkur, Pranav [1 ]
Chari, Madhusoodhana S. [3 ]
机构
[1] Hewlett Packard Enterprise, Cloud Modules, Bengaluru, India
[2] Hewlett Packard Enterprise, Ezmeral R&D, Bengaluru, India
[3] Hewlett Packard Enterprise, Aruba Switching SW, Bengaluru, India
来源
10TH INTERNATIONAL CONFERENCE ON ELECTRONICS, COMPUTING AND COMMUNICATION TECHNOLOGIES, CONECCT 2024 | 2024年
关键词
security; LLM; zero-day; vulnerability;
D O I
10.1109/CONECCT62155.2024.10677338
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
Large Language Models (LLMs) have emerged as powerful tools for natural language processing tasks. This paper investigates the efficacy of various LLMs in detecting zero-day vulnerabilities, crucial for preemptive cybersecurity measures. Through benchmarking and experimentation, we analyze the performance of LLMs in unstructured querying scenarios. Our findings aim to enhance understanding of LLM capabilities and contribute to the advancement of vulnerability detection methodologies.
引用
收藏
页数:6
相关论文
共 50 条
  • [1] Mitigation and Detection of Zero-Day Vulnerabilities
    Sebastian Guisao, Juan
    Toro Rendon, Juan Carlos
    CUADERNO ACTIVA, 2014, (06): : 63 - 67
  • [2] Observation of Recent Microsoft Zero-Day Vulnerabilities
    Evans, Nathaniel
    Yuan, Xiaohong
    PROCEEDINGS OF THE 49TH ANNUAL ASSOCIATION FOR COMPUTING MACHINERY SOUTHEAST CONFERENCE (ACMSE '11), 2011, : 328 - 329
  • [3] A framework for zero-day vulnerabilities detection and prioritization
    Singh, Umesh Kumar
    Joshi, Chanchala
    Kanellopoulos, Dimitris
    JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2019, 46 : 164 - 172
  • [4] Patching zero-day vulnerabilities: an empirical analysis
    Roumani, Yaman
    JOURNAL OF CYBERSECURITY, 2021, 7 (01):
  • [5] An Efficient Framework for Evaluating the Risk of Zero-Day Vulnerabilities
    Albanese, Massimiliano
    Jajodia, Sushil
    Singhal, Anoop
    Wang, Lingyu
    E-BUSINESS AND TELECOMMUNICATIONS, ICETE 2013, 2014, 456 : 322 - 340
  • [6] An Efficient Approach to Assessing the Risk of Zero-Day Vulnerabilities
    Albanese, Massimiliano
    Jajodia, Sushil
    Singhal, Anoop
    Wang, Lingyu
    PROCEEDINGS OF THE 10TH INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY (SECRYPT 2013), 2013, : 207 - 218
  • [7] Consensus Forecasting of Zero-Day Vulnerabilities for Network Security
    Last, David
    2016 IEEE INTERNATIONAL CARNAHAN CONFERENCE ON SECURITY TECHNOLOGY (ICCST), 2016, : 290 - 297
  • [8] Preventing Zero-Day Exploits of Memory Vulnerabilities with Guard Lines
    Vinson, Sterling
    Stonehirsch, Rachel
    Coffman, Joel
    Stevens, Jim
    PROCEEDINGS OF THE 9TH SOFTWARE SECURITY, PROTECTION, AND REVERSE ENGINEERING WORKSHOP 2019 (SSPREW-9), 2019,
  • [9] Malware-SMELL: A zero-shot learning strategy for detecting zero-day vulnerabilities
    Barros, Pedro H.
    Chagas, Eduarda T. C.
    Oliveira, Leonardo B.
    Queiroz, Fabiane
    Ramos, Heitor S.
    COMPUTERS & SECURITY, 2022, 120
  • [10] The Zero-Day Salesmen
    Greenberg, Andy
    FORBES, 2012, 189 (06): : 40 - +
12345