Software often faces security vulnerabilities that are challenging to detect. Large language models (LLMs) have shown promise in code generation but struggle with complex code reasoning. IRIS innovatively merges LLMs with static analysis to achieve whole-repository reasoning for security vulnerability detection. The results on the CWE-Bench-Java dataset exhibit superior performance compared to existing tools. This research is pivotal in enhancing software security practices and warrants further exploration in practical applications.
- Enhanced security vulnerability detection using LLMs and static analysis
- IRIS methodology for whole-repository reasoning
- Dataset creation for real-world Java projects
- Comparison with state-of-the-art tools
- Importance for improving software security practices