How to Efficiently Manage Critical Infrastructure Vulnerabilities? Toward Large Code-graph Models

How to Efficiently Manage Critical Infrastructure Vulnerabilities? Toward Large Code-graph Models

연구 분야: Infrastructure

학회: LAMPS '24: Proceedings of the 1st ACM Workshop on Large AI Systems and Models with Privacy and Safety Analysis

Critical infrastructure vulnerabilities, once maliciously manipulated, may cause serious security accidents. However, existing methods are always unable to discover, assess, block and repair those unknown/known vulnerabilities in a timely and effective manner. This article explores the potential of large models on vulnerability management optimization. To efficiently orchestrate complex vulnerability management tasks (e.g., detection, prioritization, and code repairing), we propose to conduct a novel Large Code-graph Model (LCM) to break down vulnerability life-cycle management into distinct suites using artificial intelligence agents, Retrieval-Augmented Generation (RAG), and graph-structured large models to automate processes without extensive prior knowledge. In particular, we conduct an evaluation experiment utilizing the proposed LCM for pre-processing vulnerable data in the vulnerability detection suite. The results showed a final detection accuracy of 97.2%, significantly outperforming baseline models and confirming that the proposed LCM can autonomously extract superior features as a data pre-processing tool. Consequently, the experimental results also partially validate the feasibility of our proposed framework.