VP-IAFSP: Vulnerability Prediction Using Information Augmented Few-Shot Prompting with Open Source LLMs

Mithilesh Pandey; Sandeep Kumar

doi:10.5220/0013346600003928

VP-IAFSP: Vulnerability Prediction Using Information Augmented Few-Shot Prompting with Open Source LLMs

Mithilesh Pandey, Sandeep Kumar

2025

Abstract

Software vulnerabilities can cause significant damage to the organization and the user. This makes their timely and accurate detection pivotal during the software development and deployment process. Recent trends have highlighted the potential of Large Language Models for software engineering tasks and vulnerability prediction. However, their performance is often inhibited if they rely solely on plain text source code. This overlooks the critical syntactic and semantic information present in the code. To address this challenge, we introduce VP-IAFSP(Vulnerability Prediction using Information Augmented Few Shot Prompting). Our approach improves the LLMs’ efficiency for vulnerability prediction through Prompt Enhancements by augmenting information related to the code and integrating graph structural information from the code to utilize Few-shot Prompting. To assess the proposed approach, we conduct experiments on a manually labeled real-world dataset. The results reveal that the proposed methodology achieves between 2.69% to 75.30% increase in F1-Score for function-level vulnerability prediction tasks when compared to seven state-of-the-art methods. These findings underscore the benefits of combining Information Augmentation with Few-shot Prompting while designing prompts for vulnerability prediction.

Download

Paper Citation

in Harvard Style

Pandey M. and Kumar S. (2025). VP-IAFSP: Vulnerability Prediction Using Information Augmented Few-Shot Prompting with Open Source LLMs. In Proceedings of the 20th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE; ISBN 978-989-758-742-9, SciTePress, pages 592-599. DOI: 10.5220/0013346600003928

in Bibtex Style

@conference{enase25,
author={Mithilesh Pandey and Sandeep Kumar},
title={VP-IAFSP: Vulnerability Prediction Using Information Augmented Few-Shot Prompting with Open Source LLMs},
booktitle={Proceedings of the 20th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE},
year={2025},
pages={592-599},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013346600003928},
isbn={978-989-758-742-9},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 20th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE
TI - VP-IAFSP: Vulnerability Prediction Using Information Augmented Few-Shot Prompting with Open Source LLMs
SN - 978-989-758-742-9
AU - Pandey M.
AU - Kumar S.
PY - 2025
SP - 592
EP - 599
DO - 10.5220/0013346600003928
PB - SciTePress