Abstract
Vulnerability detection in code is an important element of ensuring code security. Recently, a number of studies have considered the role of LLMs in doing this, with the prevailing direction of travel being increasing the amount and complexity of information presented to an LLM in its prompt when asking it to solve a vulnerability detection task. In this study, we consider the opposite approach, finding that a single pair of minimal examples works significantly better than larger numbers of more complex examples, at least within the specific case of detecting memory management vulnerabilities. This suggests that an LLM can be better guided by providing simple hand-crafted examples of vulnerabilities rather than using larger examples extracted from real world code. We also show how the design space of vulnerability detection prompts can be efficiently explored using grammatical evolution.
| Original language | English |
|---|---|
| Title of host publication | 10th International Conference on Machine Learning and Soft Computing |
| Publisher | Springer |
| Publication status | Accepted/In press - 16 Jan 2026 |
| Event | 10th International Conference on Machine Learning and Soft Computing 2026 - Osaka, Japan Duration: 4 Feb 2026 → 6 Feb 2026 https://icmlsc.org/index.html |
Publication series
| Name | Communications in Computer and Information Science |
|---|---|
| Publisher | Springer |
| ISSN (Print) | 1865-0929 |
| ISSN (Electronic) | 1865-0937 |
Conference
| Conference | 10th International Conference on Machine Learning and Soft Computing 2026 |
|---|---|
| Abbreviated title | ICMLSC 2026 |
| Country/Territory | Japan |
| City | Osaka |
| Period | 4/02/26 → 6/02/26 |
| Internet address |
Keywords
- Vulnerability Detection
- Prompt Optimization
- Grammatical Evolution
Fingerprint
Dive into the research topics of 'Optimization of Few-Shot Prompting Examples for Vulnerability Detection in Code'. Together they form a unique fingerprint.Cite this
- APA
- Author
- BIBTEX
- Harvard
- Standard
- RIS
- Vancouver