File size: 3,587 Bytes
ede5524 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 | ---
language:
- en
- code
license: apache-2.0
tags:
- security
- vulnerability-detection
- code-analysis
- reasoning
- llm
pipeline_tag: text-generation
base_model: UCSB-SURFI/VulnLLM-R-7B
---
# VulnLLM-R-7B: Specialized Reasoning LLM for Vulnerability Detection
**VulnLLM-R** is the first specialized **reasoning** Large Language Model designed specifically for software vulnerability detection.
Unlike traditional static analysis tools (like CodeQL) or small LLMs that rely on simple pattern matching, VulnLLM-R is trained to **reason step-by-step** about data flow, control flow, and security context. It mimics the thought process of a human security auditor to identify complex logic vulnerabilities with high accuracy.
## π Quick Links
* **Paper:** [arXiv:2512.07533](https://arxiv.org/abs/2512.07533)
* **Code & Data:** [GitHub](https://github.com/ucsb-mlsec/VulnLLM-R)
* **Demo:** [Web demo](https://huggingface.co/spaces/UCSB-SURFI/VulnLLM-R)
## π‘ Key Features
* **Reasoning-Based Detection:** Does not just classify code; it generates a "Chain-of-Thought" to analyze *why* a vulnerability exists.
* **Superior Accuracy:** Outperforms commercial giants (like Claude-3.7-Sonnet, o3-mini) and industry-standard tools (CodeQL, AFL++) on key benchmarks.
* **Efficiency:** Achieves SOTA performance with only **7B parameters**, making it 30x smaller and significantly faster than general-purpose reasoning models.
* **Broad Coverage:** Trained and tested on C, C++, Python, and Java (zero-shot generalization).
## π Quick Start
```python
from transformers import AutoModelForCausalLM, AutoTokenizer
import torch
model_name = "UCSB-SURFI/VulnLLM-R-7B"
tokenizer = AutoTokenizer.from_pretrained(model_name)
model = AutoModelForCausalLM.from_pretrained(
model_name,
torch_dtype=torch.bfloat16,
device_map="auto"
)
# Example Code Snippet
code_snippet = """
void vulnerable_function(char *input) {
char buffer[50];
strcpy(buffer, input); // Potential buffer overflow
}
"""
# Prompt Template (Triggering Reasoning)
prompt = f"""You are an advanced vulnerability detection model.
Please analyze the following code step-by-step to determine if it contains a vulnerability.
Code:
{code_snippet}
Please provide your reasoning followed by the final answer.
"""
messages = [
{"role": "user", "content": prompt}
]
text = tokenizer.apply_chat_template(messages, tokenize=False, add_generation_prompt=True)
model_inputs = tokenizer([text], return_tensors="pt").to(model.device)
generated_ids = model.generate(
model_inputs.input_ids,
max_new_tokens=512
)
generated_ids = [
output_ids[len(input_ids):] for input_ids, output_ids in zip(model_inputs.input_ids, generated_ids)
]
response = tokenizer.batch_decode(generated_ids, skip_special_tokens=True)[0]
print(response)
```
## π Performance
VulnLLM-R-7B achieves state-of-the-art results on benchmarks including PrimeVul, Juliet 1.3, and ARVO.
<img width="600" alt="model_size_vs_f1_scatter_01" src="https://github.com/user-attachments/assets/fc9e6942-14f8-4f34-8229-74596b05c7c5" />
(Refer to Figure 1 and Table 4 in the paper for detailed metrics)
## π Citation
If you use this model in your research, please cite our paper:
```Bibtex
@article{nie2025vulnllmr,
title={VulnLLM-R: Specialized Reasoning LLM with Agent Scaffold for Vulnerability Detection},
author={Nie, Yuzhou and Li, Hongwei and Guo, Chengquan and Jiang, Ruizhe and Wang, Zhun and Li, Bo and Song, Dawn and Guo, Wenbo},
journal={arXiv preprint arXiv:2512.07533},
year={2025}
}
```
|