AutoReview: An LLM-based Multi-Agent System for Security Issue-Oriented Code Review
Software vulnerabilities can lead to severe security issues such as data breaches, financial losses, and service disruptions, making security issue-oriented code review a crucial part of the development process. Traditional approaches struggle with analyzing complex code and providing explanations, while large language models (LLMs) show promise in code review but do not focus on security-related issues. To address these limitations, we propose {\tool}, an LLM-based multi-agent system for security code review. It integrates three agents: (1) Issue Detector identifying potential vulnerabilities using knowledge-level retrieval-augmented generation, (2) Issue Locator pinpoints the vulnerability positions through graph-based code slicing, and (3) Issue Repairer generating context-aware fixes via iterative verification. Evaluated on ReposVul with three code LLMs, {\tool} greatly demonstrates its effectiveness in security code reviews, improving F1-score for detection by 18.72%, precision for location by 27.75%, and BLEU for repair by 14.82% over baselines.
Mon 23 JunDisplayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change
14:00 - 15:30 | |||
14:00 18mTalk | Automating API Documentation with LLMs: A BERTopic Approach Student Research Competition Amirhossein Naghshzan École de Technologie Supérieure | ||
14:18 18mTalk | AutoReview: An LLM-based Multi-Agent System for Security Issue-Oriented Code Review Student Research Competition Yujia Chen Harbin Institute of Technology, Shenzhen | ||
14:36 18mTalk | Ever-Improving Test Suite by Leveraging Large Language Models Student Research Competition Ketai Qiu USI Università della Svizzera Italiana Pre-print | ||
14:54 18mTalk | Test Script Repair of Deep Learning Library Testing Student Research Competition Xing Fu Nanjing University, Jiawei Liu Nanjing University, Chunrong Fang Nanjing University, Zhenyu Chen Nanjing University | ||
15:12 18mTalk | Predicting Software Changes from Desired Behavior Changes Student Research Competition Laura Plein CISPA Helmholtz Center for Information Security |
Vega is close to the registration desk.
Facing the registration desk, its entrance is on the left, close to the hotel side entrance.