The Midas Touch: Triggering the Capability of LLMs for RM-API Misuse Detection

arXiv - CS - Cryptography and Security Pub Date : 2024-09-14 DOI:arxiv-2409.09380

Yi Yang, Jinghua Liu, Kai Chen, Miaoqian Lin

{"title":"The Midas Touch: Triggering the Capability of LLMs for RM-API Misuse Detection","authors":"Yi Yang, Jinghua Liu, Kai Chen, Miaoqian Lin","doi":"arxiv-2409.09380","DOIUrl":null,"url":null,"abstract":"In this paper, we propose an LLM-empowered RM-API misuse detection solution,\nChatDetector, which fully automates LLMs for documentation understanding which\nhelps RM-API constraints retrieval and RM-API misuse detection. To correctly\nretrieve the RM-API constraints, ChatDetector is inspired by the ReAct\nframework which is optimized based on Chain-of-Thought (CoT) to decompose the\ncomplex task into allocation APIs identification, RM-object (allocated/released\nby RM APIs) extraction and RM-APIs pairing (RM APIs usually exist in pairs). It\nfirst verifies the semantics of allocation APIs based on the retrieved RM\nsentences from API documentation through LLMs. Inspired by the LLMs'\nperformance on various prompting methods,ChatDetector adopts a two-dimensional\nprompting approach for cross-validation. At the same time, an\ninconsistency-checking approach between the LLMs' output and the reasoning\nprocess is adopted for the allocation APIs confirmation with an off-the-shelf\nNatural Language Processing (NLP) tool. To accurately pair the RM-APIs,\nChatDetector decomposes the task again and identifies the RM-object type first,\nwith which it can then accurately pair the releasing APIs and further construct\nthe RM-API constraints for misuse detection. With the diminished\nhallucinations, ChatDetector identifies 165 pairs of RM-APIs with a precision\nof 98.21% compared with the state-of-the-art API detectors. By employing a\nstatic detector CodeQL, we ethically report 115 security bugs on the\napplications integrating on six popular libraries to the developers, which may\nresult in severe issues, such as Denial-of-Services (DoS) and memory\ncorruption. Compared with the end-to-end benchmark method, the result shows\nthat ChatDetector can retrieve at least 47% more RM sentences and 80.85% more\nRM-API constraints.","PeriodicalId":501332,"journal":{"name":"arXiv - CS - Cryptography and Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2024-09-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Cryptography and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.09380","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

In this paper, we propose an LLM-empowered RM-API misuse detection solution, ChatDetector, which fully automates LLMs for documentation understanding which helps RM-API constraints retrieval and RM-API misuse detection. To correctly retrieve the RM-API constraints, ChatDetector is inspired by the ReAct framework which is optimized based on Chain-of-Thought (CoT) to decompose the complex task into allocation APIs identification, RM-object (allocated/released by RM APIs) extraction and RM-APIs pairing (RM APIs usually exist in pairs). It first verifies the semantics of allocation APIs based on the retrieved RM sentences from API documentation through LLMs. Inspired by the LLMs' performance on various prompting methods,ChatDetector adopts a two-dimensional prompting approach for cross-validation. At the same time, an inconsistency-checking approach between the LLMs' output and the reasoning process is adopted for the allocation APIs confirmation with an off-the-shelf Natural Language Processing (NLP) tool. To accurately pair the RM-APIs, ChatDetector decomposes the task again and identifies the RM-object type first, with which it can then accurately pair the releasing APIs and further construct the RM-API constraints for misuse detection. With the diminished hallucinations, ChatDetector identifies 165 pairs of RM-APIs with a precision of 98.21% compared with the state-of-the-art API detectors. By employing a static detector CodeQL, we ethically report 115 security bugs on the applications integrating on six popular libraries to the developers, which may result in severe issues, such as Denial-of-Services (DoS) and memory corruption. Compared with the end-to-end benchmark method, the result shows that ChatDetector can retrieve at least 47% more RM sentences and 80.85% more RM-API constraints.

查看原文本刊更多论文

迈达斯之触：触发 LLM 检测 RM-API 滥用的能力

在本文中，我们提出了一种由 LLM 驱动的 RM-API 误用检测解决方案 ChatDetector，它可以完全自动化地使用 LLM 进行文档理解，从而帮助检索 RM-API 约束和检测 RM-API 误用。为了正确检索 RM-API 约束，ChatDetector 受到 ReAct 框架的启发，该框架基于思维链（CoT）进行优化，将复杂的任务分解为分配 API 识别、RM-对象（通过 RM API 分配/释放）提取和 RM-API 配对（RM API 通常成对存在）。首先，通过 LLM 从 API 文档中检索 RM 句子，验证分配 API 的语义。受 LLMs 在各种提示方法上表现的启发，ChatDetector 采用二维提示方法进行交叉验证。与此同时，对于使用现成的自然语言处理（NLP）工具确认的分配应用程序接口，还采用了在 LLMs 输出和推理过程之间进行一致性检查的方法。为了准确配对 RM-API，ChatDetector 再次分解任务，首先识别 RM 对象类型，然后与之准确配对释放 API，并进一步构建 RM-API 约束以进行误用检测。与最先进的API检测器相比，ChatDetector在减少幻觉的情况下识别出了165对RM-API，精确度达到98.21%。通过使用静态检测器 CodeQL，我们向开发人员道德地报告了集成在六个流行库上的应用程序的 115 个安全漏洞，这些漏洞可能会导致严重的问题，如拒绝服务（DoS）和内存破坏。与端到端基准方法相比，结果表明 ChatDetector 能够检索的 RM 句子至少增加了 47%，RM-API 约束至少增加了 80.85%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

arXiv - CS - Cryptography and Security

自引率

0.00%

发文量