Black Hat USA 2025 | Let LLM Learn: When Your Static Analyzer Actually 'Gets It'

Imagine the process of a human security auditor. What distinguishes an expert? It's their accumulated knowledge and nuanced understanding, allowing them to see beyond simple rules. Indeed, Large Language Models (LLMs) demonstrate semantic understanding capabilities potentially exceeding traditional rule-based static analysis. However, raw reasoning power isn't synonymous with effective learning in this complex domain. While LLMs have shown promise for semantic reasoning tasks, deploying them directly on massive codebases is frequently impractical due to scalability constraints and excessive computational overhead. Additionally, isolated semantic summarization at function or module granularities often yields overly abstract results lacking practical actionable insights, or excessive context that proves too cumbersome to analyze effectively. In this talk, we propose "Let LLM Learn," an innovative approach that facilitates incremental semantic knowledge learning *using* reasoning models. Our method reframes the role of static analysis; instead of relying directly on its predefined rules, we leverage it to identify and extract relevant code segments which serve as focused learning material for the LLM. We then strategically partition complex codebases into meaningful, semantic-level slices pertinent to vulnerability propagation. Leveraging these slices, our framework incrementally teaches the LLM—potentially guided by human annotations—to summarize and cache valuable semantic knowledge. This process significantly enhances accuracy, efficiency, and context-awareness in automated vulnerability detection. Empirical evaluations demonstrate that our approach effectively identifies over 70 previously unknown bugs in real-world software projects, including VirtualBox and critical medical device systems in the IN-CYPHER project led by the UK and Singapore. Crucially, the semantic knowledge accumulated by our system naturally encodes high-value vulnerability patterns, closely resembling the intuition and analytical capabilities of human security experts. Our technique thereby bridges a critical gap between human expertise and automated analysis capabilities, considerably enhancing vulnerability detection effectiveness, precision, and practical utility. By: Zong Cao | Phd Student, Imperial Global Singapore and Nanyang Technological University Zhengzi Xu Yeqi Fu Yuqiang Sun Kaixuan Li Yang Liu Full Session Details Available at: https://ift.tt/GCBnQyo

source https://www.youtube.com/watch?v=FPzOgf2EGQE