Advancing Cybersecurity with LLMs: A Comprehensive Review of Intrusion Detection Systems and Emerging Applications Hamouda Djallel1 , Mohamed Amine Ferrag1 , Benhamida Nadjette1 and Seridi Hamid1 1 Labstic Laboratory, Department of Computer Science, Guelma University, B.P. 401, 24000, Guelma, Algeria Abstract The rapid advancements in Transformers and Large Language Models (LLMs) have significantly transformed the landscape of cybersecurity, particularly in Intrusion Detection Systems (IDS). These models offer enhanced detection accuracy, scalability, and adaptability, surpassing traditional approaches in identifying and mitigating sophisticated cyber threats. This survey explores the integration of LLMs in IDS by addressing six key research dimensions: foundational methodologies, comparative performance with classical techniques, challenges in interpretability, practical applications, emerging trends, and directions for future research. By synthesizing the latest advancements, this work aims to provide a comprehensive framework for understanding the role of LLMs in strengthening cybersecurity and fostering innovation in network security and anomaly detection. Keywords Large Language Models, Transformers, Intrusion Detection Systems, Cybersecurity, Malware Detection 1. Introduction The rapid digital transformation of industries and societies has significantly increased reliance on interconnected systems, making cybersecurity a critical concern [1]. With the increasing volume, diver- sity, and sophistication of cyber threats, traditional Intrusion Detection Systems (IDS), including those employing machine learning (ML) and deep learning (DL) techniques, face limitations in adaptability and resilience [2]. Although ML and DL-based IDS have enhanced detection accuracy and adaptability compared to static, signature-based systems, they often struggle with challenges such as handling high-dimensional data, evolving attack vectors, and adversarial inputs. These constraints underscore the need for more advanced and robust approaches to counter modern cyber threats [3]. Recent advancements in Artificial Intelligence (AI), particularly in Transformers [4] and Large Language Models (LLMs), have revolutionized numerous domains. Initially developed for natural language processing tasks, LLMs like BERT [5] and GPT [6] excel at identifying complex patterns and contextual relationships within extensive datasets. These attributes make LLMs a promising enhancement to existing IDS by addressing limitations in scalability, adaptability, and the detection of novel threats that traditional ML/DL-based approaches struggle to manage effectively [7]. This survey aims to explore the integration of LLMs into IDS, providing a comprehensive review of methodologies, applications, challenges, and future directions. Specifically, the paper addresses the following objectives: • Examine the foundational methodologies enabling the deployment of LLMs in IDS. • Compare the performance of LLM-based systems with traditional IDS approaches, highlighting their strengths and limitations. Proceedings of the International IAM’24: International Conference on Informatics and Applied Mathematics, December 04–05, 2024, Guelma, Algeria ∗ Corresponding author. † These authors contributed equally. Envelope-Open hamouda.djallel@univ-guelma.dz (H. Djallel); ferrag.mohamedamine@univ-guelma.dz (M. A. Ferrag); benhamida.nadjette@univ-guelma.dz (B. Nadjette); seridi.hamid@univ-guelma.dz (S. Hamid) Orcid 0000-0003-2168-4192 (H. Djallel); 0000-0002-0632-3172 (M. A. Ferrag); 0000-0002-5540-8594 (B. Nadjette); 0000-0002-0236-8541 (S. Hamid) © 2024 Copyright for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0). CEUR ceur-ws.org Workshop ISSN 1613-0073 Proceedings • Discuss key challenges, including computational complexity, dataset limitations, and interpretabil- ity concerns. • Highlight practical applications of LLMs in cybersecurity, such as network security, malware detection, and phishing prevention. • Propose future research directions to overcome current limitations and drive further advancements in the field. By consolidating recent advancements and delivering a structured analysis, this study aims to equip researchers and practitioners with a roadmap for deploying LLMs to develop more efficient, adaptable, and comprehensive cybersecurity solutions 2. Background and Preliminaries This section outlines foundational concepts, including LLMs, IDS, and their intersection, to set the stage for subsequent discussions 2.1. Large Language Models and Transformers Transformers have reshaped artificial intelligence, with architectures such as BERT , GPT , and T5 achieving remarkable performance across diverse tasks [8]. Their foundational self-attention mechanism enables efficient modeling of relationships between input elements, allowing them to capture long-range dependencies effectively. LLMs, built on these architectures, leverage extensive pre-training on large corpora followed by fine-tuning for specific tasks. Key advantages of LLMs include: • Pattern Recognition: The ability to identify complex patterns within large and heterogeneous datasets [6]. • Contextual Understanding: Robust handling of sequential and contextual information [5]. • Scalability: High adaptability to diverse domains, including cybersecurity [8]. These properties make LLMs particularly suited for addressing the challenges posed by modern cyber threats. 2.2. Intrusion Detection Systems (IDS) IDS are critical components of cybersecurity infrastructures, designed to monitor, detect, and respond to suspicious activities within networks or systems [2]. Broadly, IDS are categorized into: • Signature-Based IDS: These systems rely on predefined rules and patterns to identify known threats. While efficient, they struggle with zero-day attacks and novel threats. • Anomaly-Based IDS: These systems use statistical or machine learning techniques to detect deviations from normal behavior, making them more adaptable to new threats but prone to higher false positive rates. • Hybrid IDS: Combining signature-based and anomaly-based approaches, hybrid IDS aim to balance accuracy and adaptability. Despite advancements, traditional IDS often face challenges, including limited adaptability, high false positive rates, and computational inefficiency, particularly in handling large-scale or dynamic environments [2]. 2.3. Intersection of LLMs and IDS Integrating LLMs into IDS effectively addresses key limitations of traditional systems. Through their advanced pattern recognition and contextual analysis capabilities, LLMs enable IDS to: • Enhance Detection Accuracy: Identify complex and evolving threats with greater precision [9]. • Improve Adaptability: Generalize effectively across diverse attack scenarios without extensive reconfiguration [7]. • Reduce False Positives: Provide more reliable threat detection, minimizing unnecessary alerts [9]. This synergy between LLMs and IDS represents a paradigm shift in cybersecurity, offering solutions that are both scalable and robust against sophisticated threats [10]. 3. Current Methodologies The integration of LLMs into IDS systems has led to the development of various methodologies aimed at enhancing detection capabilities. This section explores the primary approaches, including pre-trained model customization, fine-tuning strategies, integration into IDS pipelines, and key algorithms and models [11]. Raw Data (Logs, Traffic) Preprocessing (Tokenization, Feature Extraction) LLM Analysis (Threat Detection) Output (Alerts, Mitigation) Figure 1: Workflow of an LLM-Based Intrusion Detection System 3.1. Pre-trained Models and Customization Pre-trained LLMs, such as BERT and GPT, are trained on extensive corpora, capturing diverse linguistic patterns. Customization techniques are applied to adapt these models for cybersecurity applications: • Domain-Specific Pre-training: Further training LLMs on cybersecurity-related datasets to imbue them with domain-specific knowledge [12]. • Embedding Alignment: Adjusting embeddings to align with cybersecurity terminologies and concepts, enhancing the model’s contextual understanding [9]. 3.2. Fine-tuning Strategies Fine-tuning involves adapting pre-trained LLMs to specific tasks within IDS [13] : • Supervised Fine-Tuning: Utilizing labeled datasets to train LLMs for tasks like anomaly detec- tion and threat classification. • Transfer Learning: Applying knowledge from related domains to improve performance on cybersecurity tasks, especially when labeled data is scarce [14]. 3.3. Integration into IDS Pipelines Incorporating LLMs into IDS involves designing workflows that leverage their capabilities [11]: • Data Preprocessing: Converting network logs and alerts into formats suitable for LLM process- ing . • Real-Time Analysis: Implementing LLMs to analyze data streams in real-time, enabling prompt detection and response. 3.4. Key Algorithms and Models Several models and algorithms have been developed to enhance IDS using LLMs : • BertIDS: A BERT-based model fine-tuned for identifying and classifying network attacks, demon- strating improved accuracy over traditional methods [15] [9]. • HuntGPT: An LLM-powered intrusion detection dashboard that integrates proactive threat hunting with explainable AI frameworks [16]. • ChatIDS: An approach leveraging LLMs to make IDS alerts understandable to non-experts, enhancing interpretability and response [17]. These methodologies represent the forefront of integrating LLMs into IDS, offering enhanced detection capabilities and adaptability to evolving cyber threats. 4. Comparative Analysis with Traditional Techniques Integrating large language models (LLMs) into intrusion detection systems (IDS) marks a transformative shift from traditional methodologies. This section presents a comprehensive comparative analysis, highlighting the strengths and challenges of LLM-based IDS in relation to traditional approaches. The key differences are summarized in Table 1. LLM-based IDS outperform traditional methods in critical metrics such as accuracy and F1-score, demonstrating superior capability in handling diverse and complex datasets [10] [7] [13] [11]. These systems offer several advantages over traditional IDSs: • Enhanced Scalability: LLMs effectively process large-scale and dynamic datasets, overcoming the scalability limitations of traditional systems. • Improved Adaptability: With robust generalization capabilities, LLMs are better suited to detect novel threats and zero-day attacks. • Contextual Analysis: Leveraging natural language understanding, LLM-based IDS derive context from logs and alerts, reducing ambiguity in threat identification. • Reduced False Positives: Advanced contextual comprehension allows for more accurate threat classification, leading to fewer unnecessary alerts. These features are contrasted with traditional IDS approaches in Table 1: Despite these advantages, LLM-based IDS face notable challenges: Table 1 Comparison of Traditional IDS and LLM-Based IDS Feature Traditional IDS LLM-Based IDS Detection Method Rule-based or anomaly- Contextual analysis using based deep learning Adaptability to New Threats Limited High Scalability Challenging for large Scalable with proper opti- datasets mization False Positives High Lower due to contextual un- derstanding Interpretability High Low (requires Explainable AI) Computational Require- Low High ments • Computational Complexity: These systems demand substantial computational resources, which can be a barrier in resource-constrained environments [11]. • Training Data Requirements : High-quality, labeled datasets are essential for fine-tuning LLMs, yet such datasets are often difficult to obtain in cybersecurity domains [14]. • Interpretability Issues: The black-box nature of LLMs complicates understanding their decision- making processes, creating a need for advancements in Explainable AI (XAI) [17]. To bridge the gap between traditional and LLM-based approaches, researchers are exploring hybrid models that integrate the efficiency and interpretability of traditional methods with the adaptability and precision of LLMs. Additionally, ongoing developments in XAI and optimization techniques hold promise for addressing computational and interpretability challenges, paving the way for broader adoption of LLM-based IDS in real-world scenarios. 5. Applications in Cybersecurity The integration of Large Language Models (LLMs) into cybersecurity has enabled significant advance- ments across various domains. This section explores key applications, highlighting the role of LLMs in network security, malware analysis, phishing detection, data leakage prevention, and software vulnerability detection. 5.1. Network Security LLMs have been instrumental in enhancing network security by detecting anomalies and identifying potential intrusions. By analyzing log files [14] [7], network traffic [9], and user behaviors [18], LLMs can: • Detect Sophisticated Attacks: Identify advanced persistent threats (APTs) and zero-day vul- nerabilities through contextual pattern analysis. • Mitigate Distributed Denial of Service (DDoS) Attacks: Recognize traffic anomalies indicative of DDoS attacks and trigger real-time mitigation strategies. • Enhance Threat Intelligence: Integrate with threat intelligence feeds to provide contextual insights into potential vulnerabilities. Software Vulner- ability Detection Phishing LLMs in Network Detection Cybersecurity Security Malware Analysis Figure 2: Applications of LLMs in Cybersecurity 5.2. Malware Analysis Malware detection and classification have greatly benefited from LLMs’ ability to analyze code and behavioral patterns [19] [20] [21]: • Behavioral Analysis: Analyze system logs and executable behaviors to detect malicious activities without relying solely on static signatures. • Code Analysis: Evaluate and classify obfuscated or polymorphic malware by understanding code structures and relationships. • Threat Categorization: Facilitate automated categorization of malware families based on contextual and structural similarities. 5.3. Phishing and Social Engineering Detection LLMs have shown exceptional capabilities in detecting phishing attempts and social engineering attacks [22] [23] [24]: • Email and Text Analysis: Identify linguistic patterns and anomalies indicative of phishing attempts. • Preventing Deceptive Communications: Detect impersonation and spoofing by comparing sender identities with behavioral baselines. • Proactive Awareness: Generate simulated phishing attempts to train and assess user awareness . 5.4. Software Vulnerability Detection Identifying vulnerabilities in software is a critical application of LLMs in cybersecurity [25] [26] [27] [28]. By analyzing source code, dependency graphs, and software configurations, LLMs can: • Detect Known Vulnerabilities: Automatically identify and flag vulnerabilities from databases such as CVE or NVD by recognizing patterns in software code and configurations. • Identify Code Smells: Spot potentially risky coding practices that could lead to future vulnera- bilities, such as improper input sanitization or outdated dependencies. • Enhance Security Testing: Generate test cases to validate software against common exploit scenarios, improving the overall robustness of applications. These applications demonstrate the versatility of LLMs in addressing complex cybersecurity chal- lenges, underscoring their value in building proactive and adaptive defense mechanisms. 6. Challenges and Interpretability The adoption of Large Language Models (LLMs) in Intrusion Detection Systems (IDS) is transformative but introduces several challenges. Key issues include computational complexity, dataset limitations, interpretability concerns, ethical considerations, and privacy concerns. Table 2 summarizes these challenges and proposed solutions. 6.1. Challenges and Proposed Solutions Table 2 Challenges and Solutions for LLM-Based IDS Challenge Proposed Solution Computational Complexity Model optimization techniques like quantization and pruning Data Scarcity Data augmentation, synthetic data generation, and fed- erated learning Interpretability Issues Integration of Explainable AI methods such as attention visualization Adversarial Vulnerabilities Robust loss functions, adversarial training, and ensemble methods • Computational Complexity: LLMs demand high computational resources, presenting barriers for real-time detection in resource-constrained environments. Optimization techniques like quantization, pruning, and distillation are promising solutions to reduce model size, latency, and energy consumption [11]. • Dataset Limitations: Cybersecurity datasets often suffer from imbalance, scarcity, and privacy concerns. These limitations affect model performance, particularly in detecting rare or zero-day threats. Techniques such as data augmentation, synthetic data generation, and federated learning address these issues while preserving privacy [11]. • Interpretability Concerns: The ”black-box” nature of LLMs complicates understanding their decisions, which is critical for trust and accountability in high-stakes cybersecurity environments. Explainable AI (XAI) methods, including attention visualization, feature importance ranking, and counterfactual analysis, are being developed to improve transparency [17]. • Ethical Concerns: LLMs may be vulnerable to adversarial attacks or misuse, such as generating phishing emails or automating sophisticated attacks. Countermeasures like adversarial training, robust loss functions, and clear policy frameworks are essential to mitigate these risks [29]. • Privacy Concerns: Training LLMs for cybersecurity often requires sensitive data, which poses risks related to data leakage and regulatory non-compliance. Privacy-preserving techniques, such as federated learning, differential privacy, and secure multiparty computation, can mitigate these risks while allowing the development of effective IDS solutions [29]. Table 3 Emerging Trends in LLM-Based Cybersecurity Solutions Trend Description Real-Time Intrusion De- The use of LLMs for real-time intrusion detection is gaining traction. Tech- tection niques such as streaming transformers and lightweight model architectures are being developed to enable real-time processing of network traffic and alerts. Federated Learning for Federated learning frameworks are emerging as a solution to privacy and Cybersecurity data-sharing concerns in cybersecurity. By enabling decentralized model training, federated learning allows organizations to collaborate without ex- posing sensitive data. Graph-Based Learning In- Graph-based models are being combined with LLMs to capture relationships tegration between entities, such as users, IP addresses, and file hashes. This integration enhances the detection of sophisticated attacks, including supply chain attacks and APTs. Explainable AI for Secu- Explainable AI (XAI) tools are increasingly being adopted to address the inter- rity pretability challenges of LLMs. Visualization techniques, such as attention maps and saliency scores, are being integrated into cybersecurity workflows to build trust and transparency. 6.2. Future Directions To overcome these challenges, researchers are focusing on: 1. Lightweight Model Development: Creating resource-efficient LLMs for edge device deploy- ment. 2. Dataset Expansion: Building diverse, representative datasets to improve training and general- ization. 3. Enhanced XAI: Advancing interpretability to foster trust and transparency in LLM-based systems. 4. Ethical Governance: Establishing guidelines to ensure responsible use and prevent malicious exploitation. By addressing these challenges and adopting innovative solutions, LLM-based IDS can evolve into scalable, interpretable, and ethically responsible tools for modern cybersecurity. 7. Emerging Trends and Future Directions LLM advancements, along with AI and cybersecurity progress, are set to revolutionize threat detection and mitigation. Emerging trends in LLM-based cybersecurity, such as real-time intrusion detection, federated learning, graph-based learning, and XAI, are highlighted in Table 3. Future improvements, including energy-efficient models, better datasets, hybrid systems, and enhanced security measures, are outlined in Table 4. 8. Conclusion Large Language Models (LLMs) have emerged as powerful tools in transforming cybersecurity, par- ticularly in enhancing the capabilities of Intrusion Detection Systems (IDS). This paper has reviewed the methodologies, applications, challenges, and future directions associated with LLM-based IDS, highlighting their ability to address the limitations of traditional approaches and adapt to evolving cyber threats. Table 4 Future Directions for LLM-Based Cybersecurity Solutions Direction Description Energy-Efficient Developing energy-efficient LLMs is crucial for their sustainable deployment in LLMs cybersecurity. Techniques such as model compression, quantization, and distillation should be further explored to reduce energy consumption. Comprehensive The creation of diverse and representative cybersecurity datasets is essential for Cybersecurity training robust LLMs. Future efforts should focus on curating datasets that capture Datasets a wide range of attack scenarios, including zero-day vulnerabilities and emerging threats. Hybrid Models Hybrid systems that combine traditional IDS techniques with LLM capabilities offer a balanced approach. For instance, combining rule-based detection with LLM-powered anomaly detection can enhance both accuracy and efficiency. Adversarial Ro- Future research should prioritize developing LLMs that are resilient to adversarial bustness attacks. Adversarial training, ensemble methods, and robust loss functions are promising techniques to enhance model security. Ethical and Policy Establishing clear ethical guidelines and policy frameworks is critical to prevent the Frameworks misuse of LLMs in cybersecurity. Future work should explore mechanisms to enforce responsible deployment and mitigate potential risks. Interdisciplinary Collaboration between AI researchers, cybersecurity professionals, and policymakers Collaboration is essential for driving innovation. Interdisciplinary research can help address complex challenges and unlock new opportunities for LLM-based cybersecurity solutions. While LLMs offer significant advantages, such as improved detection accuracy, scalability, and con- textual analysis, challenges related to computational demands, dataset limitations, and interpretability persist. Addressing these issues through advancements in model optimization, Explainable AI, and ethical frameworks will be essential for their sustainable deployment. Looking ahead, interdisciplinary collaboration among AI researchers, cybersecurity professionals, and policymakers will be key to unlocking the full potential of LLMs. By fostering innovation and addressing critical challenges, LLMs can redefine the cybersecurity landscape, offering scalable and intelligent solutions for safeguarding digital infrastructures. In summary, LLMs represent a promising step toward more adaptive and resilient cybersecurity systems, paving the way for intelligent, proactive, and scalable defense mechanisms. Declaration on Generative AI During the preparation of this work, the authors used ChatGPT, for rephrasing, grammar and spelling checks, and improving writing style. After using this tool/service, the authors reviewed and edited the content as needed and takes full responsibility for the publication’s content. References [1] G. Culot, F. Fattori, M. Podrecca, M. Sartor, Addressing industry 4.0 cybersecurity challenges, IEEE Engineering Management Review 47 (2019) 79–86. [2] D. Hamouda, M. A. Ferrag, N. Benhamida, H. Seridi, Intrusion detection systems for industrial internet of things: A survey, in: 2021 International Conference on Theoretical and Applicative Aspects of Computer Science (ICTAACS), IEEE, 2021, pp. 1–8. [3] M. A. Bouke, A. Abdullah, N. I. Udzir, N. Samian, Overcoming the challenges of data lack, leakage, and imensionality in intrusion detection systems: a comprehensive review, Journal of Communication and Information Systems 39 (2024). [4] A. Vaswani, Attention is all you need, Advances in Neural Information Processing Systems (2017). [5] J. Devlin, Bert: Pre-training of deep bidirectional transformers for language understanding, arXiv preprint arXiv:1810.04805 (2018). [6] T. B. Brown, Language models are few-shot learners, arXiv preprint arXiv:2005.14165 (2020). [7] O. G. Lira, A. Marroquin, M. A. To, Harnessing the advanced capabilities of llm for adaptive intrusion detection systems, in: International Conference on Advanced Information Networking and Applications, Springer, 2024, pp. 453–464. [8] M. A. K. Raiaan, M. S. H. Mukta, K. Fatema, N. M. Fahad, S. Sakib, M. M. J. Mim, J. Ahmad, M. E. Ali, S. Azam, A review on large language models: Architectures, applications, taxonomies, open issues and challenges, IEEE Access (2024). [9] M. A. Ferrag, M. Ndhlovu, N. Tihanyi, L. C. Cordeiro, M. Debbah, T. Lestable, N. S. Thandi, Revolutionizing cyber threat detection with large language models: A privacy-preserving bert- based lightweight model for iot/iiot devices, IEEE Access (2024). [10] H. Xu, S. Wang, N. Li, K. Wang, Y. Zhao, K. Chen, T. Yu, Y. Liu, H. Wang, Large language models for cyber security: A systematic literature review, arXiv preprint arXiv:2405.04760 (2024). [11] M. A. Ferrag, F. Alwahedi, A. Battah, B. Cherif, A. Mechri, N. Tihanyi, Generative ai and large language models for cyber security: All insights you need, arXiv preprint arXiv:2405.12750 (2024). [12] M. Bayer, P. Kuehn, R. Shanehsaz, C. Reuter, Cysecbert: A domain-adapted language model for the cybersecurity domain, ACM Transactions on Privacy and Security 27 (2024) 1–20. [13] A. Shestov, A. Cheshkov, R. Levichev, R. Mussabayev, P. Zadorozhny, E. Maslov, C. Vadim, E. Buly- chev, Finetuning large language models for vulnerability detection, arXiv preprint arXiv:2401.17010 (2024). [14] E. Karlsen, X. Luo, N. Zincir-Heywood, M. Heywood, Benchmarking large language models for log analysis, security, and interpretation, Journal of Network and Systems Management 32 (2024) 59. [15] H. Lai, Intrusion detection technology based on large language models, in: 2023 International Conference on Evolutionary Algorithms and Soft Computing Techniques (EASCT), IEEE, 2023, pp. 1–5. [16] T. Ali, P. Kostakos, Huntgpt: Integrating machine learning-based anomaly detection and explain- able ai with large language models (llms), arXiv preprint arXiv:2309.16021 (2023). [17] V. Jüttner, M. Grimmer, E. Buchmann, Chatids: Explainable cybersecurity using generative ai, arXiv preprint arXiv:2306.14504 (2023). [18] J. Liu, C. Zhang, J. Qian, M. Ma, S. Qin, C. Bansal, Q. Lin, S. Rajmohan, D. Zhang, Large language models can deliver accurate and interpretable time series anomaly detection, arXiv preprint arXiv:2405.15370 (2024). [19] P. M. S. Sánchez, A. H. Celdrán, G. Bovet, G. M. Pérez, Transfer learning in pre-trained large language models for malware detection based on system calls, arXiv preprint arXiv:2405.09318 (2024). [20] C. Patsakis, F. Casino, N. Lykousas, Assessing llms in malicious code deobfuscation of real-world malware campaigns, arXiv preprint arXiv:2404.19715 (2024). [21] P. Madani, Metamorphic malware evolution: The potential and peril of large language models, in: 2023 5th IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA), IEEE, 2023, pp. 74–81. [22] L. Jiang, Detecting scams using large language models, arXiv preprint arXiv:2402.03147 (2024). [23] R. Chataut, P. K. Gyawali, Y. Usman, Can ai keep you safe? a study of large language models for phishing detection, in: 2024 IEEE 14th Annual Computing and Communication Workshop and Conference (CCWC), IEEE, 2024, pp. 0548–0554. [24] T. Koide, N. Fukushi, H. Nakano, D. Chiba, Detecting phishing sites using chatgpt, arXiv preprint arXiv:2306.05816 (2023). [25] M. A. Ferrag, A. Battah, N. Tihanyi, M. Debbah, T. Lestable, L. C. Cordeiro, Securefalcon: The next cyber reasoning system for cyber security, arXiv preprint arXiv:2307.06616 (2023). [26] M. D. Purba, A. Ghosh, B. J. Radford, B. Chu, Software vulnerability detection using large language models, in: 2023 IEEE 34th International Symposium on Software Reliability Engineering Workshops (ISSREW), IEEE, 2023, pp. 112–119. [27] A. Mechri, M. A. Ferrag, M. Debbah, Secureqwen: Leveraging llms for vulnerability detection in python codebases, Computers & Security 148 (2025) 104151. [28] D. Noever, Can large language models find and fix vulnerable software?, arXiv preprint arXiv:2308.10345 (2023). [29] B. C. Das, M. H. Amini, Y. Wu, Security and privacy challenges of large language models: A survey, arXiv preprint arXiv:2402.00888 (2024).