Confronting sophisticated cyber threats necessitates advanced vulnerability detection techniques. While Large Language Models (LLMs) offer transformative potential, the optimal strategies for their adaptation remain debated. This paper presents the first systematic literature review, guided by the PRISMA methodology, to comparatively analyze Retrieval-Augmented Generation (RAG) and Fine-Tuning for vulnerability detection based on 35 key studies (2020–2024). We demonstrate that both methods elevate performance over traditional methods, with RAG showing superior adaptability (85–90% precision) for dynamic threats, and Fine-Tuning excelling in specialized tasks (80–85% precision). Our analysis provides crucial, evidence-based guidance on selecting LLM strategies tailored to operational needs. By synthesizing performance benchmarks and operational trade-offs, this review provides a crucial, evidence-based decision framework for selecting the optimal LLM adaptation strategy in cybersecurity.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Evaluating LLM Adaptation Techniques for Cybersecurity Vulnerability Detection: A Comparative Review of Retrieval-Augmented Generation and Fine-Tuning

  • Leandro Pazmiño,
  • Ivonne Maldonado,
  • Vanessa Guevara

摘要

Confronting sophisticated cyber threats necessitates advanced vulnerability detection techniques. While Large Language Models (LLMs) offer transformative potential, the optimal strategies for their adaptation remain debated. This paper presents the first systematic literature review, guided by the PRISMA methodology, to comparatively analyze Retrieval-Augmented Generation (RAG) and Fine-Tuning for vulnerability detection based on 35 key studies (2020–2024). We demonstrate that both methods elevate performance over traditional methods, with RAG showing superior adaptability (85–90% precision) for dynamic threats, and Fine-Tuning excelling in specialized tasks (80–85% precision). Our analysis provides crucial, evidence-based guidance on selecting LLM strategies tailored to operational needs. By synthesizing performance benchmarks and operational trade-offs, this review provides a crucial, evidence-based decision framework for selecting the optimal LLM adaptation strategy in cybersecurity.