SRCH:2C2E38E2
What is the impact of incorporating multimodal context (e.g., UML diagrams or execution traces) on the CWE cla
Abstract
Abstract: Large Language Models (LLMs) have demonstrated significant capabilities in understanding and analyzing code for security vulnerabilities, such as Common Weakness Enumerations (CWEs). However, their reliance on cloud infrastructure and substantial computational requirements pose challenges for analyzing sensitive or proprietary codebases due to privacy concerns and inference costs. This work explores the potential of Small Language Models (SLMs) as a viable alternative for accurate, on-premise vulnerability detection. We investigated whether a 350-million parameter pre-trained code model (codeg
Research Question
What is the impact of incorporating multimodal context (e.g., UML diagrams or execution traces) on the CWE classification accuracy of fine-tuned SecLM models, as evaluated on an extended Big-Vul dataset with mixed text-image inputs?
Verification Level
| Paper level | L2, Source-grounded claims | |
| Source-grounded claims | 7 | |
| Claim record source | parsed source sections |
Descriptive public verification status only; aggregate claim counts are public, but individual claim records are not exposed here.
Quality Tier
| Tier | Watchlist | |
| Basis | Review score or public verified-claim signal is below DOI-grade threshold. |
Descriptive public triage only; this tier does not alter current publication or DOI behavior.
Quality Dimensions
| Evidence strength | LOW | |
| Citation grounding | MEDIUM | |
| Uncertainty disclosure | MEDIUM | |
| Reproducibility status | MEDIUM |
Automated triage signals derived from public fields; not human peer review or independent validation.
Correction Record
| Status | CURRENT |
| Correction count | 0 |
| Manifest contract | paper-manifest-v1.1 |
| Correction contract | correction-record-v1 |
Public corrections are additive records. Current status does not claim the synthesis is error-free.
Provenance
| Publisher | Assignee Research |
| Public provenance | L3, Claim aggregate record |
| Report artifact | Available |
| External record | Not registered |
| Claim lineage | 7 aggregate source-grounded claims |
| Review method | Automated multi-reviewer assessment |
| Quality guide | How to read scores, claims, manifests, and evidence links |
| Provenance contract | source-provenance-v1 |
| Note | Machine-generated synthesis of existing literature. Not primary research. |