Guardado en:
Detalles Bibliográficos
Autores principales: Gao, Hang, Peng, Tao, Cui, Baoquan, Huang, Hong, Wu, Fengge, Zhao, Junsuo, Zhang, Jian
Formato: Preprint
Publicado: 2026
Materias:
Acceso en línea:https://arxiv.org/abs/2601.12890
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
_version_ 1866914271846203392
author Gao, Hang
Peng, Tao
Cui, Baoquan
Huang, Hong
Wu, Fengge
Zhao, Junsuo
Zhang, Jian
author_facet Gao, Hang
Peng, Tao
Cui, Baoquan
Huang, Hong
Wu, Fengge
Zhao, Junsuo
Zhang, Jian
contents Large Language Models (LLMs) have significantly advanced code analysis tasks, yet they struggle to detect malicious behaviors fragmented across files, whose intricate dependencies easily get lost in the vast amount of benign code. We therefore propose a graph-centric attention acquisition pipeline that enhances LLMs' ability to localize malicious behavior. The approach parses a project into a code graph, uses an LLM to encode nodes with semantic and structural signals, and trains a Graph Neural Network (GNN) under sparse supervision. The GNN performs an initial detection, and by interpreting these predictions, identifies key code sections that are most likely to contain malicious behavior. These influential regions are then used to guide the LLM's attention for in-depth analysis. This strategy significantly reduces interference from irrelevant context while maintaining low annotation costs. Extensive experiments show that the method consistently outperforms existing approaches on multiple public and custom datasets, highlighting its potential for practical deployment in software security scenarios.
format Preprint
id arxiv_https___arxiv_org_abs_2601_12890
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle Efficient Code Analysis via Graph-Guided Large Language Models
Gao, Hang
Peng, Tao
Cui, Baoquan
Huang, Hong
Wu, Fengge
Zhao, Junsuo
Zhang, Jian
Software Engineering
Large Language Models (LLMs) have significantly advanced code analysis tasks, yet they struggle to detect malicious behaviors fragmented across files, whose intricate dependencies easily get lost in the vast amount of benign code. We therefore propose a graph-centric attention acquisition pipeline that enhances LLMs' ability to localize malicious behavior. The approach parses a project into a code graph, uses an LLM to encode nodes with semantic and structural signals, and trains a Graph Neural Network (GNN) under sparse supervision. The GNN performs an initial detection, and by interpreting these predictions, identifies key code sections that are most likely to contain malicious behavior. These influential regions are then used to guide the LLM's attention for in-depth analysis. This strategy significantly reduces interference from irrelevant context while maintaining low annotation costs. Extensive experiments show that the method consistently outperforms existing approaches on multiple public and custom datasets, highlighting its potential for practical deployment in software security scenarios.
title Efficient Code Analysis via Graph-Guided Large Language Models
topic Software Engineering
url https://arxiv.org/abs/2601.12890