基于LLM的跨架构物联网静态漏洞挖掘检测 摘要

摘  要:     随着物联网设备的爆炸式增长及其在关键领域的深度渗透，设备漏洞引发的安全风险（如数据泄露、远程操控等）日益严峻。传统基于学习的静态检测技术受限于跨架构扩展性和代码语义理解能力，而大语言模型(Large language model，LLM)凭借强大的语义表征和泛化能力，为物联网漏洞挖掘提供了新路径。本文聚焦基于LLM的跨架构物联网静态漏洞检测技术，系统综述前沿研究，分析当前方法（微调、Prompt工程、检索增强）的优势与局限，提出未来研究方向并结合国家安全需求探讨研究意义，并给出个人在当前领域的工作与贡献。 

关键词:    LLM;漏洞挖掘;跨架构;静态检测;物联网

Cross architecture IoT static vulnerability mining and detection based on LLM

Abstract:  With the explosive proliferation of Internet of Things (IoT) devices and their deep integration into critical domains, security risks arising from device vulnerabilities—such as data breaches and remote exploitation—are escalating into increasingly severe challenges. Traditional learning-based static detection techniques face limitations in cross-architecture scalability and code semantic comprehension capabilities, while Large Language Models (LLMs), leveraging their robust semantic representation and generalization abilities, offer promising new pathways for IoT vulnerability mining. This paper focuses on LLM-based cross-architecture static vulnerability detection techniques for IoT systems, providing a systematic review of cutting-edge research, analyzing the strengths and limitations of current methodologies (including fine-tuning, prompt engineering, and retrieval augmentation), and proposing future research directions. The study further contextualizes its significance through the lens of national security requirements, while also outlining the author's current contributions to this evolving field.

Key words:  LLM; vulnerability mining; cross architecture; static detection; IoT