This repository provides a systematic literature review on the application of Large Language Models (LLMs) in cybersecurity. It aims to answer key research questions regarding the construction of cybersecurity-oriented LLMs, their diverse applications, and future research directions, serving as a valuable resource for researchers and practitioners in the field.

How It Works

The project is structured as a comprehensive survey of existing research, categorizing and analyzing over 300 works. It systematically reviews papers related to LLM applications in cybersecurity, focusing on three main research questions: constructing domain-specific LLMs, identifying potential applications, and outlining future research directions. The literature is organized by application areas such as threat intelligence, vulnerability detection, insecure code generation, program repair, anomaly detection, and LLM-assisted attacks.

Quick Start & Requirements

This repository is a curated list of research papers and does not involve direct code execution or installation. All listed resources are academic papers, primarily available via arXiv links or conference proceedings.

Highlighted Details

• Comprehensive analysis of over 300 works, covering 25+ LLMs and 10+ downstream cybersecurity scenarios.
• Detailed categorization of LLM applications, including Threat Intelligence, FUZZ, Vulnerabilities Detection, Insecure Code Generation, Program Repair, Anomaly Detection, LLM Assisted Attack, and Others.
• Regular updates with new research papers, ensuring the review remains current.
• Includes specific benchmarks and fine-tuned LLM frameworks for cybersecurity tasks.

Maintenance & Community

The repository is actively maintained, with frequent updates to include the latest research papers. The primary contributors are listed as authors of the review paper.

Licensing & Compatibility

The repository itself is a collection of links to academic papers. The licensing of the individual papers varies based on their publication venue (e.g., arXiv, IEEE, ACM). Compatibility for commercial use or closed-source linking depends on the licenses of the cited works.

Limitations & Caveats

This repository is a literature review and does not provide executable code or tools. The insights and findings are based on the state of research as presented in the cited papers.