Treffer: Intelligent detection and exploitation of business logic vulnerabilities constructed based on LLM combined with graph algorithm

To improve the accuracy of intelligent detection of business logic vulnerabilities, code auditing techniques were used to construct a code attribute graph. Subsequently, breadth-first search algorithm in graph algorithm was used and bidirectional search algorithm was introduced to improve it. Finally, the study introduced large language model for assisted verification to form the final detection model. The outcomes revealed that the highest values of accuracy and recall of the proposed model were 98.31% and 97.54%, respectively, and the mean values of the leakage rate and false alarm rate of the model were 8.06% and 9.19%, respectively. In addition, in practical applications, the maximum values of the accuracy rate of this model on structured query language injection, command injection, buffer overflow, and cross-site scripting attack vulnerabilities were 97.06%, 98.53%, 98.33%, and 98.46%, respectively. The novelty of the research lies in the combination of large language models and improved graph algorithms to construct code attribute graphs and optimize search algorithms. This approach achieves efficient and accurate detection of business logic vulnerabilities while significantly reducing resource consumption and providing new ideas for network security protection.