NDSS 2025 – The Midas Touch: Triggering The Capability Of LLMs For RM-API Misuse Detection

Summary

The episode presents ChatDetector, a novel LLM‑empowered system for detecting misuse of resource‑management APIs (RM‑APIs) in open‑source software. By leveraging a ReAct‑inspired chain‑of‑thought prompting framework and cross‑validation techniques, ChatDetector overcomes LLM hallucinations to accurately extract allocation/release API pairs and constraints, achieving 98.21% precision and uncovering 115 critical bugs. The authors—Yi Yang, Jinghua Liu, Kai Chen, and Miaoqian Lin—demonstrate how this approach retrieves far more RM‑API constraints than traditional methods, highlighting the potential of LLMs in security analysis.