Search papers, labs, and topics across Lattice.
Antaeus is a novel framework designed to detect logic vulnerabilities in software repositories by leveraging context-grounded reasoning with large language models (LLMs). It addresses the challenge of identifying application-specific security invariants that are often implicit and dispersed within code, which traditional models struggle to analyze effectively. Evaluated across 28 repositories with known logic vulnerabilities, Antaeus successfully identified and explained 15 vulnerabilities, outperforming existing methods while maintaining comparable resource efficiency.
Antaeus uncovers hidden logic vulnerabilities by grounding LLM reasoning in the broader context of repository-level code, revealing insights that traditional models miss.
LLM-based vulnerability detectors have shown promising results in identifying memory-safety bugs and vulnerability classes whose violations can often be expressed through established security properties. Logic vulnerabilities, however, pose a different challenge, as their identification requires inferring application-specific security invariants and implicit assumptions about intended behavior. Even frontier agentic models struggle because these invariants are often implicit and buried among unrelated code. Motivated by this gap, we present Antaeus, a framework for detecting logic vulnerabilities that grounds LLM reasoning in repository-level code context. Antaeus follows a repository-scale pipeline combining function prioritization, context-grounded reasoning, comparative validation, and structured reporting. It ranks functions using lightweight repo-wide security signals, directing costly LLM analysis toward relevant code and reducing calls, cost, and triage effort. For each prioritized function, Antaeus combines local code context with a repository-level view of the application's functionality, security resources, and trust boundaries. This enables reasoning about how the function is executed within the broader application rather than as an isolated snippet. Antaeus identifies security-sensitive sinks, derives safety conditions for safe execution, and checks whether they are locally satisfied. Candidate findings undergo comparative validation, pruning concerns that reflect project-wide norms rather than distinctive violations. Finally, Antaeus reports sinks, violated safety conditions, and evidence, making findings actionable and traceable. We evaluate Antaeus on 28 repositories with confirmed logic vulnerabilities and compare it against function-level and agentic models. Antaeus detects and explains 15 vulnerabilities, outperforming baselines with comparable token usage and cost.