Accelerating Autonomous Vulnerability Remediation via Knowledge Graph Augmented Large Language Models for Scalable Security Patch Synthesis

Authors

  • Harrison W. Vance Department of Cybersecurity, Stevens Institute of Technology

Keywords:

Autonomous Remediation, Knowledge Graphs, Large Language Models, Security Patch Synthesis, Cybersecurity Infrastructure, Socio-Technical Systems

Abstract

The exponential growth of software complexity and the increasing frequency of zero-day exploits have rendered manual vulnerability remediation unsustainable for modern enterprise infrastructures. Traditional automated program repair techniques often struggle with the semantic nuances of security vulnerabilities, frequently producing patches that introduce regressions or fail to address the underlying logic flaws. This paper explores the advancement of autonomous vulnerability remediation through a systems-oriented integration of Knowledge Graph (KG) structures with Large Language Models (LLMs). By grounding the generative capabilities of LLMs in structured cybersecurity knowledge—encompassing Common Vulnerabilities and Exposures (CVE) databases, historical patch repositories, and control-flow graphs—we propose a scalable architecture for precise security patch synthesis. The discussion prioritizes system-level considerations, including the structural trade-offs between retrieval latency and contextual depth, the infrastructure required for continuous patch validation, and the socio-technical dimensions of automated security governance. Furthermore, the paper analyzes the policy implications of deploying autonomous remediation systems within critical infrastructure, addressing concerns regarding robustness, algorithmic fairness in patch prioritization, and the long-term sustainability of AI-driven cybersecurity defenses. By synthesizing interdisciplinary perspectives from software engineering, artificial intelligence, and systems theory, this study provides a comprehensive framework for transitioning from reactive manual patching to proactive, autonomous security maintenance at scale.

References

Al-Kaswan, A., Izadi, M., & van Deursen, A. (2023). VULREPAIR: A Transformer-based Approach for Automated Vulnerability Repair. Proceedings of the 38th IEEE/ACM International Conference on Automated Software Engineering (ASE).

Baid, U., et al. (2022). Knowledge Graphs for Cybersecurity: A Survey of Applications and Challenges. IEEE Communications Surveys & Tutorials, 24(4), 2200-2225.

Brown, T. B., et al. (2020). Language Models are Few-Shot Learners. Advances in Neural Information Processing Systems (NeurIPS).

Chen, M., et al. (2021). Evaluating Large Language Models Trained on Code. arXiv preprint arXiv:2107.03374.

Ding, Z., et al. (2023). Knowledge Graph Augmented Large Language Models for Security Operations. IEEE Security & Privacy, 21(3), 45-54.

Fan, D., et al. (2023). Automated Program Repair in the Era of Large Language Models. IEEE Software, 40(2), 22-29.

Goodfellow, I., Bengio, Y., & Courville, A. (2016). Deep Learning. MIT Press.

Goues, C. L., et al. (2019). Automated Program Repair. Communications of the ACM, 62(12), 78-88.

Hogan, A., et al. (2021). Knowledge Graphs. ACM Computing Surveys (CSUR), 54(4), 1-37.

Jiang, N., et al. (2023). Impact Analysis of Large Language Models on Vulnerability Remediation. Proceedings of the International Conference on Software Engineering (ICSE).

Kim, D., et al. (2013). Automatic Patch Generation Learned from Human-written Patches. ICSE.

Lewis, P., et al. (2020). Retrieval-Augmented Generation for Knowledge-Intensive NLP Tasks. NeurIPS.

Li, Y., et al. (2022). Competition-Level Code Generation with AlphaCode. Science, 378(6624), 1092-1097.

Liu, X., et al. (2023). Pre-train, Prompt, and Predict: A Systematic Survey of Prompting Methods in Natural Language Processing. ACM Computing Surveys.

Monperrus, M. (2018). Automatic Software Repair: A Bibliography. ACM Computing Surveys (CSUR), 51(1), 1-24.

National Institute of Standards and Technology. (2023). Framework for Improving Critical Infrastructure Cybersecurity. NIST.

Pan, S. J., & Yang, Q. (2010). A Survey on Transfer Learning. IEEE Transactions on Knowledge and Data Engineering, 22(10), 1345-1359.

Pearce, H., et al. (2022). Asleep at the Keyboard? Assessing the Security of GitHub Copilot's Code Contributions. Proceedings of the IEEE Symposium on Security and Privacy (S&P).

Rajpurkar, P., et al. (2022). AI in Health and Medicine. Nature Medicine, 28(1), 31-38.

Shostak, R. (1984). Deciding Combinations of Theories. Journal of the ACM (JACM), 31(1), 1-12.

Sun, Y., et al. (2019). Ernie: Enhanced Representation through Knowledge Integration. arXiv preprint arXiv:1904.09223.

Topol, E. J. (2019). High-performance Medicine: the Convergence of Human and Artificial Intelligence. Nature Medicine.

Vaswani, A., et al. (2017). Attention is All You Need. NeurIPS.

Varoquaux, G., & Cheplygina, V. (2022). Machine Learning for Medical Imaging: Methodological Failures and Recommendations for the Future. NPJ Digital Medicine.

Wang, G., et al. (2021). Uncertainty-Aware Deep Learning for Automated Program Repair. Proceedings of the 36th IEEE/ACM International Conference on Automated Software Engineering (ASE).

Wei, J., et al. (2022). Chain of Thought Prompting Elicits Reasoning in Large Language Models. NeurIPS.

Xue, P., & Ye, Y. (2026). Attention-enhanced reinforcement learning for dynamic portfolio optimization. Intelligent Systems with Applications, 200622.

Xie, Y., et al. (2021). CoTr: Efficiently Bridging CNN and Transformer for 3D Medical Image Segmentation. MICCAI.

Xu, F. F., et al. (2022). A Systematic Survey of Knowledge Graph Ingestion and Refinement. ACM Computing Surveys.

Yang, J., et al. (2023). Large Language Models for Cybersecurity: A Systematic Review. arXiv preprint arXiv:2306.01307.

Zhou, D. (2026). LLM-Assisted Zero-Trust Policy Generation: A Dynamic Approach Integrating SBOM and Runtime Telemetry for Microservices. American Journal Of Big Data, 7(1), 212-228.

Zhang, J., et al. (2023). Graph-Augmented Language Models for Code Synthesis. Proceedings of the International Conference on Learning Representations (ICLR).

Downloads

Published

2026-05-21

How to Cite

Harrison W. Vance. (2026). Accelerating Autonomous Vulnerability Remediation via Knowledge Graph Augmented Large Language Models for Scalable Security Patch Synthesis. Computer Science and Engineering Transactions, 4(1). Retrieved from https://csetx.org/index.php/cset/article/view/111

Issue

Vol. 4 No. 1 (2026): Computer Science and Engineering Transactions

Section

Articles

License

Copyright (c) 2026 Computer Science and Engineering Transactions

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

This article is published under the Creative Commons Attribution 4.0 International License (CC BY 4.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.