Detecting vulnerabilities in C/C++ codebases is critical for software security, and traditional models often fail to capture such code’s complex dependencies and contextual nuances. This study employs CodeGraphBERT, a deep learning model that integrates graph neural networks and transformers to represent both structural and semantic code features, enabling the detection of subtle and context-specific vulnerabilities. Pretrained on large-scale code datasets, the model exhibits strong generalization capabilities and is further optimized through fine-tuning for domain-specific tasks. Advanced tools, including PyTorch Geometric for efficient graph processing, NetworkX for custom graph structure creation and visualization, and Joern for generating program dependency graphs and abstract syntax trees, ensure robust graph-based data integration. Experimental results demonstrate CodeGraphBERT’s superior performance across precision, recall, F1-score, and AUC, showcasing its scalability and accuracy in detecting vulnerabilities. This research highlights the potential of AI-driven approaches like CodeGraphBERT to enhance secure software development practices in C/C++ codebases.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Enhancing Code Vulnerability Detection Using CodeGraphBERT Deep Learning Techniques

  • Zeinab Shahbazi,
  • Meshkat Mesbah,
  • Seunghoon Woo

摘要

Detecting vulnerabilities in C/C++ codebases is critical for software security, and traditional models often fail to capture such code’s complex dependencies and contextual nuances. This study employs CodeGraphBERT, a deep learning model that integrates graph neural networks and transformers to represent both structural and semantic code features, enabling the detection of subtle and context-specific vulnerabilities. Pretrained on large-scale code datasets, the model exhibits strong generalization capabilities and is further optimized through fine-tuning for domain-specific tasks. Advanced tools, including PyTorch Geometric for efficient graph processing, NetworkX for custom graph structure creation and visualization, and Joern for generating program dependency graphs and abstract syntax trees, ensure robust graph-based data integration. Experimental results demonstrate CodeGraphBERT’s superior performance across precision, recall, F1-score, and AUC, showcasing its scalability and accuracy in detecting vulnerabilities. This research highlights the potential of AI-driven approaches like CodeGraphBERT to enhance secure software development practices in C/C++ codebases.