Line-level Semantic Structure Learning for Code Vulnerability Detection
Ziliang Wang, Ge Li, Jia Li, Yihong Dong, Yingfei Xiong, Zhi Jin
TL;DR
This paper introduces CSLS, a novel code vulnerability detection model that leverages line-level semantic and structural information, outperforming existing methods by capturing code's inherent structural nuances.
Contribution
The paper proposes a line-level semantic learning approach that retains structural elements and models nonlinear relationships, enhancing vulnerability detection accuracy.
Findings
Achieved 70.57% accuracy on Devign dataset.
Attained 49.59% F1 score on Reveal dataset.
Outperformed state-of-the-art baselines in vulnerability detection.
Abstract
Unlike the flow structure of natural languages, programming languages have an inherent rigidity in structure and grammar.However, existing detection methods based on pre-trained models typically treat code as a natural language sequence, ignoring its unique structural information. This hinders the models from understanding the code's semantic and structual information.To address this problem, we introduce the Code Structure-Aware Network through Line-level Semantic Learning (CSLS), which comprises four components: code preprocessing, global semantic awareness, line semantic awareness, and line semantic structure awareness.The preprocessing step transforms the code into two types of text: global code text and line-level code text.Unlike typical preprocessing methods, CSLS retains structural elements such as newlines and indent characters to enhance the model's perception of code lines…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSoftware Reliability and Analysis Research · Software Engineering Research · Web Application Security Vulnerabilities