Go to ACL ARR 2025 February homepageDiffusionAVR: Automated Software Vulnerability Repair Via Diffusion Models
Abstract: The automated vulnerability repair technology aims to reduce security risks for end users by repairing vulnerable code. Currently, machine translation-based models are becoming the mainstream approach in the field of vulnerability repair, focusing on modeling the conditional probability distribution functions of the patch subspace. However, the distribution of repair patches is complex and unknown, and excessive complexity makes it difficult for traditional models to effectively fit unknown data. To address this, this paper introduces a novel automated vulnerability repair method based on diffusion models, called DiffusionAVR. Compared to traditional models, DiffusionAVR progressively adds noise, allowing the complex distribution of repair patch data to gradually approximate a standard Gaussian distribution, and then achieves the process of going from simple to complex distribution through denoising and reverse modeling. In this context, the model can more easily learn the characteristics of vulnerability patch distributions, significantly improving the success rate of repairing unknown code. Furthermore, this paper optimizes the loss function in the traditional diffusion model for repair tasks, significantly enhancing repair accuracy. In tests involving 8,482 real vulnerability cases, DiffusionAVR achieved a perfect repair rate in single predictions that was 14% higher than existing Transformer-based models, with a generation speed increase of 20 times.
Paper Type: Long
Research Area: NLP Applications
Research Area Keywords: Generation,Machine Translation,NLP Applications
Contribution Types: Publicly available software and/or pre-trained models
Languages Studied: code
Submission Number: 2217
Loading