Go to DBLP homepageA software vulnerability detection method based on multi-modality with unified processing
Abstract: With the development of the Internet and the Internet of Things, software has become an indispensable part, making software vulnerabilities one of the main threats to computer security. In recent years, a multitude of deep learning-based software vulnerability detection methods have been proposed, especially those based on multimodal approaches. Although these multimodal methods have proven to be effective, they often treat each modality separately. We propose a novel multimodal deep learning method for software vulnerability detection that achieves unified processing of various modalities. This method uses complex network analysis to convert the Code Property Graph into an image-like matrix, obtains key fragments from the source code using code slicing, and then uses a Transformer for function-level vulnerability detection. This enables deeper integration of information from multiple modalities, enhancing detection accuracy. Additionally, it significantly simplifies the model architecture. The result shows that compared to the state-of-the-art methods, our method has improved accuracy by 3%. Furthermore, our approach is capable of detecting some of the vulnerabilities recently released by CVE.
Loading