Code Vulnerability Detection Based on Graph Neural Network

• Published in: International journal of advanced network, monitoring, and controls Vol. 10; no. 2; pp. 62 - 73
• Main Authors: Yang, Yege, Li, Guiping
• Format: Journal Article
• Language: English
• Published: Xi'an Sciendo 16.06.2025; De Gruyter Poland
• Subjects: Accuracy; Code reuse; Code Vulnerability Detection; Data integrity; Deep Learning; Graph Neural Network; Graphs; Keywords-Software Security; Libraries; Machine learning; Methods; Neural networks; Open source software; Program Analysis; Semantics; Syntax
• ISSN: 2470-8038; 2470-8038
• DOI: 10.2478/ijanmc-2025-0017

Deep learning has emerged as a vital approach for identifying and addressing vulnerabilities in software systems. A key challenge in this process lies in effectively representing code and leveraging AI techniques to capture and interpret its semantics and other intrinsic information. This paper employs bidirectional slicing techniques to extract code slices containing control and data dependencies from program dependency graphs, targeting key points of different vulnerabilities. To represent the node features within the slices, code tokens are mapped to integers and transformed into fixed-length vectors, leveraging Word2vec and BERT models to embed the code nodes and extract structural graph features. The embedded feature matrix is then fed into a Gated Graph Neural Network (GGNN), which aggregates information from nodes and their neighbors to enhance long-term memory of graph-structured data. By iterating through several time steps within GRU units, the final node features are generated. Additionally, edge relationships are used to propagate and aggregate information, further improving the accuracy of vulnerability detection. Experimental results demonstrate that the proposed model achieves an F1-score of 93.25% on the BigVul dataset, showcasing strong detection performance.