VulTriNet: A software vulnerability detection method based on tri-channel network

IF 4.3 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Information and Software Technology Pub Date : 2025-09-15 DOI:10.1016/j.infsof.2025.107893

Yiyao Yang, Youjian Yao, Xiao Lv, Wen Chen

{"title":"VulTriNet: A software vulnerability detection method based on tri-channel network","authors":"Yiyao Yang, Youjian Yao, Xiao Lv, Wen Chen","doi":"10.1016/j.infsof.2025.107893","DOIUrl":null,"url":null,"abstract":"<div><h3>Context:</h3><div>Software vulnerabilities represent a critical concern in cybersecurity. As vulnerability patterns become increasingly complex, advanced detection methods are needed to fully analyze them. Recent studies have treated source codes as text using natural language processing (NLP) techniques. Subsequent advancements transformed programs into intermediate representations, utilizing graph neural network (GNN) for vulnerability learning. However, these approaches exhibit limitations in software vulnerability detection, as they fail to comprehensively analyze the features of source code.</div></div><div><h3>Objective:</h3><div>To solve this problem, we proposed a novel vulnerability detection method based on a tri-channel network (VulTriNet), which enables comprehensive analysis of source code and effective vulnerability detection.</div></div><div><h3>Methods:</h3><div>The Method integrates two graph-based and one textual code representation using three distinct methods to transform functions into multiple forms. Then, inspired by the RGB three-channel concept in the image domain, VulTriNet generates corresponding embedding vectors for these transformed representations, which are subsequently merged into a unified three-channel feature matrix. Finally, there is a CNN model integrated with attention mechanisms to improve the capability of detecting vulnerabilities.</div></div><div><h3>Results:</h3><div>Experimental results demonstrated that, compared to five state-of-the-art approaches, VulTriNet achieves, on average across different datasets: a 4.89% improvement in accuracy, a 3.41% increase in TNR, a 4.09% gain in TPR, and a 4.18% boost in F1-score.</div></div><div><h3>Conclusion:</h3><div>These results indicate that VulTriNet is more accurate and effective than previous studies. This hybrid analysis model strengthens vulnerability detection capabilities by simultaneously preserving contextual understanding of code and awareness of its structural relationships.</div></div>","PeriodicalId":54983,"journal":{"name":"Information and Software Technology","volume":"188 ","pages":"Article 107893"},"PeriodicalIF":4.3000,"publicationDate":"2025-09-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information and Software Technology","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0950584925002320","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Context:

Software vulnerabilities represent a critical concern in cybersecurity. As vulnerability patterns become increasingly complex, advanced detection methods are needed to fully analyze them. Recent studies have treated source codes as text using natural language processing (NLP) techniques. Subsequent advancements transformed programs into intermediate representations, utilizing graph neural network (GNN) for vulnerability learning. However, these approaches exhibit limitations in software vulnerability detection, as they fail to comprehensively analyze the features of source code.

Objective:

To solve this problem, we proposed a novel vulnerability detection method based on a tri-channel network (VulTriNet), which enables comprehensive analysis of source code and effective vulnerability detection.

Methods:

The Method integrates two graph-based and one textual code representation using three distinct methods to transform functions into multiple forms. Then, inspired by the RGB three-channel concept in the image domain, VulTriNet generates corresponding embedding vectors for these transformed representations, which are subsequently merged into a unified three-channel feature matrix. Finally, there is a CNN model integrated with attention mechanisms to improve the capability of detecting vulnerabilities.

Results:

Experimental results demonstrated that, compared to five state-of-the-art approaches, VulTriNet achieves, on average across different datasets: a 4.89% improvement in accuracy, a 3.41% increase in TNR, a 4.09% gain in TPR, and a 4.18% boost in F1-score.

Conclusion:

These results indicate that VulTriNet is more accurate and effective than previous studies. This hybrid analysis model strengthens vulnerability detection capabilities by simultaneously preserving contextual understanding of code and awareness of its structural relationships.

查看原文本刊更多论文

VulTriNet：一种基于三通道网络的软件漏洞检测方法

背景：软件漏洞是网络安全中的一个关键问题。随着漏洞模式的日益复杂，需要先进的检测方法对其进行全面分析。最近的研究使用自然语言处理（NLP）技术将源代码作为文本处理。随后的进展将程序转化为中间表示，利用图神经网络（GNN）进行漏洞学习。然而，这些方法在软件漏洞检测方面表现出局限性，因为它们不能全面分析源代码的特征。为了解决这一问题，我们提出了一种新的基于三通道网络（VulTriNet）的漏洞检测方法，该方法可以对源代码进行全面分析，并进行有效的漏洞检测。方法：该方法使用三种不同的方法集成了两种基于图形的代码表示和一种文本代码表示，将函数转换为多种形式。然后，受图像域中RGB三通道概念的启发，VulTriNet对这些变换后的表示生成相应的嵌入向量，并将其合并成统一的三通道特征矩阵。最后，结合注意机制的CNN模型提高了漏洞检测能力。结果：实验结果表明，与五种最先进的方法相比，VulTriNet在不同数据集上的平均准确率提高了4.89%，TNR提高了3.41%，TPR提高了4.09%，f1得分提高了4.18%。结论：VulTriNet比以往的研究更准确、更有效。这种混合分析模型通过同时保持对代码的上下文理解和对其结构关系的认识来增强漏洞检测能力。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Information and Software Technology 工程技术-计算机：软件工程

CiteScore

9.10

自引率

7.70%

发文量

164

审稿时长

9.6 weeks

期刊介绍： Information and Software Technology is the international archival journal focusing on research and experience that contributes to the improvement of software development practices. The journal''s scope includes methods and techniques to better engineer software and manage its development. Articles submitted for review should have a clear component of software engineering or address ways to improve the engineering and management of software development. Areas covered by the journal include: • Software management, quality and metrics, • Software processes, • Software architecture, modelling, specification, design and programming • Functional and non-functional software requirements • Software testing and verification & validation • Empirical studies of all aspects of engineering and managing software development Short Communications is a new section dedicated to short papers addressing new ideas, controversial opinions, "Negative" results and much more. Read the Guide for authors for more information. The journal encourages and welcomes submissions of systematic literature studies (reviews and maps) within the scope of the journal. Information and Software Technology is the premiere outlet for systematic literature studies in software engineering.