Back to Publications
2025Journal of Software Evolution and Process

A Novel Vulnerability‐Detection Method Based on the Semantic Features of Source

Abstract

ABSTRACT With the increasingly frequent attacks on software systems, software security is an issue that must be addressed. Within software security, automated detection of software vulnerabilities is an important subject. Most existing vulnerability detectors rely on the features of a single code type (e.g., source code or intermediate representation IR), which may lead to both the global features of the code slices and the memory operation information not being captured or considered. In particular, vulnerability detection based on source‐code features cannot usually include some macro or type definition content. In this paper, we propose a vulnerability‐detection method that combines the semantic features of source code and the low level virtual machine (LLVM) IR. Our proposed approach starts by slicing (C/C++) source files using improved slicing techniques to cover more comprehensive code information. It then extracts semantic information from the LLVM IR based on the executable source code. This can enrich the features fed to the artificial neural network (ANN) model for learning. We conducted an experimental evaluation using a publicly‐available dataset of 11,381 C/C++ programs. The experimental results show the vulnerability‐detection accuracy of our proposed method to reach over 96% for code slices generated according to four different slicing criteria. This outperforms most other compared detection methods.

Keywords

Computer scienceProgramming languageSource codeCode (set theory)Representation (politics)Intermediate languageVulnerability (computing)Theoretical computer scienceComputer securityCompiler