Predicting Software Vulnerabilities with Deep Learning-Driven Static Code Analysis in Security and Cryptographic Systems

Predicting Software Vulnerabilities with Deep Learning-Driven Static Code Analysis in Security and Cryptographic Systems

연구 분야: Strategies

학회: 2025 International Conference on Networks and Cryptology (NETCRYPT)

This paper investigates the application of deep learning based static analysis approach as a tool in identifying potential vulnerabilities in security and cryptographic applications. The study employs an actual dataset, Big-Vul, consisting of wild vulnerabilities for training models that can discover vulnerabilities in source code. Our method combines features based on the static code, along with GNNs, CodeBERT, and LSTM networks for effective vulnerability identification. According to the results, CodeBERT model has proved to be better than the other models where it gave the overall accuracy of 91.2 %, better than GNNs (87.5 %) and LSTMs (84.1 %). The related work section underlines the advantages of using abstract syntax trees (AST) and control flow graphs (CFG) for graphbased model to increase the scope of detectability. It presents important findings that would help in enhancing the automated security analysis tools for the benefit of computer programmers and security professionals.