Saved in:
Bibliographic Details
Main Authors: Chen, Siyu, Yang, Jiongyi, Chen, Xiang, Zheng, Menglin, Wei, Minnan, Ju, Xiaolin
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2506.23534
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866912457331572736
author Chen, Siyu
Yang, Jiongyi
Chen, Xiang
Zheng, Menglin
Wei, Minnan
Ju, Xiaolin
author_facet Chen, Siyu
Yang, Jiongyi
Chen, Xiang
Zheng, Menglin
Wei, Minnan
Ju, Xiaolin
contents Context: Software vulnerabilities pose a significant threat to modern software systems, as evidenced by the growing number of reported vulnerabilities and cyberattacks. These escalating trends underscore the urgent need for effective approaches that can automatically detect and understand software vulnerabilities. Objective: However, the scarcity of labeled samples and the class imbalance issue in vulnerability datasets present significant challenges for both Vulnerability Type Prediction (VTP) and Line-level Vulnerability Detection (LVD), especially for rare yet critical vulnerability types. Moreover, most existing studies treat VTP and LVD as independent tasks, overlooking their inherent correlation, which limits the potential to leverage shared semantic patterns across tasks. Methods: To address these limitations, we propose a unified approach that integrates Embedding-Layer Driven Adversarial Training (EDAT) with Multi-task Learning (MTL). Specifically, EDAT enhances model robustness by introducing adversarial perturbations to identifier embeddings, guided by semantic importance. Meanwhile, MTL improves overall performance by leveraging shared representations and inter-task correlations between VTP and LVD. Results: Extensive experiments demonstrate that our proposed approach outperforms state-of-the-art baselines on both VTP and LVD tasks. For VTP, it yields notable improvements in accuracy, precision, recall, and F1-score, particularly in identifying rare vulnerability types. Similarly, for LVD, our approach enhances line-level detection accuracy while significantly reducing false positives. Conclusion: Our study demonstrates that combining EDAT with MTL provides a unified solution that improves performance on both tasks and warrants further investigation.
format Preprint
id arxiv_https___arxiv_org_abs_2506_23534
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Improving vulnerability type prediction and line-level detection via adversarial training-based data augmentation and multi-task learning
Chen, Siyu
Yang, Jiongyi
Chen, Xiang
Zheng, Menglin
Wei, Minnan
Ju, Xiaolin
Software Engineering
Context: Software vulnerabilities pose a significant threat to modern software systems, as evidenced by the growing number of reported vulnerabilities and cyberattacks. These escalating trends underscore the urgent need for effective approaches that can automatically detect and understand software vulnerabilities. Objective: However, the scarcity of labeled samples and the class imbalance issue in vulnerability datasets present significant challenges for both Vulnerability Type Prediction (VTP) and Line-level Vulnerability Detection (LVD), especially for rare yet critical vulnerability types. Moreover, most existing studies treat VTP and LVD as independent tasks, overlooking their inherent correlation, which limits the potential to leverage shared semantic patterns across tasks. Methods: To address these limitations, we propose a unified approach that integrates Embedding-Layer Driven Adversarial Training (EDAT) with Multi-task Learning (MTL). Specifically, EDAT enhances model robustness by introducing adversarial perturbations to identifier embeddings, guided by semantic importance. Meanwhile, MTL improves overall performance by leveraging shared representations and inter-task correlations between VTP and LVD. Results: Extensive experiments demonstrate that our proposed approach outperforms state-of-the-art baselines on both VTP and LVD tasks. For VTP, it yields notable improvements in accuracy, precision, recall, and F1-score, particularly in identifying rare vulnerability types. Similarly, for LVD, our approach enhances line-level detection accuracy while significantly reducing false positives. Conclusion: Our study demonstrates that combining EDAT with MTL provides a unified solution that improves performance on both tasks and warrants further investigation.
title Improving vulnerability type prediction and line-level detection via adversarial training-based data augmentation and multi-task learning
topic Software Engineering
url https://arxiv.org/abs/2506.23534