Saved in:
Bibliographic Details
Main Authors: Idrissi, Mohamed Taoufik Kaouthar El, Zulkoski, Edward, Hamdaqa, Mohammad
Format: Preprint
Published: 2026
Subjects:
Online Access:https://arxiv.org/abs/2604.25599
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866908998953861120
author Idrissi, Mohamed Taoufik Kaouthar El
Zulkoski, Edward
Hamdaqa, Mohammad
author_facet Idrissi, Mohamed Taoufik Kaouthar El
Zulkoski, Edward
Hamdaqa, Mohammad
contents Code understanding models increasingly rely on pretrained language models (PLMs) and graph neural networks (GNNs), which capture complementary semantic and structural information. We conduct a controlled empirical study of PLM-GNN hybrids for code classification and vulnerability detection tasks by systematically pairing three code-specialized PLMs with three foundational GNN architectures. We compare these hybrids against PLM-only and GNN-only baselines on Java250 and Devign, including an identifier-obfuscation setting. Across both tasks, hybrids consistently outperform GNN-only baselines and often improve ranking quality over frozen PLMs. On Devign, performance and robustness are more sensitive to the PLM feature source than to the GNN backbone. We also find that larger PLMs are not necessarily better feature extractors in this pipeline, and that the PLM choice has more impact than the GNN choice. Finally, we distill these findings into practical guidelines for PLM-GNN design choices in code classification and vulnerability detection.
format Preprint
id arxiv_https___arxiv_org_abs_2604_25599
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle PLMGH: What Matters in PLM-GNN Hybrids for Code Classification and Vulnerability Detection
Idrissi, Mohamed Taoufik Kaouthar El
Zulkoski, Edward
Hamdaqa, Mohammad
Software Engineering
Machine Learning
Code understanding models increasingly rely on pretrained language models (PLMs) and graph neural networks (GNNs), which capture complementary semantic and structural information. We conduct a controlled empirical study of PLM-GNN hybrids for code classification and vulnerability detection tasks by systematically pairing three code-specialized PLMs with three foundational GNN architectures. We compare these hybrids against PLM-only and GNN-only baselines on Java250 and Devign, including an identifier-obfuscation setting. Across both tasks, hybrids consistently outperform GNN-only baselines and often improve ranking quality over frozen PLMs. On Devign, performance and robustness are more sensitive to the PLM feature source than to the GNN backbone. We also find that larger PLMs are not necessarily better feature extractors in this pipeline, and that the PLM choice has more impact than the GNN choice. Finally, we distill these findings into practical guidelines for PLM-GNN design choices in code classification and vulnerability detection.
title PLMGH: What Matters in PLM-GNN Hybrids for Code Classification and Vulnerability Detection
topic Software Engineering
Machine Learning
url https://arxiv.org/abs/2604.25599