Code vulnerability detection method based on multi-dimensional feature fusion and edge semantic augmentation

App. Res. of Comp. Accepted Paper

Vol. 43, 2026 No. 2

Zhang Shuai^1,2

Wei Le^1,2,3,4

1. School of Software Engineering, Chengdu University of Information Technology, Chengdu 610225, China

2. Automatic Software Generation & Intelligence Service Key Laboratory of Sichuan Province, Chengdu 610225, China

3. Sichuan Manufacturing Information Industry Collaborative Innovation Center Chengdu 610225, China

4. industrial software collaborative research center, Chengdu 610225, China

DOI: 10.19734/j.issn.1001-3695.2025.06.0210

Abstract

Graph-based code vulnerability detection still faces challenges such as graph structural redundancy, disjointed local and global feature representations, and missing edge semantic information. To address these issues, a static detection method based on multidimensional feature fusion and edge semantic augmentation was proposed. First, a hierarchical graph fusion strategy was designed, combining abstract syntax trees and program dependence graphs to construct a lightweight program semantic graph, effectively reducing the number of graph nodes. Second, the typical static structural feature of scope paths in code was explicitly identified. Local syntax and semantic features, along with global contextual constraints of statement nodes, were extracted from three dimensions: code token sequences, abstract syntax trees, and scope paths. Finally, an edge-semantic-augmented graph attention network was constructed to enable collaborative updating of node and edge attributes. Experimental results show accuracies of 93.1% and 91.9%, and F1 scores of 92.8% and 91.6% on C/C++ and Java datasets, respectively. The method outperforms four mainstream approaches, including MGVD and VulMPFF, and demonstrates better adaptability and generalization across multiple common vulnerability types.

Key Words

vulnerability detection abstract syntax tree program dependence graph edge semantic augmentation

Foundation Support

国家重点研发计划工业软件重点专项(2022YFB3305100)

软件自动生成与智能服务四川省重点实验室开放课题(CUIT-SAG202203、CUIT-SAG202207)

Publish Information

DOI: 10.19734/j.issn.1001-3695.2025.06.0210

Publish at: Application Research of Computers Accepted Paper, Vol. 43, 2026 No. 2

Publish History

[2025-10-27] Accepted Paper

Cite This Article

张帅, 魏乐. 基于多维度特征融合与边语义增强的代码漏洞检测方法 [J]. 计算机应用研究, 2026, 43 (2). (2025-11-04). https://doi.org/10.19734/j.issn.1001-3695.2025.06.0210. (Zhang Shuai, Wei Le. Code vulnerability detection method based on multi-dimensional feature fusion and edge semantic augmentation [J]. Application Research of Computers, 2026, 43 (2). (2025-11-04). https://doi.org/10.19734/j.issn.1001-3695.2025.06.0210. )

Abstract Key Words Foundation Support Publish Information Publish History Cite This Article

About the Journal

Application Research of Computers Monthly Journal
Journal ID ISSN 1001-3695
CN 51-1196/TP

Application Research of Computers, founded in 1984, is an academic journal of computing technology sponsored by Sichuan Institute of Computer Sciences under the Science and Technology Department of Sichuan Province.

Aiming at the urgently needed cutting-edge technology in this discipline, Application Research of Computers reflects the mainstream technology, hot technology and the latest development trend of computer application research at home and abroad in a timely manner. The main contents of the journal include high-level academic papers in this discipline, the latest scientific research results and major application results. The contents of the columns involve new theories of computer discipline, basic computer theory, algorithm theory research, algorithm design and analysis, blockchain technology, system software and software engineering technology, pattern recognition and artificial intelligence, architecture, advanced computing, parallel processing, database technology, computer network and communication technology, information security technology, computer image graphics and its latest hot application technology.

Application Research of Computers has many high-level readers and authors, and its readers are mainly senior and middle-level researchers and engineers engaged in the field of computer science, as well as teachers and students majoring in computer science and related majors in colleges and universities. Over the years, the total citation frequency and Web download rate of Application Research of Computers have been ranked among the top of similar academic journals in this discipline, and the academic papers published are highly popular among the readers for their novelty, academics, foresight, orientation and practicality.

Indexed & Evaluation

The Second National Periodical Award 100 Key Journals
Double Effect Journal of China Journal Formation
the Core Journal of China (Peking University 2023 Edition)
the Core Journal for Science
Chinese Science Citation Database (CSCD) Source Journals
RCCSE Chinese Core Academic Journals
Journal of China Computer Federation
2020-2022 The World Journal Clout Index (WJCI) Report of Scientific and Technological Periodicals
Full-text Source Journal of China Science and Technology Periodicals Database
Source Journal of China Academic Journals Comprehensive Evaluation Database
Source Journals of China Academic Journals (CD-ROM Version), China Journal Network
2017-2019 China Outstanding Academic Journals with International Influence (Natural Science and Engineering Technology)
Source Journal of Top Academic Papers (F5000) Program of China's Excellent Science and Technology Journals
Source Journal of China Engineering Technology Electronic Information Network and Electronic Technology Literature Database
Source Journal of British Science Digest (INSPEC)
Japan Science and Technology Agency (JST) Source Journal
Russian Journal of Abstracts (AJ, VINITI) Source Journals
Full-text Journal of EBSCO, USA
Cambridge Scientific Abstracts (Natural Sciences) (CSA(NS)) core journals
Poland Copernicus Index (IC)
Ulrichsweb (USA)