Treffer: Code vulnerability detection based on augmented program dependency graph and optimized CodeBERT.

The increasing complexity of software systems has rendered code vulnerability detection a critical aspect of software security. While deep learning-based approaches have advanced this field, challenges such as coarse-grained function-level detection, scalability limitations, and constrained accuracy persist. Although slice-level detection effectively reduces noise, it frequently sacrifices essential syntactic and semantic information, which undermines vulnerability representation, elevates false positive rates, and ultimately limits practical applicability. To address these challenges, this paper proposes a code vulnerability detection method based on an augmented program dependency graph and optimized CodeBERT. The method augments the traditional program dependency graph by extending its structure to capture richer semantic and structural information in the code. Furthermore, it employs the Code Bidirectional Encoder Representations from Transformers (CodeBERT) pretrained model for extracting code embedding features. Additionally, a hybrid loss function optimization strategy tailored for CodeBERT is proposed to address the long-tail distribution characteristics of code vulnerability detection. The experimental results demonstrate that, compared to other state-of-the-art classical methods, the detection accuracy and F1 score on synthetic and real-world datasets have been improved by an average of up to 8.34% and 29.71%, respectively. [ABSTRACT FROM AUTHOR]