{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,21]],"date-time":"2026-01-21T02:47:13Z","timestamp":1768963633567,"version":"3.49.0"},"reference-count":69,"publisher":"Association for Computing Machinery (ACM)","issue":"2","funder":[{"name":"Zhejiang Pioneer","award":["2025C01198(SD2)"],"award-info":[{"award-number":["2025C01198(SD2)"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"crossref","award":["62202419"],"award-info":[{"award-number":["62202419"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/501100012226","name":"Fundamental Research Funds for the Central Universities","doi-asserted-by":"crossref","award":["226-2022-00064"],"award-info":[{"award-number":["226-2022-00064"]}],"id":[{"id":"10.13039\/501100012226","id-type":"DOI","asserted-by":"crossref"}]},{"name":"Zhejiang Provincial Natural Science Foundation of China","award":["LY24F020008"],"award-info":[{"award-number":["LY24F020008"]}]},{"DOI":"10.13039\/100007834","name":"Ningbo Natural Science Foundation","doi-asserted-by":"crossref","award":["2022J184"],"award-info":[{"award-number":["2022J184"]}],"id":[{"id":"10.13039\/100007834","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/100022963","name":"Key Research and Development Program of Zhejiang Province","doi-asserted-by":"crossref","award":["2021C01105"],"award-info":[{"award-number":["2021C01105"]}],"id":[{"id":"10.13039\/100022963","id-type":"DOI","asserted-by":"crossref"}]},{"name":"State Street Zhejiang University Technology Center"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Softw. Eng. Methodol."],"published-print":{"date-parts":[[2026,2,28]]},"abstract":"<jats:p>Software vulnerabilities are weaknesses in software systems that can lead to significant cybersecurity risks. Recently, several deep learning (DL)-based approaches have been proposed to detect vulnerabilities at the function level. These approaches typically utilize one or a few different modalities (e.g., text representation and graph-based representation) of the function, and have shown promising performance. However, existing studies have not fully leveraged diverse modalities, particularly those that use images to represent functions for vulnerability detection. These approaches often fail to make sufficient use of the important graph structure underlying the images. In this article, we propose MVulD+, a multi-modal-based function-level vulnerability detection approach, which fuses multi-modal features of the function (i.e., text representation, graph representation, and image representation) to detect vulnerabilities. Specifically, MVulD+ leverages a pre-trained model (i.e., UniXcoder) to capture the semantic information of the textual source code, uses a graph neural network to extract graph representations, and employs computer vision techniques to obtain image representations while preserving the graph structure of the function. To investigate the effectiveness of MVulD+, we conduct a large-scale experiment by comparing our approach with nine state-of-the-art baselines. Experimental results demonstrate that MVulD+ improves the DL-based baselines by 24.3\u2013125.7%, 5.2\u201331.4%, 40.6\u2013192.2%, and 22.3\u2013186.9% in terms of F1-score, Accuracy, Precision, and PR-AUC, respectively.<\/jats:p>","DOI":"10.1145\/3731557","type":"journal-article","created":{"date-parts":[[2025,4,23]],"date-time":"2025-04-23T10:35:11Z","timestamp":1745404511000},"page":"1-31","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Abundant Modalities Offer More Nutrients: Multi-Modal-Based Function-Level Vulnerability Detection"],"prefix":"10.1145","volume":"35","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2906-0598","authenticated-orcid":false,"given":"Chao","family":"Ni","sequence":"first","affiliation":[{"name":"The State Key Laboratory of Blockchain and Data Security, Zhejiang University, Hangzhou, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-3396-0571","authenticated-orcid":false,"given":"Xin","family":"Yin","sequence":"additional","affiliation":[{"name":"The State Key Laboratory of Blockchain and Data Security, Zhejiang University, Hangzhou, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-4730-5277","authenticated-orcid":false,"given":"Xinrui","family":"Li","sequence":"additional","affiliation":[{"name":"The State Key Laboratory of Blockchain and Data Security, Zhejiang University, Hangzhou, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-0338-3937","authenticated-orcid":false,"given":"Xiaodan","family":"Xu","sequence":"additional","affiliation":[{"name":"The State Key Laboratory of Blockchain and Data Security, Zhejiang University, Hangzhou, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-8608-5628","authenticated-orcid":false,"given":"Zhi","family":"Yu","sequence":"additional","affiliation":[{"name":"The State Key Laboratory of Blockchain and Data Security, Zhejiang University, Hangzhou, China"}]}],"member":"320","published-online":{"date-parts":[[2026,1,20]]},"reference":[{"key":"e_1_3_2_2_2","unstructured":"Checkmarx. 2022. Retrieved from https:\/\/www.checkmarx.com\/"},{"key":"e_1_3_2_3_2","unstructured":"FlawFinder. 2022. Retrieved from https:\/\/dwheeler.com\/flawfinder\/"},{"key":"e_1_3_2_4_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.18"},{"key":"e_1_3_2_5_2","doi-asserted-by":"publisher","DOI":"10.1145\/3475960.3475985"},{"key":"e_1_3_2_6_2","unstructured":"Sicong Cao Xiaobing Sun Lili Bo Rongxin Wu Bin Li and Chuanqi Tao. 2022. MVD: Memory-related vulnerability detection based on flow-sensitive graph neural networks. arXiv:2203.02660. Retrieved from https:\/\/arxiv.org\/abs\/2203.02660"},{"key":"e_1_3_2_7_2","doi-asserted-by":"crossref","unstructured":"Saikat Chakraborty Rahul Krishna Yangruibo Ding and Baishakhi Ray. 2021. Deep learning based vulnerability detection: Are we there yet. IEEE Transactions on Software Engineering 48 9 (2021) 3280\u20133296.","DOI":"10.1109\/TSE.2021.3087402"},{"key":"e_1_3_2_8_2","doi-asserted-by":"publisher","DOI":"10.1145\/3377811.3380389"},{"key":"e_1_3_2_9_2","unstructured":"Djork-Arn\u00e9 Clevert Thomas Unterthiner and Sepp Hochreiter. 2015. Fast and accurate deep network learning by exponential linear units (ELUs). arXiv:1511.07289. Retrieved from https:\/\/arxiv.org\/abs\/1511.07289"},{"key":"e_1_3_2_10_2","first-page":"121","volume-title":"Proceedings of the 2023 IEEE\/ACM 45th International Conference on Software Engineering (ICSE)","author":"Croft Roland","year":"2023","unstructured":"Roland Croft, M. Ali Babar, and M. Mehdi Kholoosi. 2023. Data quality for software vulnerability datasets. In Proceedings of the 2023 IEEE\/ACM 45th International Conference on Software Engineering (ICSE). IEEE, 121\u2013133."},{"key":"e_1_3_2_11_2","unstructured":"Hoa Khanh Dam Truyen Tran Trang Pham Shien Wee Ng John Grundy and Aditya Ghose. 2017. Automatic feature learning for vulnerability prediction. arXiv:1708.02368. Retrieved from https:\/\/arxiv.org\/abs\/1708.02368"},{"key":"e_1_3_2_12_2","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2009.5206848"},{"key":"e_1_3_2_13_2","first-page":"4665","volume-title":"Proceedings of the 28th International Joint Conference on Artificial Intelligence (IJCAI)","author":"Duan Xu","year":"2019","unstructured":"Xu Duan, Jingzheng Wu, Shouling Ji, Zhiqing Rui, Tianyue Luo, Mutian Yang, and Yanjun Wu. 2019. VulSniper: Focus your attention to shoot fine-grained vulnerabilities. In Proceedings of the 28th International Joint Conference on Artificial Intelligence (IJCAI), 4665\u20134671."},{"key":"e_1_3_2_14_2","doi-asserted-by":"publisher","DOI":"10.1145\/3379597.3387501"},{"key":"e_1_3_2_15_2","doi-asserted-by":"crossref","unstructured":"Linton C. Freeman. 2002. Centrality in social networks: Conceptual clarification. In Social Network: Critical Concepts in Sociology Vol. 1 No. 3. Routledge London 238\u2013263.","DOI":"10.1016\/0378-8733(78)90021-7"},{"key":"e_1_3_2_16_2","unstructured":"Michael Fu and Chakkrit Tantithamthavorn. 2022. A transformer-based line-level vulnerability prediction. In Proceedings of the 19th International Conference on Mining Software Repositories 608\u2013620."},{"key":"e_1_3_2_17_2","unstructured":"Tianyu Gao Xingcheng Yao and Danqi Chen. 2021. SimCSE: Simple contrastive learning of sentence embeddings. arXiv:2104.08821. Retrieved from https:\/\/arxiv.org\/abs\/2104.08821"},{"key":"e_1_3_2_18_2","doi-asserted-by":"crossref","unstructured":"Yuexiu Gao and Chen Lyu. 2022. M2TS: Multi-scale multi-modal approach based on transformer for source code summarization. arXiv:2203.09707. Retrieved from https:\/\/arxiv.org\/abs\/2203.09707","DOI":"10.1145\/3524610.3527907"},{"key":"e_1_3_2_19_2","doi-asserted-by":"publisher","DOI":"10.1145\/3092566"},{"key":"e_1_3_2_20_2","first-page":"315","volume-title":"Proceedings of the 14th International Conference on Artificial Intelligence and Statistics","author":"Glorot Xavier","year":"2011","unstructured":"Xavier Glorot, Antoine Bordes, and Yoshua Bengio. 2011. Deep sparse rectifier neural networks. In Proceedings of the 14th International Conference on Artificial Intelligence and Statistics. JMLR Workshop and Conference Proceedings, 315\u2013323."},{"key":"e_1_3_2_21_2","unstructured":"Graphviz. 2022. Retrieved from https:\/\/graphviz.org"},{"key":"e_1_3_2_22_2","doi-asserted-by":"publisher","DOI":"10.1073\/pnas.0407994102"},{"key":"e_1_3_2_23_2","unstructured":"Daya Guo Shuai Lu Nan Duan Yanlin Wang Ming Zhou and Jian Yin. 2022. UniXcoder: Unified cross-modal pre-training for code representation. arXiv:2203.03850. Retrieved from https:\/\/arxiv.org\/abs\/2203.03850"},{"key":"e_1_3_2_24_2","first-page":"596","volume-title":"Proceedings of the 19th International Conference on Mining Software Repositories","author":"Hin David","year":"2022","unstructured":"David Hin, Andrey Kan, Huaming Chen, and M. Ali Babar. 2022. LineVD: Statement-level vulnerability detection using graph neural networks. In Proceedings of the 19th International Conference on Mining Software Repositories, 596\u2013607."},{"key":"e_1_3_2_25_2","unstructured":"Secure Software Inc. 2022. Rough Auditing Tool for Security (RATS). Retrieved from https:\/\/code.google.com\/p\/rough-auditing-tool-for-security\/"},{"key":"e_1_3_2_26_2","doi-asserted-by":"publisher","DOI":"10.1038\/35075138"},{"key":"e_1_3_2_27_2","unstructured":"Bonan Kou Shengmai Chen Zhijie Wang Lei Ma and Tianyi Zhang. 2023. Is model attention aligned with human attention? An empirical study on large language models for code generation. arXiv:2306.01220. Retrieved from https:\/\/arxiv.org\/abs\/2306.01220"},{"key":"e_1_3_2_28_2","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR52729.2023.00297"},{"key":"e_1_3_2_29_2","unstructured":"Yujia Li Daniel Tarlow Marc Brockschmidt and Richard S. Zemel. 2015. Gated graph sequence neural networks. In 4th International Conference on Learning Representations. Yoshua Bengio and Yann LeCun (Eds.) ICLR. Retrieved from https:\/\/dblp.org\/rec\/journals\/corr\/LiTBZ15.bib"},{"key":"e_1_3_2_30_2","doi-asserted-by":"crossref","first-page":"292","DOI":"10.1145\/3468264.3468597","volume-title":"Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering","author":"Li Yi","year":"2021","unstructured":"Yi Li, Shaohua Wang, and Tien N. Nguyen. 2021. Vulnerability detection with fine-grained interpretations. In Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 292\u2013303."},{"key":"e_1_3_2_31_2","doi-asserted-by":"crossref","unstructured":"Zhen Li Deqing Zou Shouhuai Xu Zhaoxuan Chen Yawei Zhu and Hai Jin. 2021. VulDeeLocator: A deep learning-based fine-grained vulnerability detector. IEEE Transactions on Dependable and Secure Computing 19 4 (2021) 2821\u20132837.","DOI":"10.1109\/TDSC.2021.3076142"},{"key":"e_1_3_2_32_2","doi-asserted-by":"crossref","unstructured":"Zhen Li Deqing Zou Shouhuai Xu Hai Jin Yawei Zhu and Zhaoxuan Chen. 2021. SySeVR: A framework for using deep learning to detect software vulnerabilities. IEEE Transactions on Dependable and Secure Computing 19 4 (2021) 2244\u20132258.","DOI":"10.1109\/TDSC.2021.3051525"},{"key":"e_1_3_2_33_2","unstructured":"Zhen Li Deqing Zou Shouhuai Xu Xinyu Ou Hai Jin Sujuan Wang Zhijun Deng and Yuyi Zhong. 2018. VulDeePecker: A deep learning-based system for vulnerability detection. arXiv:1801.01681. Retrieved from https:\/\/arxiv.org\/abs\/1801.01681"},{"key":"e_1_3_2_34_2","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3138840"},{"key":"e_1_3_2_35_2","first-page":"8332","article-title":"Could giant pre-trained image models extract universal representations","volume":"35","author":"Lin Yutong","year":"2022","unstructured":"Yutong Lin, Ze Liu, Zheng Zhang, Han Hu, Nanning Zheng, Stephen Lin, and Yue Cao. 2022. Could giant pre-trained image models extract universal representations? In Proceedings of the Advances in Neural Information Processing Systems, Vol. 35, 8332\u20138346.","journal-title":"Proceedings of the Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_36_2","doi-asserted-by":"publisher","DOI":"10.1109\/MINES.2012.202"},{"key":"e_1_3_2_37_2","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR52688.2022.01170"},{"key":"e_1_3_2_38_2","unstructured":"Ilya Loshchilov and Frank Hutter. 2017. Decoupled weight decay regularization. arXiv:1711.05101. Retrieved from https:\/\/arxiv.org\/abs\/1711.05101"},{"key":"e_1_3_2_39_2","unstructured":"Daniel Marjam\u00e4ki. 2013. Cppcheck: A Tool for Static C\/C++ Code Analysis. Retrieved from https:\/\/cppcheck. sourceforge.io"},{"key":"e_1_3_2_40_2","unstructured":"Lili Mou Ge Li Zhi Jin Lu Zhang and Tao Wang. 2014. TBCNN: A tree-based convolutional neural network for programming language processing. arXiv:1409.5718. Retrieved from https:\/\/arxiv.org\/abs\/1409.5718"},{"key":"e_1_3_2_41_2","doi-asserted-by":"crossref","first-page":"529","DOI":"10.1145\/1315245.1315311","volume-title":"Proceedings of the 14th ACM Conference on Computer and Communications Security","author":"Neuhaus Stephan","year":"2007","unstructured":"Stephan Neuhaus, Thomas Zimmermann, Christian Holler, and Andreas Zeller. 2007. Predicting vulnerable software components. In Proceedings of the 14th ACM Conference on Computer and Communications Security, 529\u2013540."},{"key":"e_1_3_2_42_2","first-page":"1911","volume-title":"Proceedings of the 2023 38th IEEE\/ACM International Conference on Automated Software Engineering (ASE)","author":"Ni Chao","year":"2023","unstructured":"Chao Ni, Xinrong Guo, Yan Zhu, Xiaodan Xu, and Xiaohu Yang. 2023. Function-level vulnerability detection through fusing multi-modal knowledge. In Proceedings of the 2023 38th IEEE\/ACM International Conference on Automated Software Engineering (ASE). IEEE, 1911\u20131918."},{"key":"e_1_3_2_43_2","first-page":"339","volume-title":"Proceedings of the 2023 IEEE\/ACM 31st International Conference on Program Comprehension (ICPC). IEEE","author":"Ni Chao","year":"2023","unstructured":"Chao Ni, Liyu Shen, Wei Wang, Xiang Chen, Xin Yin, and Lexiao Zhang. 2023. FVA: Assessing function-level vulnerability by integrating flow-sensitive structure and code statement semantic. In Proceedings of the 2023 IEEE\/ACM 31st International Conference on Program Comprehension (ICPC). IEEE, 339\u2013350."},{"key":"e_1_3_2_44_2","unstructured":"Chao Ni Liyu Shen Xiaodan Xu Xin Yin and Shaohua Wang. 2024. Learning-based models for vulnerability detection: An extensive study. arXiv:2408.07526. Retrieved from https:\/\/arxiv.org\/abs\/2408.07526"},{"key":"e_1_3_2_45_2","first-page":"738","volume-title":"Proceedings of the 2024 IEEE\/ACM 21st International Conference on Mining Software Repositories (MSR)","author":"Ni Chao","year":"2024","unstructured":"Chao Ni, Liyu Shen, Xiaohu Yang, Yan Zhu, and Shaohua Wang. 2024. MegaVul: AC\/C++ vulnerability dataset with comprehensive code representations. In Proceedings of the 2024 IEEE\/ACM 21st International Conference on Mining Software Repositories (MSR). IEEE, 738\u2013742."},{"key":"e_1_3_2_46_2","doi-asserted-by":"publisher","DOI":"10.1145\/3611643.3616358"},{"key":"e_1_3_2_47_2","article-title":"PyTorch: An imperative style, high-performance deep learning library","volume":"32","author":"Paszke Adam","year":"2019","unstructured":"Adam Paszke, Sam Gross, Francisco Massa, Adam Lerer, James Bradbury, Gregory Chanan, Trevor Killeen, Zeming Lin, Natalia Gimelshein, Luca Antiga, et al. 2019. PyTorch: An imperative style, high-performance deep learning library. In Proceedings of the Advances in Neural Information Processing Systems, Vol. 32.","journal-title":"Proceedings of the Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_48_2","first-page":"757","volume-title":"Proceedings of the 2018 17th IEEE International Conference on Machine Learning and Applications (ICMLA)","author":"Russell Rebecca","year":"2018","unstructured":"Rebecca Russell, Louis Kim, Lei Hamilton, Tomo Lazovich, Jacob Harer, Onur Ozdemir, Paul Ellingwood, and Marc McConley. 2018. Automated vulnerability detection in source code using deep representation learning. In Proceedings of the 2018 17th IEEE International Conference on Machine Learning and Applications (ICMLA). IEEE, 757\u2013762."},{"key":"e_1_3_2_49_2","doi-asserted-by":"publisher","DOI":"10.1371\/journal.pone.0118432"},{"key":"e_1_3_2_50_2","unstructured":"Umesh Shankar Kunal Talwar Jeffrey S. Foster and David Wagner. 2001. Detecting format string vulnerabilities with type qualifiers. In Proceedings of the 10th USENIX Security Symposium (USENIX Security \u201901)."},{"key":"e_1_3_2_51_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2014.2373377"},{"key":"e_1_3_2_52_2","doi-asserted-by":"crossref","unstructured":"Min Shi Yufei Tang Xingquan Zhu Yuan Zhuang Maohua Lin and Jianxun Liu. 2022. Feature-attention graph convolutional networks for noise resilient learning. IEEE Transactions on Cybernetics 52 8 (2022) 7719\u20137731.","DOI":"10.1109\/TCYB.2022.3143798"},{"key":"e_1_3_2_53_2","unstructured":"Jing Kai Siow Shangqing Liu Xiaofei Xie Guozhu Meng and Yang Liu. 2022. Learning program semantics with code representations: An empirical study. arXiv:2203.11790. Retrieved from https:\/\/arxiv.org\/abs\/2203.11790"},{"issue":"86","key":"e_1_3_2_54_2","first-page":"2579","article-title":"Visualizing data using t-SNE","volume":"9","author":"van der Maaten Laurens","year":"2008","unstructured":"Laurens van der Maaten and Geoffrey Hinton. 2008. Visualizing data using t-SNE. Journal of Machine Learning Research 9, 86 (2008), 2579\u20132605. Retrieved from http:\/\/jmlr.org\/papers\/v9\/vandermaaten08a.html","journal-title":"Journal of Machine Learning Research"},{"key":"e_1_3_2_55_2","first-page":"1952","volume-title":"Proceedings of the 2023 38th IEEE\/ACM International Conference on Automated Software Engineering (ASE). IEEE","author":"Wang Chaozheng","year":"2023","unstructured":"Chaozheng Wang, Zongjie Li, Yun Pena, Shuzheng Gao, Sirong Chen, Shuai Wang, Cuiyun Gao, and Michael R. Lyu. 2023. REEF: A framework for collecting real-world vulnerabilities and fixes. In Proceedings of the 2023 38th IEEE\/ACM International Conference on Automated Software Engineering (ASE). IEEE, 1952\u20131962."},{"key":"e_1_3_2_56_2","first-page":"472","volume-title":"Proceedings of the 2024 IEEE\/ACM 46th International Conference on Software Engineering: Companion Proceedings","author":"Wang Xinchen","year":"2024","unstructured":"Xinchen Wang, Ruida Hu, Cuiyun Gao, Xin-Cheng Wen, Yujia Chen, and Qing Liao. 2024. ReposVul: A repository-level high-quality vulnerability dataset. In Proceedings of the 2024 IEEE\/ACM 46th International Conference on Software Engineering: Companion Proceedings, 472\u2013483."},{"key":"e_1_3_2_57_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICCV51070.2023.00501"},{"key":"e_1_3_2_58_2","doi-asserted-by":"crossref","unstructured":"Martin Weyssow Houari Sahraoui and Bang Liu. 2022. Better modeling the programming world with code concept graphs-augmented multi-modal learning. arXiv:2201.03346. Retrieved from https:\/\/arxiv.org\/abs\/2201.03346","DOI":"10.1145\/3510455.3512771"},{"key":"e_1_3_2_59_2","unstructured":"Sarah Wiegreffe and Yuval Pinter. 2019. Attention is not not explanation. arXiv:1908.04626. Retrieved from https:\/\/arxiv.org\/abs\/1908.04626"},{"key":"e_1_3_2_60_2","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2020.emnlp-demos.6"},{"key":"e_1_3_2_61_2","doi-asserted-by":"publisher","DOI":"10.1109\/TMM.2023.3275308"},{"key":"e_1_3_2_62_2","first-page":"10890","article-title":"R-Drop: Regularized dropout for neural networks","volume":"34","author":"Wu Lijun","year":"2021","unstructured":"Lijun Wu, Juntao Li, Yue Wang, Qi Meng, Tao Qin, Wei Chen, Min Zhang, and Tie-Yan Liu. 2021. R-Drop: Regularized dropout for neural networks. In Proceedings of the Advances in Neural Information Processing Systems, Vol. 34, 10890\u201310905.","journal-title":"Proceedings of the Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_63_2","doi-asserted-by":"crossref","unstructured":"Yueming Wu Deqing Zou Shihan Dou Wei Yang Duo Xu and Hai Jin. 2022. Vulcnn: An image-inspired scalable vulnerability detection system. In Proceedings of the 44th International Conference on Software Engineering 2365\u20132376.","DOI":"10.1145\/3510003.3510229"},{"key":"e_1_3_2_64_2","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR52688.2022.00943"},{"key":"e_1_3_2_65_2","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR52729.2023.00999"},{"key":"e_1_3_2_66_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.44"},{"key":"e_1_3_2_67_2","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2421003"},{"key":"e_1_3_2_68_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.54"},{"key":"e_1_3_2_69_2","doi-asserted-by":"crossref","unstructured":"Xin Yin Chao Ni and Shaohua Wang. 2024. Multitask-based evaluation of open-source LLM on software vulnerability. IEEE Transactions on Software Engineering 50 11 (2024) 3071\u20133087.","DOI":"10.1109\/TSE.2024.3470333"},{"key":"e_1_3_2_70_2","article-title":"Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks","volume":"32","author":"Zhou Yaqin","year":"2019","unstructured":"Yaqin Zhou, Shangqing Liu, Jingkai Siow, Xiaoning Du, and Yang Liu. 2019. Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks. Advances in Neural Information Processing Systems, Vol. 32.","journal-title":"Advances in Neural Information Processing Systems"}],"container-title":["ACM Transactions on Software Engineering and Methodology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3731557","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,20]],"date-time":"2026-01-20T14:03:13Z","timestamp":1768917793000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3731557"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,1,20]]},"references-count":69,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2026,2,28]]}},"alternative-id":["10.1145\/3731557"],"URL":"https:\/\/doi.org\/10.1145\/3731557","relation":{},"ISSN":["1049-331X","1557-7392"],"issn-type":[{"value":"1049-331X","type":"print"},{"value":"1557-7392","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,1,20]]},"assertion":[{"value":"2024-07-27","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-04-07","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2026-01-20","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}