Slice Level Vulnerability Detection

Current transformer-based software vulnerability detection approaches consider the function as input. However, one drawback of the transformer-based model is that it processes a certain number of input tokens and discards the remaining ones. The discarded tokens may contain the root cause of vulnerabilities, and the predictions may be inaccurate. In this project, our proposed approach makes slices based on the program points of interest where a generated slice is smaller in length than the function and includes statements from different parts of the function depending on the program point of interest. Thus, it reduces the chance of discarding the root causes of vulnerability from the input. We classify a function as vulnerable or nonvulnerable based on the prediction of its slices. Experimental result shows that our slice-based approach performs better than the function-based approach, and gets a performance increase of 2.7%, 1%, 0.7%, and 0.4% in Recall, F1 score, Accuracy, and Precision, respectively