一种融合双曲表示与欧几里得表示的源代码漏洞检测方法

打开文本图片集

中图分类号：TP311 文献标志码：A 文章编号：1671-6841（2026）01-0019-08

DOI： 10. 13705/j. issn.1671-6841. 2024119

Abstract：With the increasing complexity of software systems，source code vulnerability detection has become a key task to maintain software security. Although various vulnerability detection methods based on deep learning were proposed，they mainly relied on a single Euclidean space perspective to extract the semantic features and structural features in the code representation structure，which limited their ability to detect vulnerabilities hidden deep in the code. In order to solve this limitation，VulDEHGCN，a source code vulnerability detection method fusing hyperbolic representation and euclidean representation was proposesed.It could embedd the source code from two diferent spaces，so as to mine the vulnerability characteristics of the source code from diferent perspectives， so as to achieve more accurate vulnerability detection.The experimental results showed that compared with the existing vulnerability detection methods， VulDEHGCN achieved significant improvement in key performance indicators such as accuracy， precision，recall and F1 score.The accuracy and F1 score reached 98.93% and 96.63% respectively. Ablation studies also confirm the superiority of fusing code embeddings from diffrent perspectives to further enhance vulnerability detection performance.

Key Words：vulnerability detection; slice-level; hyperbolic space； Euclidean space； fused representa-tion

0 引言

源代码漏洞检测是软件安全领域的一个重要研究方向，其目标是识别并修复可能导致安全风险的软件缺陷。（剩余13346字）