Automated Vulnerability Detection Using Deep Learning Technique
This addresses code security testing for developers, but is incremental as it applies known deep learning methods to a specific vulnerability type.
The paper tackles SQL injection vulnerability detection in Python code by using CodeBERT and LSTM models, achieving higher precision, recall, and F1-score compared to existing SAST tools.
Our work explores the utilization of deep learning, specifically leveraging the CodeBERT model, to enhance code security testing for Python applications by detecting SQL injection vulnerabilities. Unlike traditional security testing methods that may be slow and error-prone, our approach transforms source code into vector representations and trains a Long Short-Term Memory (LSTM) model to identify vulnerable patterns. When compared with existing static application security testing (SAST) tools, our model displays superior performance, achieving higher precision, recall, and F1-score. The study demonstrates that deep learning techniques, particularly with CodeBERT's advanced contextual understanding, can significantly improve vulnerability detection, presenting a scalable methodology applicable to various programming languages and vulnerability types.