Software Vulnerability Detection Using a Lightweight Graph Neural Network
This addresses the scalability and deployment issues in vulnerability detection for software developers, though it is incremental as it builds on existing GNN methods.
The paper tackled software vulnerability detection by proposing VulGNN, a lightweight graph neural network that achieves performance comparable to large language models while being 100 times smaller and faster to retrain.
Large Language Models (LLMs) have emerged as a popular choice in vulnerability detection studies given their foundational capabilities, open source availability, and variety of models, but have limited scalability due to extensive compute requirements. Using the natural graph relational structure of code, we show that our proposed graph neural network (GNN) based deep learning model VulGNN for vulnerability detection can achieve performance almost on par with LLMs, but is 100 times smaller in size and fast to retrain and customize. We describe the VulGNN architecture, ablation studies on components, learning rates, and generalizability to different code datasets. As a lightweight model for vulnerability analysis, VulGNN is efficient and deployable at the edge as part of real-world software development pipelines.