Enhancing Graph Neural Network Vulnerability Detection via Dynamic Edge Removal and Natural Language Processing Integration

Authors

  • Chao  Zhang  School of Information Engineering, Suqian University, Suqian City, Jiangsu Province, China
  • Wei Li Henan Logistics Vocational College, Zhengzhou, Henan, China

DOI:

https://doi.org/10.15837/ijccc.2026.1.6905

Keywords:

software vulnerability detection, graph neural networks, DFS, control graph edge dynamic removal, natural language processing models

Abstract

The study explores the effectiveness enhancement of depth-first search with control graph edge dynamic removal technique for software vulnerability detection in graph neural networks. The research methods include constructing code attribute graphs, applying depth-first search algorithm to optimize the structure of code attribute graphs, dynamically removing redundant control-dependent edges, and integrating different natural language processing models to vectorize the code attribute graphs. The results of the study indicated that the proposed algorithm achieved 96.89% accuracy, 95.12% precision, 97.76% recall, and 96.40% F1 score on Software Assurance Reference Dataset and National Vulnerability Database datasets, which significantly outperformed the other models. On the FFMPeg and Qemu datasets, the Bidirectional Encoder Representations from Transformers version also exhibited the best performance. The accuracy was 92.19%, precision was 86.64%, recall was 91.73%, and F1 score was 89.10%. These results suggest that integrating the Bidirectional Encoder Representations from Transformers Bidirectional Encoder Representations from Transformers model is beneficial. The method proposed in the study provides practical help to software security professionals and developers through innovative code graph modeling and deep feature learning mechanisms: first, it significantly improves the efficiency of real-time vulnerability detection; second, it greatly reduces the false alarm rate, which can help developers accurately locate real vulnerabilities, reduce ineffective troubleshooting work, and effectively enhance the security protection effectiveness in the software development life cycle.

References

Shin H J, Lee G Y, Lee C J. Automatic anomaly detection in engineering diagrams using machine learning[J]. Korean Journal of Chemical Engineering, 2023, 40(11): 2612-2623. https://doi.org/10.1007/s11814-023-1518-8

Jin Y, Chen Z, Liu W. Enumerating all multi-constrained s-t paths on temporal graph[J]. Knowledge and Information Systems, 2024, 66(2): 1135-1165. . https://doi.org/10.1007/s10115-023-01958-8

Pakshad P, Shameli-Sendi A, Khalaji Emamzadeh Abbasi B. A security vulnerability predictor based on source code metrics[J]. Journal of Computer Virology and Hacking Techniques, 2023, 19(4): 615-633. https://doi.org/10.1007/s11416-023-00469-y

Sun X, Luo Q. Efficient GPU-accelerated subgraph matching[J]. Proceedings of the ACM on Management of Data, 2023, 1(2): 1-26. https://doi.org/10.1145/3589326

Jimmy F N U. Cyber security vulnerabilities and remediation through cloud security tools[J]. Journal of Artificial Intelligence General Science (JAIGS), 2024, 2(1): 129-171. . https://doi.org/10.60087/jaigs.v2i1.102

Yang J, Fang S, Gu Z, Ma Z, Lin X, Tian Z. TC-Match: Fast time-constrained continuous subgraph matching[J]. Proceedings of the VLDB Endowment, 2024, 17(11): 2791-2804. . https://doi.org/10.14778/3681954.3681963

Islam M A, Ahmed C F, Alam M T, Leung C K S. Graph-based substructure pattern mining with edge-weight[J]. Applied Intelligence, 2024, 54(5): 3756-3785. https://doi.org/10.1007/s10489-024-05356-7

Zhang S, Cui R, Yan W, Li Y. Dual-layer path planning with pose SLAM for autonomous exploration in GPS-denied environments[J]. IEEE Transactions on Industrial Electronics, 2023, 71(5): 4976-4986. https://doi.org/10.1109/TIE.2023.3288187

Jovanović, V., Marinković, D., Janošević, D. & Petrović, N. (2023). Influential Factors in the Loading of the Axial Bearing of the Slewing Platform Drive in Hydraulic Excavators. Tehnički vjesnik, 30 (1), 158-168. https://doi.org/10.17559/TV-20220425205603

Guo H, Zhu H, Liu G Y, Chen Z X. General reaction network exploration scheme based on graph theory representation and depth first search applied to CO2 hydrogenation on Pd2Cu catalyst[J]. ACS Catalysis, 2024, 14(8): 5720-5734. https://doi.org/10.1021/acscatal.4c00067

BaniMustafa A, AbdelHalim R O, Bulkrock, Al-Hmouz A. Deep Learning for Assessing Severity of Concrete Structures Cracks[J]. International Journal of Computers Communications & Control, 2023, 18(1): 4977. https://doi.org/10.15837/ijccc.2023.1.4977

Do Xuan C, Mai D H, Thanh M C, Van Cong B. A novel approach for software vulnerability detection based on intelligent cognitive computing[J]. The Journal of Supercomputing, 2023, 79(15): 17042-17078. https://doi.org/10.1007/s11227-023-05282-4

Stanojević B, Stanojević M. On approaching full fuzzy data envelopment analysis and its validation[ J]. International Journal of Computers Communications & Control, 2024, 19(6): 6855. https://doi.org/10.15837/ijccc.2024.6.6855

Garcia-Gastelum, T. S., Álvarez, P. A., León-Castro, E., & Uzeta-Obregon, C. R. (2024). Analysis of the countries' business attraction with the ELECTRE-III method. Computer Science and Information Systems, 21 (3), 1179-1201. https://doi.org/10.2298/CSIS230223032G

Zhang J, Liu Z, Hu X, Xia X, Li S. Vulnerability detection by learning from syntax-based execution paths of code[J]. IEEE Transactions on Software Engineering, 2023, 49(8): 4196-4212. https://doi.org/10.1109/TSE.2023.3286586

Cho, Y., & Lee, C. (2024). The effects of process innovation and partnership in SCM: Focusing on the mediating roles. Computer Science and Information Systems, 21 (2), 453-472. https://doi.org/10.2298/CSIS220514051C

Papon T I, Chen T, Zhang S, Athanassoulis M. CAVE: Concurrency-aware graph processing on SSDs[J]. Proceedings of the ACM on Management of Data, 2024, 2(3): 1-26. https://doi.org/10.1145/3654928

Fu M, Nguyen V, Tantithamthavorn C, Phung D, Le T. Vision transformer inspired automated vulnerability repair[J]. ACM Transactions on Software Engineering and Methodology, 2024, 33(3): 1-29. https://doi.org/10.1145/3632746

Dong H, Zhao X. Reinforcement learning-based wind farm control: Toward large farm applications via automatic grouping and transfer learning[J]. IEEE Transactions on Industrial Informatics, 2023, 19(12): 11833-11845. https://doi.org/10.1109/TII.2023.3252540

Jovanović, V., Marinković, D., Janošević, D. & Petrović, N. (2023). Influential Factors in the Loading of the Axial Bearing of the Slewing Platform Drive in Hydraulic Excavators. Tehnički vjesnik, 30 (1), 158-168. https://doi.org/10.17559/TV-20220425205603

Gao K, Feng S W, Huang B, Yu J. Minimizing running buffers for tabletop object rearrangement: Complexity, fast algorithms, and applications[J]. The International Journal of Robotics Research, 2023, 42(10): 755-776. https://doi.org/10.1177/02783649231178565

Wan B, Xu C, Koo J. Exploring the effectiveness of web crawlers in detecting security vulnerabilities in computer software applications[J]. International Journal of Informatics and Information Systems, 2023, 6(2): 56-65. https://doi.org/10.47738/ijiis.v6i2.158

Li L, Ding S H, Tian Y, Fung B C, Charland P, Ou W, Chen C. VulANalyzeR: Explainable binary vulnerability detection with multi-task learning and attentional graph convolution[J]. ACM Transactions on Privacy and Security, 2023, 26(3): 1-25. https://doi.org/10.1145/3585386

Mao, Y., Liu, S. & Gong, D. (2023). A Text Mining and Ensemble Learning Based Approach for Credit Risk Prediction. Tehnički vjesnik, 30 (1), 138-147. https://doi.org/10.17559/TV-20220623113041

Li L, Ding S H, Tian Y, Fung B C, Charland P, Ou W, et al. VulANalyzeR: Explainable binary vulnerability detection with multi-task learning and attentional graph convolution[J]. ACM Transactions on Privacy and Security, 2023, 26(3): 1-25. https://doi.org/10.1145/3585386

Mohajer A, Hajipour J, Leung V C M. Dynamic offloading in mobile edge computing with trafficaware network slicing and adaptive TD3 strategy[J]. IEEE Communications Letters, 2024. https://doi.org/10.1109/LCOMM.2024.3501956

Additional Files

Published

2026-01-21

Issue

Vol. 21 No. 1 (2026): International Journal of Computers Communications & Control (February)

Section

Articles

License

Copyright (c) 2025 Wei Li, Chao  Zhang 

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

ONLINE OPEN ACCES: Acces to full text of each article and each issue are allowed for free in respect of Attribution-NonCommercial 4.0 International (CC BY-NC 4.0.

You are free to:

-Share: copy and redistribute the material in any medium or format;

-Adapt: remix, transform, and build upon the material.

The licensor cannot revoke these freedoms as long as you follow the license terms.

 

DISCLAIMER: The author(s) of each article appearing in International Journal of Computers Communications & Control is/are solely responsible for the content thereof; the publication of an article shall not constitute or be deemed to constitute any representation by the Editors or Agora University Press that the data presented therein are original, correct or sufficient to support the conclusions reached or that the experiment design or methodology is adequate.

Most read articles by the same author(s)

Obs.: This plugin requires at least one statistics/report plugin to be enabled. If your statistics plugins provide more than one metric then please also select a main metric on the admin's site settings page and/or on the journal manager's settings pages.