Sensors (Mar 2025)

An Improved Software Source Code Vulnerability Detection Method: Combination of Multi-Feature Screening and Integrated Sampling Model

  • Xin He,
  • Asiya,
  • Daoqi Han,
  • Shuncheng Zhou,
  • Xueliang Fu,
  • Honghui Li

DOI
https://doi.org/10.3390/s25061816
Journal volume & issue
Vol. 25, no. 6
p. 1816

Abstract

Read online

Vulnerability detection in software source code is crucial in ensuring software security. Existing models face challenges with dataset class imbalance and long training times. To address these issues, this paper introduces a multi-feature screening and integrated sampling model (MFISM) to enhance vulnerability detection efficiency and accuracy. The key innovations include (i) utilizing abstract syntax tree (AST) representation of source code to extract potential vulnerability-related features through multiple feature screening techniques; (ii) conducting analysis of variance (ANOVA) and evaluating feature selection techniques to identify representative and discriminative features; (iii) addressing class imbalance by applying an integrated over-sampling strategy to create synthetic samples from vulnerable code to expand the minority class sample size; (iv) employing outlier detection technology to filter out abnormal synthetic samples, ensuring high-quality synthesized samples. The model employs a bidirectional long short-term memory network (Bi-LSTM) to accurately identify vulnerabilities in the source code. Experimental results demonstrate that MFISM improves the F1 score performance by approximately 10% compared to existing DeepBalance methods and reduces the training time to 2–3 h. These results confirm the effectiveness and superiority of MFISM in source code vulnerability detection tasks.

Keywords