Enhancing fine-grained vulnerability detection with reinforcement learning

Publication Type

Journal Article

Publication Date

10-2025

Abstract

The rapid growth of vulnerabilities has significantly accelerated the development of automated vulnerability detection methods, especially those based on data-driven models. However, most of them primarily focus on extracting accurate code representations while overlooking the complex vulnerability patterns among vulnerable statements, thereby leaving room for improvement. To overcome this limitation, we present a novel reinforcement learning framework ( RLFD ) for detecting vulnerabilities at a fine-grained level. RLFD redefines the detection task as a sequential decision-making process and then employs reinforcement learning to automatically learn vulnerability-relevant structures from code snippets. Moreover, by designing reward functions aligned with fine-grained evaluation metrics, RLFD focuses on the co-existence relations among statements from a global perspective, enabling the model to capture complex interactions that lead to vulnerabilities. Additionally, the framework utilizes CodeBERT-HLS for code representation, ensuring consistency with the state-of-the-art method while highlighting the improvements brought by the proposed reinforcement learning-based approach. Comprehensive experiments show that our method achieves a locating precision (IoU) of 69.7% and a Top-5% Acc of 67.7% on the big_vul dataset, outperforming the state-of-the-art method by an overall 3.4% improvement in IoU. Notably, our method achieves up to a 19.7% increase in IoU for specific categories, e.g., CWE-416 (use-after-free).

Keywords

Codes, Reinforcement Learning, Feature Extraction, Decision Making, Transformers, Semantics, Measurement, Lenses, Accuracy, Training, Vulnerability Detection, Fine Grained, Data Driven Methods, Reinforcement Learning, Vulnerability Detection, Detection Methods, Intersection Over Union, Accurate Representation, Global Perspective, Reward Function, Big Datasets, Code Snippets, Patterns Of Vulnerability, Code Representation, Capture Complex, Time Step, Detection Performance, Transition Probabilities, Feed Forward Network, Rate Set, Language Model, Markov Decision Process, Graph Neural Networks, Policy Network, Multiple Statements, Code Review, Linux Kernel, Vulnerable Locations, Transformer Based Methods, Buffer Overflow, Prior Lines, Context Vector, Strong Baseline, Policy Gradient Method

Discipline

Software Engineering

Research Areas

Intelligent Systems and Optimization

Publication

IEEE Transactions on Software Engineering

Volume

51

Issue

10

First Page

2900

Last Page

2920

ISSN

0098-5589

Identifier

10.1109/TSE.2025.3603400

Publisher

Institute of Electrical and Electronics Engineers

Additional URL

https://doi.org/10.1109/TSE.2025.3603400

This document is currently not available here.

Share

COinS