Literature review on vulnerability detection using
NLP technology
1st jiajie wu
School of Computer
Hangzhou University of Electronic Science and technology
hangzhou,zhejiang, China
[email protected]
arXiv:2104.11230v1 [cs.CR] 23 Apr 2021
Abstract:Vulnerability detection has always been the most
important task in the field of software security. With the
development of technology, in the face of massive source
code, automated analysis and detection of vulnerabilities
has become a current research hotspot. For special text
files such as source code, using some of the hottest NLP
technologies to build models and realize the automatic
analysis and detection of source code has become one of
the most anticipated studies in the field of vulnerability
detection. This article does a brief survey of some recent
new documents and technologies, such as CodeBERT, and
summarizes the previous technologies.
Index Terms—vulnerability deletion, code intelligence, deep
learning, CodeBERT, NLP
I. I NTRODUCTION
In recent years, with the continuous maturity of software
technology, more and more software has been developed by
people. While people enjoy the convenience brought by soft-
ware, they are also threatened by software vulnerabilities. It
can be said that software vulnerabilities are one of the biggest
problems that threaten the normal operation of software. For
software users, the direct and indirect economic losses caused
by software vulnerabilities worldwide have exceeded tens
of billions of dollars. It is an indisputable fact that there
are various vulnerabilities in most software. There are many
types of software vulnerabilities, such as CVE-2015-8558 [1],
which are explained in detail on CVE [2]. The longer the
vulnerability exists, the easier it is to be exploited by hackers,
and the greater the damage to the company or organization
[3], so the ability to automatically detect the vulnerability in
the software within a certain time frame has become one of
the hottest researches at the moment One.
How can the automatic detection of vulnerabilities be more
accurate? Deep learning technology gives us the possibility.
With the continuous reform and development of deep learning
technology in recent years, great progress has been made in
the field of natural language processing (NLP). In particular,
the series of models such as GPT [4] and BERT [5] have
taken NLP technology a big step forward. The source code is
essentially a text in a special format. It is logically feasible to
use NLP technology for code processing. In fact, in modern
code intelligence, models such as CodeBERT [6] have already
been proposed by some scholars and some code-level tasks
have been solved, and certain results have been achieved.
These results show that the use of NLP technology to study
automatic vulnerability detection (one of the code intelligence
tasks) technology has a lot of room for development. We will
do a detailed introduction in the chapter III.
The chapters are arranged as follows: Section II introduces
the development of NLP, and section III introduces the latest
development of NLP technology in vulnerability detection.
II. T HE DEVELOPMENT OF NLP TECHNOLOGY
A. Natural Language Processing
Natural language processing (NLP) is the use of computers
to model human natural language in order to solve the appli-
cation of natural language in some related problems. In NLP,
the problems that need to be solved can be divided into two
categories:
• One is the natural language understanding (NLU) prob-
lem, including text classification [7], named entity recog-
nition [8], [9], relation extraction [10], reading compre-
hension, etc. [11]–[13];
• The second is natural language generation (NLG) prob-
lems, including machine translation [14]–[16], text sum-
mary generation [17], [18], automatic question and an-
swer system [19], [20],Image caption generation [21]–
[23] etc.
When NLP researchers studied and solved these two types
of problems, they found that the underlying problems that
constitute these problems are basically the same, such as
embeding expressions of vocabulary. Now researchers are
more inclined to use a unified model for modeling (pre-
training stage), and then adjust the model according to specific
problems (fine-tuning stage). Research at this stage has made
great progress. It is believed that in the near future, machines
can truly understand human language and even understand
human thinking.
Since 1980s, traditional NLP has increasingly relied on
statistics, probability and shallow learning (traditional machine
learning) [24], such as naive Bayes, hidden Markov model,
conditional random field, support Vector machines and K-
proximity algorithms, etc., these algorithms are still widely
used in NLP today. But with the development of deep learning
(DL), people are paying more and more attention to how to
use DL models to solve the problems in NLP [25].
B. DL in NLP
The main goal of DL is to learn the deep neural net-
work model [26]. The neural network model is composed
of neurons and the edges connected to them. Each neuron
can input and output. The data inside the neuron can be
nonlinearly transformed. [27]. According to the development
of the timeline, we use the time point at which Transformer
[28] is proposed as the segmentation point. The model method
before its appearance is called the basic model method, and
the later one is called the modern model method (or attention
model method). We will introduce them separately below.
Basic model method introduction:
1) Convolutional Neural Network (CNN) [29]: Due to the
excellent abstract feature extraction ability of the convo-
lution kernel, it has achieved great success in the field
of computer vision (CV). In the field of NLP, CNN-
based algorithms have also appeared one after another,
such as [30]–[34], etc. In the research related to vulner-
ability detection, some scholars have used CNN to mine
vulnerabilities [35], as shown in figure 1.
Fig. 1. Using CNN to classify source code [35]
Although these models use CNN as a feature extractor
to extract features from text data, because the feature
dimensions of text data are not many, in text data, more
attention is paid to the close connection between contexts,
and the model is required to have a ”memory” function
, So CNN does not perform very impressively when
processing tasks in NLP. But the latest research shows
that with the development of multimodal technology
[36]–[38], in some code generation tasks, such as image
generation instructions, the use of CNN-based models has
achieved good results [39].
2) Recurrent Neural Network(RNN) [40]: One of the charac-
teristics of RNN is its ”memory”. RNN can take serialized
data as input or output serialized data. For serialized data
such as text, using RNN for processing has a natural
advantage. In the output of the RNN, the above sequence
information of the current token can be included, which
makes the RNN have a ”memory” function. When pro-
cessing the data in this article, people often use a two-way
RNN, that is, to process the above and below information
of the current token separately. Let the token contain the
current context information at the same time, which is
very important for the model to understand the meaning
of the sentence. However, the model with RNN structure
cannot be processed in parallel. Today, with massive data,
it greatly reduces the development of RNN in engineering
applications. In NLP, CNN and RNN are used to extract
the character-level representation of words, as shown in
Figure 2.
Fig. 2. CNN & RNN for extracting character-level representation for a word
[9]
3) Long Short-Term Memory Networks(LSTM) [41]: In
addition to the structural limitations, RNN cannot capture
long sequence text information due to the problem of
vanishing gradient [42], so scholars modified RNN The
LSTM model is proposed to solve the defect that RNN
cannot process data in parallel. LSTM is one of the mod-
els with the strongest ”memory” ability in NLP so far, and
it is also one of the most widely used models. However,
because LSTM has complex gating logic, it consumes a
lot of space and time during training. Gated Recurrent
Unit (GRU) [43] is a model that is similar in structure
to LSTM but more lightweight, and its performance in
training is not worse than LSTM. For the comparison
between the three basic models of CNN, GRU, and LSTM
in NLP applications, please refer to [44]. Since LSTM is a
one-way model, in order to obtain the context information
of the token, people often superimpose the LSTM/GRU
model in two directions to obtain a two-way LSTM
model (Bi-LSTM) [45]. In practical applications, the Bi-
LSTM model is often used to extract the features of the
sentence, and then the CRF algorithm is used to process
the downstream tasks [46].
4) Embedding [47]–[50]: Embedding technology is a tech-
nology that can convert tokens into space vectors. The
earliest embedding technology can be traced back to
the distribution of words [51], which can represent a
sequence of tokens in vector form as the input of the
deep learning model. With the continuous development
of technology, embedding technology can be divided into
two types:
• One is the classic Non-Contextual embedding technol-
ogy, which is also called contextual-independent em-
bedding in some literatures, which refers to embedding
independent of the context, such as Word2Vec [52],
GloVe [53] and other models. When embedding, the
contextual semantic relationship of words in the sen-
tence is not considered. To put it simply, these models
only learn the mapping of words in the vector space.
 Each word is a fixed representation and cannot deal
with the problem of word representation in the context
of similar polysemous words. It is worth mentioning
that in embedding technology, oov (out of vocabulary,
oov) is often encountered. The common solution is to
use substrings for further segmentation, such as BPE
[54], [55]. For the semantic analysis performance of
these classic models such as word2vec and GloVe,
please refer to [56];
• The other is Contextual embedding technology, also
called contextual-dependent embedding, such as the
famous ELMo model [57], [58], including the models
such as BERT [5] that appear later, the words embed-
ding learned are all contextual embedding. Contextual
embedding technology will comprehensively consider
the context information in the sentence when learning
the vectorized representation of words, and integrate
the context information of a single token into the
representation of the word. In this way, it is deal-
ing with issues such as polysemous words, syntactic
structure, and semantic roles. At the time, the words
can be represented differently according to the current
semantic environment. For a more detailed analysis and
comparison of the two technologies, please refer to
[59].
Attention model method introduction:
1) Attention mechanism: The attention mechanism is an
instinctive mechanism that imitates people when observ-
ing objects. In computers, the attention mechanism is
essentially calculating the weight of a certain item, and
finally all the items are weighted so that more information
is contributed than the important items. The attention
mechanism was first applied in machine translation [60].
Due to its excellent performance, it was widely used
in other NLP tasks. Now it has become very popu-
lar, and most of the NLP models have basically been
integrated. The attention mechanism, especially in the
encoder-decoder architecture, can be used alone in the
encoder or decoder, or mixed, as shown in the figure
3. In summary, the attention mechanism can be divided
into 6 categories, as shown in the figure 4, of which the
most common are self-attention and multi-dimensional
attention. All models that apply the attention mechanism
can be collectively referred to as Attention Model (AM).
In addition to the application of AM in NLP, AM has
also received extensive attention in the fields of Computer
Vision (CV), Multi-Modal Tasks, Graph-based Systems
and Recommender Systems (RS) [61].
2) Transformer [28]: With the birth of the Transformer
architecture, the architecture with the strongest feature
extraction capabilities so far was born. In addition to
the NLP field, Transformer has also made great progress
in the CV field [63]. The architecture of Transformer is
shown in Figure 5.
As can be seen from the figure, Transformer integrates the
Fig. 3. A comparison between the traditional encoder-decoder architecture
(left) and the attention-based architecture (right) [61]
Fig. 4. all attention types [62]
attention mechanism. From the structural point of view,
Transformer is a typical Encoder-Decode structure, and
its general training process is as follows:
• On the encoder side, after the serialized token un-
dergoes input embedding and positional embedding,
the QKV matrix is generated using the three weight
matrices of QKV, and then the attention matrix is
obtained using the multi-head attention mechanism,
and then passes through the conventional add&norm,
fully connected layer, etc. The whole process can be
folded N times in total. In [28], there are 6 folds;
• On the decoder side, the process is roughly the same as
that on the encoder side. The only difference is that a
multi-head attention layer is added, that is, the second
attention is performed. In this attention input, the v
value uses the output of the encoder side.
For specific details about Transformer and attention
mechanism, please see [64]. In [65], the author classified
Transformers according to technology and main purpose.
For the visualization research of Transformer, it is ex-
plained in this article [66], and we will not go into it
here.
3) GPT [4]: The Generative Pre-trained Transformer (GPT)
is a Transformer-based pre-training model developed by
OpenAI. The purpose is to learn the dependency between
sentences and words in long text. Over time, GPT has
evolved from GPT-1 to GPT-3 [67]. The biggest differ-
ence between GPT-1 and BERT is that the GPT-1 model
scans text from left to right, so token embedding can only
consider the information before the current token, without
considering the information below the token, while BERT
uses a two-way model training . Therefore, GPT-1 only
integrates the information above the token. For GPT-1’s
use of the information below the token, it is used as a
 Fig. 6. Overall pre-training and fine-tuning procedures for BERT [5]

using the encoder-decoder architecture , As shown in

figure 7. In the pre-training stage of BART, 5 noisy
Fig. 5. Architecture of the Transformer Model [63]

new input to the model for training after prediction. GPT

can realize unsupervised training. In GPT-3, unsupervised
training of network text data is realized. The parameters
in the model have reached 175 billion, which is about
the number of GPT-2 [68] parameters (1.5 billion), GPT-
3 can be said to be the largest and most advanced pre-
training model so far.
4) BERT [5]: Bidirectional Encoder Representations from Fig. 7. A schematic comparison of BART with BERT and GPT. [72]
Transformers (BERT) is one of the best NLP models so
input transformation methods including Token Masking,
far. BERT uses a two-way Transformer block for training,
Token Deletion, Text Infilling, Sentence Permutation, and
taking into account the context information contained in
Document Rotation are used. In the fine-tuning stage,
the word. After BERT, although many excellent models
the author trained four tasks: Sequence Classification,
(such as XLNet [69]) have been proposed, the huge
Token Classification, Sequence Generation, and Machine
influence and excellent performance of BERT cannot be
Translation. The results are shown in the figure 8. As can
replaced by other models. The training process of BERT
be seen from the results in the figure, this extended model
is shown in figure 6.
performs better than the BERT model on the data results.
In BERT, Masked Language Modeling (MLM) [70] tech-
nology is used. This technique is a fill-in technique. When
doing pre-training, it predicts the hidden information
in the original text, and obtains the context embedding
of the input token. The general process is that in the
BERT input, approximately 15% is randomly selected.
The token of is masked, and then the BERT is pre-trained
to predict the masked token. One disadvantage of this
technique is that the masked token information will not be
encoded into the context embedding. In the downstream
task, the information deviation problem will occur due
to the missing information of the previously masked
word. The solution is to process the tokens selected to Fig. 8. Comparison of pre-training objectives [72]
be masked at a random ratio of 8/1/1, that is, 80% of
the masked tokens continue to be masked, 10% use the C. The pre-training model
original token for training, and 10% tokens are randomly Currently, the mainstream research direction of NLP pro-
replaced with other tokens. For a detailed summary of cessing problems tends to be completed in two stages. The
the application of the BERT model in NLP, please see first stage is to build pre-trained models (PTM) based on
5) [71].
BART [72]: BART is a denoising seq2seq algorithm, context embedding. The second stage is based on Specific
which can be said to be an extension of the BERT model. tasks fine-tuning the PTM. According to the classification in
From an architectural point of view, it can be regarded [73], PTM can be divided into three categories: serialization
as a ”combination” of the BERT and GPT framework, model, recursive model and self-attention model according
to the model structure. Using the pre-training mechanism
can improve the generalization performance of the model,
allowing researchers or engineers to have more energy to
deal with downstream specific tasks. It is worth mentioning
that the bias problem in NLP will become prominent as the
model becomes larger. For example, in GPT-3, the number
of parameters has reached 175 billion. Although GPT-3 is by
far the largest and most advanced NLP pre-training model,
it also exhibits the most prejudiced [74]. In addition, most
of the pre-training models have a very large overhead (time,
memory) during training. In some simple tasks, the effect of
the context-independent embedding method is better than that
of the context-dependent embedding citearora2020contextual.
This shows that there is no best model, only the most suitable
model. To use a pre-trained model, there are usually two steps.
The first step is to download the pre-trained model. You can
use the third-party package transformer [75]. The second step
is based on the specific downstream tasks. The model is fine-
tuned. Generally, transfer learning [76] is used to adjust the
knowledge in the pre-training model to apply it to downstream
tasks. There are many transfer learning methods in NLP, and
the most widely used method is Domain Adaptation [77]. The
article [78] provides a more detailed classification of this.
III. VULNERABILITY DECETION USING NEURAL
N ETWORKS
Vulnerability detection has always been the top priority in
the field of software security. With the development of deep
learning technology in CV, NLP and other fields, the use of
deep learning methods to understand and detect vulnerabilities
in the source code, thereby replacing manual detection meth-
ods, has become the focus and hotspot of current research
[79]. Although more and more detection methods have been
proposed, the number of vulnerabilities reported on CVE [2]
and NVD [80] is increasing day by day. The reason is that in
addition to the large-scale increase in the number of software,
another important reason is that root vulnerabilities are not
easy to be detected, that is, if a root vulnerability is not
detected, it will not help to repair other shallow vulnerabilities
caused by it, and vice versa. , If the fundamental vulnerabilities
are detected and fixed, other repetitive vulnerabilities will
disappear. This requires vulnerability detection or mining tools
to deeply understand the semantic information related to the
vulnerability, so as to fundamentally detect the root vulner-
ability. To do this, deep NLP technology provides unlimited
possibilities.
A. vulnerability introduction
Software vulnerabilities are defined as follows [81], namely:
A software vulnerability is an instance of a flaw,caused by
a mistake in the design, development, or configuration of
software such that it can be exploited to violate some explicit
or implicit security policy.
Vulnerability detection and analysis methods are divided into
three types according to whether the detected code is executed
or not:
• Static analysis: refers to the use of additional detec-
tion programs to detect programs that are suspected of
vulnerabilities. During the analysis process, the detected
program does not need to be executed, only the source
code of the detected program is required;
• Dynamic analysis: refers to the execution environment
that reproduces the software under test. Select the test
cases required for the execution of the tested software,
and then execute the tested program, monitor the program
execution process and the variable change process, and
find the loopholes in the execution in time;
• Hybrid dynamic and static analysis: As the name sug-
gests, it refers to the use of dynamic analysis and static
analysis together, but this does not essentially improve the
accuracy of the analysis, because while focusing on the
static and dynamic analysis points, it will also inherit the
dynamic analysis and static analysis. The insufficiency.
In this article, dynamic analysis techniques such as fuzzing
testing or taint analysis [82]–[86] are not within the scope
of this article. We only discuss static analysis techniques.
According to whether the vulnerability detection technology
uses the Transformer architecture, we artificially divide it
into two categories, one is the detection model based on
traditional DL technology, and the other is the NLP pre-
training detection model based on the Transformer architecture
(III-B). Detection models based on traditional DL technology,
such as LSTM/GRU/Bi-LSTM models, etc., when this type
of model performs source code vulnerability detection, it is
generally divided into two stages:
1) The first stage is to segment the source code and extract
the features in the source code. There are two ways to
save the results after segmentation:
• One is based on the storage method of abstract syntax
trees (AST). Use code attributes and use AST tree
analysis tools to decompose the source code into the
form of AST, and then perform vulnerability analysis
in the AST tree [87] or do other tasks, such as Alon
uses path-AST (pAST) to express and complete the
code The code completion task [88] has been added.
• One is the saving method based on the graph. Most
of the graph segmentation results are saved as Code
Property Graphs(CPG) [89]. In CPG, AST, Control
flow graph (CFG) and Program dependence graph
(PDG) have been integrated together, and the extracted
code feature information will be more, and the final
vulnerability detection result will be relatively better,
because in the CPG The vulnerability code provides
more vulnerability information for the model, as shown
in Figure 9. Most of the literature now uses CPG to
extract code features. For example, in [90], CPG is
called Augmented AST; in Devign [91], the sequence
logic relationship between source codes (Natural Code
Sequence, NSC) is actually another form of AST tree
in CPG. It is worth mentioning that the data set used
in Devign is widely used by many researchers, and
 Data set open source. There are many tools to generate
CPG, you can directly use Joern or DG [92] and
other tools. The use of these tools is inextricably
linked to LLVM. As for the AST tree generation tool,
in the https://github.com/Kolkir/code2seq library, AST
generation tools for programming languages such as
Java, C++, C, C# and python are provided.
Fig. 9. By graph splitting,the Red-shaded code elements are most contributing
for vulnerability decetion [93]
2) The second stage is modeling training. In this stage, the
input is the output of the previous stage. According to
whether the graph neural network (GNN) model is used
or not, it can be divided into two categories:
• Use non-GNN model: Generally, the output in the first
stage is in the form of a graph, so the graph needs
to be encoded, converted into a vector, and then fed
to the model. A series of work similar to SySeVR
[94],Vuldeelocator [95]–[98], the code is segmented
at the token level, the semantic information inside the
slice is relatively strong, and then Word2Vec [52] is
used for the slice code mikolov2013efficient Vectorized
representation, which converts the slice code into a
vector representation. In the modeling phase, these
algorithms use LSTM or GRU and their variants Bi-
LSTM, Bi-GRU and other models for modeling train-
ing, and the final results perform well on their respec-
tive artificialy synthesized data sets. But new research
shows that [93], when tested with real data on the
VulDeePecker [95] model, its accuracy is reduced to
11.12%. This result is both unexpected and reasonable.
Because the LSTM or Bi-LSTM model itself is not
very sufficient in processing vulnerability information,
the ability to extract relevant vulnerability information
features is limited, that is, the generalization ability of
the model is not strong, and the data in the real data
set is unbalanced (not Vulnerability data is much more
than vulnerability data), which causes the accuracy of
the VulDeePecker model to be reduced by more than
50
• Use GNN model: Since the source code is sliced
in the first stage, it is generally saved as a graph.
Therefore, continuing this logic, it becomes natural
to use GNN for modeling training. In Devign [91],
the gated graph neural networks (GGNN) [99], [100]
model is used for modeling training. The advantage
is that the information in the entire graph structure
can be fully considered, and there will be no ad-
jacent junction information. Lost, more suitable for
semantic graph structure representation in vulnerability
detection tasks. When dealing with real data sets, the
performance of existing detection models based on
traditional DL technology is not very good. This is
due to problems such as data imbalance and data
duplication in real data sets. REVEAL [93] can be
used as a configurable vulnerability prediction tool,
focusing on solving the problem of data imbalance
in real data sets, and using representation learning
to solve problems such as insufficient recognition of
the vulnerability boundary by the model, as shown in
Figure 10 The performance of the boundary between
vulnerabilities and non-vulnerabilities under different
models. In addition, wang [90] uses transfer learning
in the model to deal with the problem of insufficient
data.
Fig. 10. t-SNE plots illustrating the separation between vulnerable (denoted
by + ) and non-vulnerable (denoted by ◦ ) example [93]
B. new era of vulnerability detection
In the NLP field, the best models so far are models such
as BERT [5], GPT [4] and their extended models. These
models all use Transformer as the feature extractor. Since
the code is also a special kind of text data, it is natural to
think of using these excellent models such as BERT to do
vulnerability detection. Listed below are some of the latest
models that apply NLP technology to code intelligence (CI)
tasks. These models have common characteristics, that is, the
training process is divided into two stages, the first stage is
pre-turning, and the second stage is fine-Tuning, and specific
vulnerability detection tasks are generally completed in the
fine-tuning stage.
1) CodeBERT [6]: CodeBERT is a model developed by
Microsoft for code intelligence tasks. CodeBERT uses
bimodal (bimodal) [101]–[103] to train the model, where
bimodal refers to natural language (NL) and program-
ming language (PL), where NL refers to the program
code Natural language annotations. In addition to the
pre-training of the model using PL-NL dual-modality,
CodeBERT also uses the pure code single-modality mode
of 6 programming languages for training. In order to
better adapt to this model, standard masked language
modeling (MLM) and replaced token detection (RTD)
 methods are used for training, as shown in Figure 11.
It is worth mentioning that no model is a panacea.
Fig. 11. CodeBERT training model [6]
When using CodeBERT for code generation tasks, the
code2seq [104] model does not perform as well. In
code2seq, Alon uses the concept of path-context to extract
more relevant semantic information from the code than
CodeBERT, which uses source code for training. Later,
in the extended version of CodeBERT GraphCodeBERT
[105], the internal structure of the code was considered. In
the pre-training stage, the semantic-level structure of data
flow was used to make the model more effective. In the
four downstream tasks of code search, clone detection,
code translation and code refinement, GraphCodeBERT
achieved the best performance.
2) CodeXGLUE [106]: In the code intelligence research, if
a benchmark data set is provided, the research results
will be more convincing. CodeXGLUE provides three
types of model architectures: codeBERT, codeGPT, and
code-encoder-decoder to help more researchers quickly
solve problems in code intelligence. The problems in
code intelligence that CodeXGLUE has implemented
are specifically broken down into the following four
categories of sub-questions:
• code-code:clone detection, defect detection,cloze
test,code completion, coderepair,code-to-code
translation
• text-code:natural language code search, text-to-code
generation
• code-text:code summarization
• text-text:documentation translation
For detailed descriptions of these sub-problems, see
[106]. In the latest pre-trained CodeBERT model, in the
downstream task Insecure Code Detection, ACC has been
increased to 65.3% (previously 62.08%) .
3) PLBART [107]: PLBART applies the BART [72] frame-
work to code intelligence, where PL refers to program
language (PL). In PLBART, the noise reduction and self-
encoding strategy in BART is continued, using token
masking, token deletion, and token infilling three ways
to add noise. In the fine-tuning stage, the author uses the
four major tasks of Code Summarization, Code Gener-
ation, Code Translation, and Code Classification as the
downstream tasks of PLBARK for fine-tuning.
Code Intelligence (CI) tasks refer to a series of tasks related
to source code operations on the source code that are solved
using artificial intelligence methods. Common code intelli-
gence tasks are divided into four categories of sub-questions.
This classification rule is the same as the classification rule of
the problem in NLP, but the problem in NLP is oriented to
the macro concept of ”text”, and the code is also A special
kind of ”text”, we can regard vulnerability detection as a
sub-task of code intelligence. The advantage of doing so is
that more training samples and more generation pre-training
models can be obtained. Applying some advanced NLP models
to CI, using the powerful feature extraction capabilities of
deep learning to extract relevant semantic information from
the code, has gradually become a research hotspot. Research
at this stage is mainly focused on the representation of vul-
nerability information. In other words, if deeper vulnerability
information can be excavated, the ability to identify, judge and
repair vulnerabilities will be greatly improved.
R EFERENCES
[1] Junaid Akram and Ping Luo. Sqvdt: A scalable quantitative vulnerabil-
ity detection technique for source code security assessment. Software:
Practice and Experience, 51(2):294–318, 2021.
[2] Common Vulnerabilities Exposures (CVE). Available at
http://cve.mitre.org.
[3] Yonghee Shin, Andrew Meneely, Laurie Williams, and Jason A Os-
borne. Evaluating complexity, code churn, and developer activity
metrics as indicators of software vulnerabilities. IEEE transactions
on software engineering, 37(6):772–787, 2010.
[4] Alec Radford, Karthik Narasimhan, Tim Salimans, and Ilya Sutskever.
Improving language understanding by generative pre-training. 2018.
[5] Jacob Devlin, Ming-Wei Chang, Kenton Lee, and Kristina Toutanova.
Bert: Pre-training of deep bidirectional transformers for language
understanding. arXiv preprint arXiv:1810.04805, 2018.
[6] Zhangyin Feng, Daya Guo, Duyu Tang, Nan Duan, Xiaocheng Feng,
Ming Gong, Linjun Shou, Bing Qin, Ting Liu, Daxin Jiang, et al.
Codebert: A pre-trained model for programming and natural languages.
arXiv preprint arXiv:2002.08155, 2020.
[7] Kamran Kowsari, Kiana Jafari Meimandi, Mojtaba Heidarysafa, San-
jana Mendu, Laura Barnes, and Donald Brown. Text classification
algorithms: A survey. Information, 10(4):150, 2019.
[8] Vikas Yadav and Steven Bethard. A survey on recent advances in
named entity recognition from deep learning models. arXiv preprint
arXiv:1910.11470, 2019.
[9] Jing Li, Aixin Sun, Jianglei Han, and Chenliang Li. A survey on
deep learning for named entity recognition. IEEE Transactions on
Knowledge and Data Engineering, 2020.
[10] Shantanu Kumar. A survey of deep learning methods for relation
extraction. arXiv preprint arXiv:1705.03645, 2017.
[11] Daria Dzendzik, Carl Vogel, and Jennifer Foster. English machine
reading comprehension datasets: A survey, 2021.
[12] Razieh Baradaran, Razieh Ghiasi, and Hossein Amirkhani. A sur-
vey on machine reading comprehension systems. arXiv preprint
arXiv:2001.01582, 2020.
[13] Changchang Zeng, Shaobo Li, Qin Li, Jie Hu, and Jianjun Hu. A
survey on machine reading comprehension—tasks, evaluation metrics
and benchmark datasets. Applied Sciences, 10(21):7640, 2020.
[14] Chenhui Chu and Rui Wang. A survey of domain adaptation for neural
machine translation. arXiv preprint arXiv:1806.00258, 2018.
[15] Shuoheng Yang, Yuxin Wang, and Xiaowen Chu. A survey of deep
learning techniques for neural machine translation. arXiv preprint
arXiv:2002.07526, 2020.
[16] Raj Dabre, Chenhui Chu, and Anoop Kunchukuttan. A comprehensive
survey of multilingual neural machine translation, 2020.
[17] Danqing Wang, Pengfei Liu, Yining Zheng, Xipeng Qiu, and Xuanjing
Huang. Heterogeneous graph neural networks for extractive document
summarization. arXiv preprint arXiv:2004.12393, 2020.
[18] Mudasir Mohd, Rafiya Jan, and Muzaffar Shah. Text document sum-
marization using word embedding. Expert Systems with Applications,
143:112958, 2020.
[19] Tahseen Sultana and Srinivasu Badugu. A review on different question
answering system approaches. pages 579–586, 2020.
[20] Zahra Abbasiyantaeb and Saeedeh Momtazi. Text-based question
answering from information retrieval and deep neural network per-
spectives: A survey. arXiv preprint arXiv:2002.06612, 2020.
[21] Sulabh Katiyar and Samir Kumar Borgohain. Comparative evaluation
of cnn architectures for image caption generation. arXiv preprint
arXiv:2102.11506, 2021.
[22] Harshit Parikh, Harsh Sawant, Bhautik Parmar, Rahul Shah, Santosh
Chapaneri, and Deepak Jayaswal. Encoder-decoder architecture for
image caption generation. In 2020 3rd International Conference on
Communication System, Computing and IT Applications (CSCITA),
pages 174–179. IEEE, 2020.
[23] Saloni Kalra and Alka Leekha. Survey of convolutional neural net-
works for image captioning. Journal of Information and Optimization
Sciences, 41(1):239–260, 2020.
[24] Gobinda G Chowdhury. Natural language processing. Annual review
of information science and technology, 37(1):51–89, 2003.
[25] Daniel W Otter, Julian R Medina, and Jugal K Kalita. A survey of
the usages of deep learning for natural language processing. IEEE
Transactions on Neural Networks and Learning Systems, 2020.
[26] Md Zahangir Alom, Tarek M Taha, Chris Yakopcic, Stefan Westberg,
Paheding Sidike, Mst Shamima Nasrin, Mahmudul Hasan, Brian C
Van Essen, Abdul AS Awwal, and Vijayan K Asari. A state-of-the-art
survey on deep learning theory and architectures. Electronics, 8(3):292,
2019.
[27] Jürgen Schmidhuber. Deep learning in neural networks: An overview.
Neural networks, 61:85–117, 2015.
[28] Ashish Vaswani, Noam Shazeer, Niki Parmar, Jakob Uszkoreit, Llion
Jones, Aidan N Gomez, Lukasz Kaiser, and Illia Polosukhin. Attention
is all you need. arXiv preprint arXiv:1706.03762, 2017.
[29] Yann LeCun, Léon Bottou, Yoshua Bengio, and Patrick Haffner.
Gradient-based learning applied to document recognition. Proceedings
of the IEEE, 86(11):2278–2324, 1998.
[30] Yoon Kim. Convolutional neural networks for sentence classification,
2014.
[31] Rie Johnson and Tong Zhang. Effective use of word order for text
categorization with convolutional neural networks. arXiv preprint
arXiv:1412.1058, 2014.
[32] Rie Johnson and Tong Zhang. Semi-supervised convolutional neural
networks for text categorization via region embedding. Advances in
neural information processing systems, 28:919, 2015.
[33] Ye Zhang and Byron Wallace. A sensitivity analysis of (and practition-
ers’ guide to) convolutional neural networks for sentence classification.
arXiv preprint arXiv:1510.03820, 2015.
[34] Thien Huu Nguyen and Ralph Grishman. Relation extraction: Per-
spective from convolutional neural networks. In Proceedings of the 1st
Workshop on Vector Space Modeling for Natural Language Processing,
pages 39–48, 2015.
[35] Rebecca Russell, Louis Kim, Lei Hamilton, Tomo Lazovich, Jacob
Harer, Onur Ozdemir, Paul Ellingwood, and Marc McConley. Auto-
mated vulnerability detection in source code using deep representation
learning. In 2018 17th IEEE international conference on machine
learning and applications (ICMLA), pages 757–762. IEEE, 2018.
[36] Tadas Baltrušaitis, Chaitanya Ahuja, and Louis-Philippe Morency. Mul-
timodal machine learning: A survey and taxonomy. IEEE transactions
on pattern analysis and machine intelligence, 41(2):423–443, 2018.
[37] Umut Sulubacak, Ozan Caglayan, Stig-Arne Grönroos, Aku Rouhe,
Desmond Elliott, Lucia Specia, and Jörg Tiedemann. Multimodal
machine translation through visuals and speech, 2019.
[38] Chao Zhang, Zichao Yang, Xiaodong He, and Li Deng. Multimodal
intelligence: Representation learning, information fusion, and applica-
tions. IEEE Journal of Selected Topics in Signal Processing, 14(3):478–
493, 2020.
[39] Sulabh Katiyar and Samir Kumar. Comparative evaluation of cnn
architectures for image caption generation. International Journal of
Advanced Computer Science and Applications, 11(12), 2020.
[40] Mitsuo Kawato, Kazunori Furukawa, and Ryoji Suzuki. A hierarchical
neural-network model for control and learning of voluntary movement.
Biological cybernetics, 57(3):169–185, 1987.
[41] Sepp Hochreiter and Jürgen Schmidhuber. Long short-term memory.
Neural computation, 9(8):1735–1780, 1997.
[42] Sepp Hochreiter. The vanishing gradient problem during learning
recurrent neural nets and problem solutions. International Journal of
Uncertainty, Fuzziness and Knowledge-Based Systems, 6(02):107–116,
1998.
[43] Kyunghyun Cho, Bart Van Merriënboer, Dzmitry Bahdanau, and
Yoshua Bengio. On the properties of neural machine translation:
Encoder-decoder approaches. arXiv preprint arXiv:1409.1259, 2014.
[44] Wenpeng Yin, Katharina Kann, Mo Yu, and Hinrich Schütze. Com-
parative study of cnn and rnn for natural language processing. arXiv
preprint arXiv:1702.01923, 2017.
[45] Zhenjin Dai, Xutao Wang, Pin Ni, Yuming Li, Gangmin Li, and
Xuming Bai. Named entity recognition using bert bilstm crf for chinese
electronic health records. In 2019 12th international congress on image
and signal processing, biomedical engineering and informatics (cisp-
bmei), pages 1–5. IEEE, 2019.
[46] Rabah Alzaidy, Cornelia Caragea, and C Lee Giles. Bi-lstm-crf
sequence labeling for keyphrase extraction from scholarly documents.
In The world wide web conference, pages 2551–2557, 2019.
[47] Amir Bakarov. A survey of word embeddings evaluation methods.
arXiv preprint arXiv:1801.09536, 2018.
[48] Soubraylu Sivakumar, Lakshmi Sarvani Videla, T Rajesh Kumar,
J Nagaraj, Shilpa Itnal, and D Haritha. Review on word2vec word
embedding neural net. In 2020 International Conference on Smart
Electronics and Communication (ICOSEC), pages 282–290. IEEE,
2020.
[49] Tomasz Limisiewicz and David Mareček. Syntax representation in
word embeddings and neural networks–a survey. arXiv preprint
arXiv:2010.01063, 2020.
[50] Sebastian Ruder, Ivan Vulić, and Anders Søgaard. A survey of cross-
lingual word embedding models. Journal of Artificial Intelligence
Research, 65:569–631, 2019.
[51] Zellig S Harris. Distributional structure. Word, 10(2-3):146–162, 1954.
[52] Tomas Mikolov, Kai Chen, Greg Corrado, and Jeffrey Dean. Efficient
estimation of word representations in vector space. arXiv preprint
arXiv:1301.3781, 2013.
[53] Jeffrey Pennington, Richard Socher, and Christopher D Manning.
Glove: Global vectors for word representation. In Proceedings of the
2014 conference on empirical methods in natural language processing
(EMNLP), pages 1532–1543, 2014.
[54] Rico Sennrich, Barry Haddow, and Alexandra Birch. Neural ma-
chine translation of rare words with subword units. arXiv preprint
arXiv:1508.07909, 2015.
[55] Yonghui Wu, Mike Schuster, Zhifeng Chen, Quoc V. Le, Mohammad
Norouzi, Wolfgang Macherey, Maxim Krikun, Yuan Cao, Qin Gao,
Klaus Macherey, Jeff Klingner, Apurva Shah, Melvin Johnson, Xi-
aobing Liu, Łukasz Kaiser, Stephan Gouws, Yoshikiyo Kato, Taku
Kudo, Hideto Kazawa, Keith Stevens, George Kurian, Nishant Patil,
Wei Wang, Cliff Young, Jason Smith, Jason Riesa, Alex Rudnick, Oriol
Vinyals, Greg Corrado, Macduff Hughes, and Jeffrey Dean. Google’s
neural machine translation system: Bridging the gap between human
and machine translation, 2016.
[56] Erion Çano and Maurizio Morisio. Word embeddings for senti-
ment analysis: a comprehensive empirical survey. arXiv preprint
arXiv:1902.00753, 2019.
[57] Matthew E Peters, Mark Neumann, Mohit Iyyer, Matt Gardner, Christo-
pher Clark, Kenton Lee, and Luke Zettlemoyer. Deep contextualized
word representations. arXiv preprint arXiv:1802.05365, 2018.
[58] Qi Liu, Matt J Kusner, and Phil Blunsom. A survey on contextual
embeddings. arXiv preprint arXiv:2003.07278, 2020.
[59] Alessio Miaschi and Felice Dell’Orletta. Contextual and non-contextual
word embeddings: an in-depth linguistic investigation. In Proceedings
of the 5th Workshop on Representation Learning for NLP, pages 110–
119, 2020.
[60] Dzmitry Bahdanau, Kyunghyun Cho, and Yoshua Bengio. Neural
machine translation by jointly learning to align and translate. arXiv
preprint arXiv:1409.0473, 2014.
[61] Sneha Chaudhari, Gungor Polatkan, Rohan Ramanath, and Varun
Mithal. An attentive survey of attention models. arXiv preprint
arXiv:1904.02874, 2019.
[62] Dichao Hu. An introductory survey on attention mechanisms in nlp
problems. In Proceedings of SAI Intelligent Systems Conference, pages
432–448. Springer, 2019.
[63] Salman Khan, Muzammal Naseer, Munawar Hayat, Syed Waqas Zamir,
Fahad Shahbaz Khan, and Mubarak Shah. Transformers in vision: A
survey. arXiv preprint arXiv:2101.01169, 2021.
[64] Benyamin Ghojogh and Ali Ghodsi. Attention mechanism, transform-
ers, bert, and gpt: Tutorial and survey. 2020.
[65] Yi Tay, Mostafa Dehghani, Dara Bahri, and Donald Metzler. Efficient
transformers: A survey. arXiv preprint arXiv:2009.06732, 2020.
[66] Adrian MP Braşoveanu and Răzvan Andonie. Visualizing transformers
for nlp: A brief survey. In 2020 24th International Conference
Information Visualisation (IV), pages 270–279. IEEE, 2020.
[67] Tom B Brown, Benjamin Mann, Nick Ryder, Melanie Subbiah, Jared
Kaplan, Prafulla Dhariwal, Arvind Neelakantan, Pranav Shyam, Girish
Sastry, Amanda Askell, et al. Language models are few-shot learners.
arXiv preprint arXiv:2005.14165, 2020.
[68] Alec Radford, Jeffrey Wu, Rewon Child, David Luan, Dario Amodei,
and Ilya Sutskever. Language models are unsupervised multitask
learners. OpenAI blog, 1(8):9, 2019.
[69] Zhilin Yang, Zihang Dai, Yiming Yang, Jaime Carbonell, Ruslan
Salakhutdinov, and Quoc V Le. Xlnet: Generalized autoregressive pre-
training for language understanding. arXiv preprint arXiv:1906.08237,
2019.
[70] Wilson L Taylor. “cloze procedure”: A new tool for measuring
readability. Journalism quarterly, 30(4):415–433, 1953.
[71] MV Koroteev. Bert: A review of applications in natural language
processing and understanding. arXiv preprint arXiv:2103.11943, 2021.
[72] Mike Lewis, Yinhan Liu, Naman Goyal, Marjan Ghazvininejad, Ab-
delrahman Mohamed, Omer Levy, Ves Stoyanov, and Luke Zettle-
moyer. Bart: Denoising sequence-to-sequence pre-training for natural
language generation, translation, and comprehension. arXiv preprint
arXiv:1910.13461, 2019.
[73] Xipeng Qiu, Tianxiang Sun, Yige Xu, Yunfan Shao, Ning Dai, and
Xuanjing Huang. Pre-trained models for natural language processing:
A survey. Science China Technological Sciences, pages 1–26, 2020.
[74] Ismael Garrido-Muñoz, Arturo Montejo-Ráez, Fernando Martı́nez-
Santiago, and L Alfonso Ureña-López. A survey on bias in deep nlp.
Applied Sciences, 11(7):3184, 2021.
[75] Thomas Wolf, Julien Chaumond, Lysandre Debut, Victor Sanh,
Clement Delangue, Anthony Moi, Pierric Cistac, Morgan Funtowicz,
Joe Davison, Sam Shleifer, et al. Transformers: State-of-the-art natural
language processing. In Proceedings of the 2020 Conference on Empir-
ical Methods in Natural Language Processing: System Demonstrations,
pages 38–45, 2020.
[76] Fuzhen Zhuang, Zhiyuan Qi, Keyu Duan, Dongbo Xi, Yongchun Zhu,
Hengshu Zhu, Hui Xiong, and Qing He. A comprehensive survey on
transfer learning. Proceedings of the IEEE, 109(1):43–76, 2020.
[77] Alan Ramponi and Barbara Plank. Neural unsupervised domain
adaptation in nlp—a survey. arXiv preprint arXiv:2006.00632, 2020.
[78] Zaid Alyafeai, Maged Saeed AlShaibani, and Irfan Ahmad. A survey
on transfer learning in natural language processing. arXiv preprint
arXiv:2007.04239, 2020.
[79] Guanjun Lin, Sheng Wen, Qing-Long Han, Jun Zhang, and Yang Xiang.
Software vulnerability detection using deep neural networks: a survey.
Proceedings of the IEEE, 108(10):1825–1848, 2020.
[80] National Vulnerability Database(NVD). Available at
https://nvd.nist.gov.
[81] Seyed Mohammad Ghaffarian and Hamid Reza Shahriari. Software
vulnerability analysis and discovery using machine-learning and data-
mining techniques: A survey. ACM Comput. Surv., 50(4), 2017.
[82] Zaoyu Wei, Jiaqi Wang, Xueqi Shen, and Qun Luo. Smart contract
fuzzing based on taint analysis and genetic algorithms. Journal of
Quantum Computing, 2(1):11, 2020.
[83] Heribertus Yulianton, Agung Trisetyarso, Wayan Suparta, Bahtiar Saleh
Abbas, and Chul Ho Kang. Web application vulnerability detection
using taint analysis and black-box testing. In IOP Conference Series:
Materials Science and Engineering, volume 879, page 012031. IOP
Publishing, 2020.
[84] James Fell. A review of fuzzing tools and methods. Technical
report, Technical Report. https://dl. packetstormsecurity.
net/papers/general/a . . . , 2017.
[85] Valentin Jean Marie Manès, HyungSeok Han, Choongwoo Han,
Sang Kil Cha, Manuel Egele, Edward J Schwartz, and Maverick
Woo. The art, science, and engineering of fuzzing: A survey. IEEE
Transactions on Software Engineering, 2019.
[86] Yan Wang, Peng Jia, Luping Liu, Cheng Huang, and Zhonglin Liu. A
systematic review of fuzzing based on machine learning techniques.
PloS one, 15(8):e0237749, 2020.
[87] Fabian Yamaguchi, Markus Lottmann, and Konrad Rieck. Generalized
vulnerability extrapolation using abstract syntax trees. pages 359–368,
2012.
[88] Uri Alon, Meital Zilberstein, Omer Levy, and Eran Yahav. code2vec:
Learning distributed representations of code. Proceedings of the ACM
on Programming Languages, 3(POPL):1–29, 2019.
[89] Fabian Yamaguchi, Nico Golde, Daniel Arp, and Konrad Rieck.
Modeling and discovering vulnerabilities with code property graphs.
In 2014 IEEE Symposium on Security and Privacy, pages 590–604.
IEEE, 2014.
[90] Huanting Wang, Guixin Ye, Zhanyong Tang, Shin Hwei Tan, Songfang
Huang, Dingyi Fang, Yansong Feng, Lizhong Bian, and Zheng Wang.
Combining graph-based learning with automated data collection for
code vulnerability detection. IEEE Transactions on Information Foren-
sics and Security, 2020.
[91] Yaqin Zhou, Shangqing Liu, Jingkai Siow, Xiaoning Du, and Yang Liu.
Devign: Effective vulnerability identification by learning comprehen-
sive program semantics via graph neural networks, 2019.
[92] Marek Chalupa. Dg: Analysis and slicing of llvm bitcode. In
International Symposium on Automated Technology for Verification and
Analysis, pages 557–563. Springer, 2020.
[93] Saikat Chakraborty, Rahul Krishna, Yangruibo Ding, and Baishakhi
Ray. Deep learning based vulnerability detection: Are we there yet?
arXiv preprint arXiv:2009.07235, 2020.
[94] Yi Hu. A framework for using deep learning to detect software
vulnerabilities, 2019.
[95] Deqing Zou, Sujuan Wang, Shouhuai Xu, Zhen Li, and Hai Jin.
Vuldeepecker: A deep learning-based system for multiclass vulner-
ability detection. IEEE Transactions on Dependable and Secure
Computing, page 1–1, 2019.
[96] Zhen Li, Deqing Zou, Shouhuai Xu, Zhaoxuan Chen, Yawei Zhu, and
Hai Jin. Vuldeelocator: a deep learning-based fine-grained vulnerability
detector. arXiv preprint arXiv:2001.02350, 2020.
[97] Deqing Zou, Yawei Zhu, Shouhuai Xu, Zhen Li, Hai Jin, and Hengkai
Ye. Interpreting deep learning-based vulnerability detector predictions
based on heuristic searching. ACM Transactions on Software Engi-
neering and Methodology (TOSEM), 30(2):1–31, 2021.
[98] Changming Liu, Deqing Zou, Peng Luo, Bin B. Zhu, and Hai Jin. A
heuristic framework to detect concurrency vulnerabilities. In Proceed-
ings of the 34th Annual Computer Security Applications Conference,
ACSAC ’18, page 529–541, New York, NY, USA, 2018. Association
for Computing Machinery.
[99] Daniel Beck, Gholamreza Haffari, and Trevor Cohn. Graph-to-
sequence learning using gated graph neural networks. arXiv preprint
arXiv:1806.09835, 2018.
[100] Yujia Li, Daniel Tarlow, Marc Brockschmidt, and Richard Zemel.
Gated graph sequence neural networks, 2017.
[101] Dhanesh Ramachandram and Graham W Taylor. Deep multimodal
learning: A survey on recent advances and trends. IEEE Signal
Processing Magazine, 34(6):96–108, 2017.
[102] Wei Chen, Weiping Wang, Li Liu, and Michael S. Lew. New ideas
and trends in deep multimodal content understanding: A review, 2020.
[103] Tariq Habib Afridi, Aftab Alam, Muhammad Numan Khan, Jawad
Khan, and Young-Koo Lee. A multimodal memes classification: A
survey and open research issues. arXiv preprint arXiv:2009.08395,
2020.
[104] Uri Alon, Shaked Brody, Omer Levy, and Eran Yahav. code2seq:
Generating sequences from structured representations of code. arXiv
preprint arXiv:1808.01400, 2018.
[105] Daya Guo, Shuo Ren, Shuai Lu, Zhangyin Feng, Duyu Tang, Shujie
Liu, Long Zhou, Nan Duan, Jian Yin, Daxin Jiang, et al. Graphcode-
bert: Pre-training code representations with data flow. arXiv preprint
arXiv:2009.08366, 2020.
[106] Shuai Lu, Daya Guo, Shuo Ren, Junjie Huang, Alexey Svyatkovskiy,
Ambrosio Blanco, Colin Clement, Dawn Drain, Daxin Jiang, Duyu
Tang, et al. Codexglue: A machine learning benchmark dataset for
code understanding and generation. arXiv preprint arXiv:2102.04664,
2021.
[107] Wasi Uddin Ahmad, Saikat Chakraborty, Baishakhi Ray, and Kai-Wei
Chang. Unified pre-training for program understanding and generation.
arXiv preprint arXiv:2103.06333, 2021.