Abstract: Addressing the challenges in the field of source code vulnerability detection, particularly the shortcomings of existing methods in accurately embedding code graphs and capturing their complex hierarchical structures, this paper proposes an innovative slice-level source code vulnerability detection method based on hyperbolic graph convolutional neural network (HGCN), termed VulDHGCN. This method integrates the powerful expressive capabilities of graph convolutional neural networks and hyperbolic geometry to more comprehensively embed and preserve the structural features of source code, effectively reducing information distortion during the code graph embedding process. To comprehensively evaluate the effectiveness of VulDHGCN, three traditional rule-based static vulnerability detection methods and three advanced model-based vulnerability detection methods are selected as comparison baselines. Experimental results demonstrate that VulDHGCN outperforms the baseline methods across multiple key performance indicators. Specifically, VulDHGCN achieves accuracy, precision, recall, and F1 scores of 96.52%, 92.31%, 85.12%, and 88.57%, respectively. Compared to the baseline vulnerability detection methods, VulDHGCN exhibits a significant advantage with an improvement in F1 score ranging from 6.62% to 153.92%. This not only validates the effectiveness of the VulDHGCN method but also provides a new perspective and approach for the further application of deep learning in the field of source code vulnerability detection.

Key words: vulnerability detection, slice-level, low distortion embedding, hyperbolic space, graph convolutional neural network