{"id":"https://openalex.org/W4396594820","doi":"https://doi.org/10.1109/access.2024.3396410","title":"DB-CBIL: A DistilBert-Based Transformer Hybrid Model Using CNN and BiLSTM for Software Vulnerability Detection","display_name":"DB-CBIL: A DistilBert-Based Transformer Hybrid Model Using CNN and BiLSTM for Software Vulnerability Detection","publication_year":2024,"publication_date":"2024-01-01","ids":{"openalex":"https://openalex.org/W4396594820","doi":"https://doi.org/10.1109/access.2024.3396410"},"language":"en","primary_location":{"id":"doi:10.1109/access.2024.3396410","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2024.3396410","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10517582.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10517582.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5024701185","display_name":"Ahmed Bahaa","orcid":null},"institutions":[{"id":"https://openalex.org/I113643904","display_name":"Beni-Suef University","ror":"https://ror.org/05pn4yv70","country_code":"EG","type":"education","lineage":["https://openalex.org/I113643904"]},{"id":"https://openalex.org/I84058292","display_name":"Helwan University","ror":"https://ror.org/00h55v928","country_code":"EG","type":"education","lineage":["https://openalex.org/I84058292"]}],"countries":["EG"],"is_corresponding":true,"raw_author_name":"Ahmed Bahaa","raw_affiliation_strings":["Department of Information Systems, Faculty of Computers and Artificial Intelligence, Helwan University, Helwan, Egypt","Department of Information Systems, Faculty of Computers and Artificial Intelligence, Beni-Suef University, Beni-Suef, Egypt"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Information Systems, Faculty of Computers and Artificial Intelligence, Helwan University, Helwan, Egypt","institution_ids":["https://openalex.org/I84058292"]},{"raw_affiliation_string":"Department of Information Systems, Faculty of Computers and Artificial Intelligence, Beni-Suef University, Beni-Suef, Egypt","institution_ids":["https://openalex.org/I113643904"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5067786500","display_name":"A. Kamal","orcid":"https://orcid.org/0009-0007-5936-5177"},"institutions":[{"id":"https://openalex.org/I84058292","display_name":"Helwan University","ror":"https://ror.org/00h55v928","country_code":"EG","type":"education","lineage":["https://openalex.org/I84058292"]}],"countries":["EG"],"is_corresponding":false,"raw_author_name":"Aya El-Rahman Kamal","raw_affiliation_strings":["Department of Information Systems, Faculty of Computers and Artificial Intelligence, Helwan University, Helwan, Egypt"],"raw_orcid":"https://orcid.org/0009-0007-5936-5177","affiliations":[{"raw_affiliation_string":"Department of Information Systems, Faculty of Computers and Artificial Intelligence, Helwan University, Helwan, Egypt","institution_ids":["https://openalex.org/I84058292"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5056905155","display_name":"Hanan Fahmy","orcid":"https://orcid.org/0000-0002-7247-4825"},"institutions":[{"id":"https://openalex.org/I84058292","display_name":"Helwan University","ror":"https://ror.org/00h55v928","country_code":"EG","type":"education","lineage":["https://openalex.org/I84058292"]}],"countries":["EG"],"is_corresponding":false,"raw_author_name":"Hanan Fahmy","raw_affiliation_strings":["Department of Information Systems, Faculty of Computers and Artificial Intelligence, Helwan University, Helwan, Egypt"],"raw_orcid":"https://orcid.org/0000-0002-7247-4825","affiliations":[{"raw_affiliation_string":"Department of Information Systems, Faculty of Computers and Artificial Intelligence, Helwan University, Helwan, Egypt","institution_ids":["https://openalex.org/I84058292"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5013863532","display_name":"Amr S. Ghoneim","orcid":"https://orcid.org/0000-0003-3522-4875"},"institutions":[{"id":"https://openalex.org/I84058292","display_name":"Helwan University","ror":"https://ror.org/00h55v928","country_code":"EG","type":"education","lineage":["https://openalex.org/I84058292"]}],"countries":["EG"],"is_corresponding":false,"raw_author_name":"Amr S. Ghoneim","raw_affiliation_strings":["Department of Computer Science, Faculty of Computers and Artificial Intelligence, Helwan University, Helwan, Egypt","Department of Information Systems, Faculty of Computers and Artificial Intelligence, Helwan University, Helwan, Egypt"],"raw_orcid":"https://orcid.org/0000-0003-3522-4875","affiliations":[{"raw_affiliation_string":"Department of Computer Science, Faculty of Computers and Artificial Intelligence, Helwan University, Helwan, Egypt","institution_ids":["https://openalex.org/I84058292"]},{"raw_affiliation_string":"Department of Information Systems, Faculty of Computers and Artificial Intelligence, Helwan University, Helwan, Egypt","institution_ids":["https://openalex.org/I84058292"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5024701185"],"corresponding_institution_ids":["https://openalex.org/I113643904","https://openalex.org/I84058292"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":13.9824,"has_fulltext":false,"cited_by_count":19,"citation_normalized_percentile":{"value":0.98762843,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":100},"biblio":{"volume":"12","issue":null,"first_page":"64446","last_page":"64460"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9966999888420105,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9959999918937683,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8491889238357544},{"id":"https://openalex.org/keywords/abstract-syntax-tree","display_name":"Abstract syntax tree","score":0.6265725493431091},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5542956590652466},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.5441409945487976},{"id":"https://openalex.org/keywords/convolutional-neural-network","display_name":"Convolutional neural network","score":0.5397056341171265},{"id":"https://openalex.org/keywords/security-token","display_name":"Security token","score":0.5333046317100525},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.5330262184143066},{"id":"https://openalex.org/keywords/language-model","display_name":"Language model","score":0.532520592212677},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.47932231426239014},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.44152626395225525},{"id":"https://openalex.org/keywords/encoder","display_name":"Encoder","score":0.4407896399497986},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.37604519724845886},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.37217092514038086},{"id":"https://openalex.org/keywords/syntax","display_name":"Syntax","score":0.28411179780960083},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.20562905073165894},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.15707457065582275}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8491889238357544},{"id":"https://openalex.org/C58646249","wikidata":"https://www.wikidata.org/wiki/Q127380","display_name":"Abstract syntax tree","level":3,"score":0.6265725493431091},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5542956590652466},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.5441409945487976},{"id":"https://openalex.org/C81363708","wikidata":"https://www.wikidata.org/wiki/Q17084460","display_name":"Convolutional neural network","level":2,"score":0.5397056341171265},{"id":"https://openalex.org/C48145219","wikidata":"https://www.wikidata.org/wiki/Q1335365","display_name":"Security token","level":2,"score":0.5333046317100525},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.5330262184143066},{"id":"https://openalex.org/C137293760","wikidata":"https://www.wikidata.org/wiki/Q3621696","display_name":"Language model","level":2,"score":0.532520592212677},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.47932231426239014},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.44152626395225525},{"id":"https://openalex.org/C118505674","wikidata":"https://www.wikidata.org/wiki/Q42586063","display_name":"Encoder","level":2,"score":0.4407896399497986},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.37604519724845886},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.37217092514038086},{"id":"https://openalex.org/C60048249","wikidata":"https://www.wikidata.org/wiki/Q37437","display_name":"Syntax","level":2,"score":0.28411179780960083},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.20562905073165894},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.15707457065582275},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2024.3396410","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2024.3396410","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10517582.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:ffc33233d78b4dfcb6384238208f1288","is_oa":true,"landing_page_url":"https://doaj.org/article/ffc33233d78b4dfcb6384238208f1288","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 12, Pp 64446-64460 (2024)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2024.3396410","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2024.3396410","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10517582.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.5}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4396594820.pdf"},"referenced_works_count":60,"referenced_works":["https://openalex.org/W1553469512","https://openalex.org/W1563577331","https://openalex.org/W1655956671","https://openalex.org/W1821462560","https://openalex.org/W1985258458","https://openalex.org/W2028820179","https://openalex.org/W2043837581","https://openalex.org/W2055765785","https://openalex.org/W2064675550","https://openalex.org/W2079753286","https://openalex.org/W2137789775","https://openalex.org/W2148702066","https://openalex.org/W2165004968","https://openalex.org/W2250539671","https://openalex.org/W2297419069","https://openalex.org/W2417947228","https://openalex.org/W2493916176","https://openalex.org/W2507974895","https://openalex.org/W2559935471","https://openalex.org/W2634106992","https://openalex.org/W2748690817","https://openalex.org/W2765858138","https://openalex.org/W2781491433","https://openalex.org/W2786010338","https://openalex.org/W2793157084","https://openalex.org/W2793941577","https://openalex.org/W2796200341","https://openalex.org/W2883406652","https://openalex.org/W2885030880","https://openalex.org/W2885195348","https://openalex.org/W2950087183","https://openalex.org/W2956479686","https://openalex.org/W2962739339","https://openalex.org/W2962960733","https://openalex.org/W2965373594","https://openalex.org/W2978017171","https://openalex.org/W3007551217","https://openalex.org/W3016970378","https://openalex.org/W3033777149","https://openalex.org/W3037458976","https://openalex.org/W3101228802","https://openalex.org/W3166095789","https://openalex.org/W3177116043","https://openalex.org/W3194346579","https://openalex.org/W3212106560","https://openalex.org/W4231109964","https://openalex.org/W4285285581","https://openalex.org/W4294170691","https://openalex.org/W4308351818","https://openalex.org/W4312326656","https://openalex.org/W4312690534","https://openalex.org/W4365513113","https://openalex.org/W4384345698","https://openalex.org/W4385245566","https://openalex.org/W6605468800","https://openalex.org/W6749470980","https://openalex.org/W6755207826","https://openalex.org/W6767260250","https://openalex.org/W6768851824","https://openalex.org/W6910546390"],"related_works":["https://openalex.org/W2001919569","https://openalex.org/W4310447811","https://openalex.org/W4389751695","https://openalex.org/W2165004968","https://openalex.org/W2320787857","https://openalex.org/W3086207785","https://openalex.org/W3012064729","https://openalex.org/W2969229669","https://openalex.org/W2955426500","https://openalex.org/W2388254906"],"abstract_inverted_index":{"Software":[0,193],"vulnerabilities":[1,54],"are":[2,131],"among":[3],"the":[4,80,84,94,112,148,171,175,192,205,209,234,238,244],"significant":[5,241],"causes":[6],"of":[7,51,88,174,247],"security":[8,15],"breaches.":[9],"Vulnerabilities":[10],"can":[11,179],"severely":[12],"compromise":[13],"software":[14,39],"if":[16],"exploited":[17],"by":[18,213,223],"malicious":[19],"attacks":[20],"and":[21,37,86,218,227],"may":[22],"result":[23],"in":[24,237],"catastrophic":[25],"losses.":[26],"Hence,":[27],"Automatic":[28],"vulnerability":[29,49,248],"detection":[30,50],"methods":[31],"promise":[32],"to":[33,169],"mitigate":[34],"attack":[35],"risks":[36],"safeguard":[38],"security.":[40],"This":[41],"paper":[42],"introduces":[43],"a":[44,58,108,122,240],"novel":[45],"model":[46,62,74,82,101,126,135,146,161,207,232],"for":[47,83,118,156],"automatic":[48],"source":[52,89,186],"code":[53,90,110,129,187],"dubbed":[55],"DB-CBIL":[56],"using":[57,79,107],"hybrid":[59,123,134],"deep":[60,124],"learning":[61,125],"based":[63,92],"on":[64,93,138],"Distilled":[65],"Bidirectional":[66],"Encoder":[67],"Representations":[68],"from":[69,191],"Transformers":[70],"(DistilBERT).":[71],"The":[72,100,133,144,159,184,230],"proposed":[73,206,231],"considers":[75],"contextualized":[76],"word":[77,119],"embeddings":[78],"language":[81],"syntax":[85],"semantics":[87],"functions":[91,130],"Abstract":[95],"Syntax":[96],"Tree":[97],"(AST)":[98],"representation.":[99],"includes":[102],"two":[103,139],"main":[104],"phases.":[105],"First,":[106],"vulnerable":[109],"dataset,":[111],"pre-trained":[113],"DistilBert":[114],"transformer":[115],"is":[116,136,147,154,162,189],"fine-tuned":[117],"embedding.":[120],"Second,":[121],"detects":[127],"which":[128,153,165],"vulnerable.":[132],"built":[137],"Deep":[140],"Neural":[141,150],"Networks":[142],"(DNN).":[143],"first":[145],"Convolutional":[149],"Network":[151],"(CNN),":[152],"used":[155,168],"extracting":[157],"features.":[158],"second":[160],"Bidirectional-LSTM":[163],"(BiLSTM),":[164],"has":[166],"been":[167],"maintain":[170],"sequential":[172],"order":[173],"data":[176],"as":[177],"it":[178],"handle":[180],"lengthy":[181],"token":[182],"sequences.":[183],"utilized":[185],"dataset":[188],"derived":[190],"Assurance":[194],"Reference":[195],"Database":[196],"(SARD)":[197],"benchmark":[198],"dataset.":[199],"Final":[200],"experimental":[201],"findings":[202],"show":[203],"that":[204],"outperforms":[208],"state-of-the-art":[210],"approaches\u2019":[211],"performance":[212],"improving":[214],"precision,":[215],"recall,":[216],"F1-score,":[217],"False":[219],"Negative":[220],"Rate":[221],"(FNR)":[222],"2.41%-8.95%,":[224],"4.0%-16.28%,":[225],"1.85%-12.74%,":[226],"18%":[228],"respectively.":[229],"reports":[233],"lowest":[235],"FNR":[236],"literature,":[239],"achievement":[242],"given":[243],"cost-based":[245],"nature":[246],"detectors.":[249]},"counts_by_year":[{"year":2026,"cited_by_count":6},{"year":2025,"cited_by_count":12},{"year":2024,"cited_by_count":1}],"updated_date":"2026-05-05T08:41:31.759640","created_date":"2025-10-10T00:00:00"}