{"id":"https://openalex.org/W4417045870","doi":"https://doi.org/10.3390/fi17120557","title":"A Context-Aware Lightweight Framework for Source Code Vulnerability Detection","display_name":"A Context-Aware Lightweight Framework for Source Code Vulnerability Detection","publication_year":2025,"publication_date":"2025-12-03","ids":{"openalex":"https://openalex.org/W4417045870","doi":"https://doi.org/10.3390/fi17120557"},"language":"en","primary_location":{"id":"doi:10.3390/fi17120557","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi17120557","pdf_url":null,"source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.3390/fi17120557","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5062565743","display_name":"Yousef Sanjalawe","orcid":"https://orcid.org/0000-0002-4442-1865"},"institutions":[{"id":"https://openalex.org/I114972647","display_name":"University of Jordan","ror":"https://ror.org/05k89ew48","country_code":"JO","type":"education","lineage":["https://openalex.org/I114972647"]},{"id":"https://openalex.org/I2800358669","display_name":"King Abdullah University Hospital","ror":"https://ror.org/02f6hdc06","country_code":"JO","type":"healthcare","lineage":["https://openalex.org/I2800358669"]}],"countries":["JO"],"is_corresponding":false,"raw_author_name":"Yousef Sanjalawe","raw_affiliation_strings":["Department of Information Technology, King Abdullah II School for Information Technology, University of Jordan (JU), Amman 11942, Jordan"],"raw_orcid":"https://orcid.org/0000-0002-4442-1865","affiliations":[{"raw_affiliation_string":"Department of Information Technology, King Abdullah II School for Information Technology, University of Jordan (JU), Amman 11942, Jordan","institution_ids":["https://openalex.org/I114972647","https://openalex.org/I2800358669"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5067126557","display_name":"Budoor Allehyani","orcid":"https://orcid.org/0009-0006-0424-6894"},"institutions":[{"id":"https://openalex.org/I199693650","display_name":"Umm al-Qura University","ror":"https://ror.org/01xjqrm90","country_code":"SA","type":"education","lineage":["https://openalex.org/I199693650"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Budoor Allehyani","raw_affiliation_strings":["Department of Software Engineering, College of Computing, Umm Al-Qura University (UQU), Makkah 24381, Saudi Arabia"],"raw_orcid":"https://orcid.org/0009-0006-0424-6894","affiliations":[{"raw_affiliation_string":"Department of Software Engineering, College of Computing, Umm Al-Qura University (UQU), Makkah 24381, Saudi Arabia","institution_ids":["https://openalex.org/I199693650"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5027575640","display_name":"Salam Al-E\u2019mari","orcid":"https://orcid.org/0000-0002-2134-4158"},"institutions":[{"id":"https://openalex.org/I36622005","display_name":"Petra University","ror":"https://ror.org/039d9es10","country_code":"JO","type":"education","lineage":["https://openalex.org/I36622005"]}],"countries":["JO"],"is_corresponding":false,"raw_author_name":"Salam Al-E\u2019mari","raw_affiliation_strings":["Department of Information Security, Faculty of Information Technology, University of Petra (UoP), Amman 11196, Jordan"],"raw_orcid":"https://orcid.org/0000-0002-2134-4158","affiliations":[{"raw_affiliation_string":"Department of Information Security, Faculty of Information Technology, University of Petra (UoP), Amman 11196, Jordan","institution_ids":["https://openalex.org/I36622005"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":{"value":1400,"currency":"CHF","value_usd":1515},"apc_paid":{"value":1400,"currency":"CHF","value_usd":1515},"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.47256595,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"17","issue":"12","first_page":"557","last_page":"557"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.34529998898506165,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.34529998898506165,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.21770000457763672,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.13529999554157257,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/security-token","display_name":"Security token","score":0.6359000205993652},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.5365999937057495},{"id":"https://openalex.org/keywords/discriminative-model","display_name":"Discriminative model","score":0.5297999978065491},{"id":"https://openalex.org/keywords/adaptability","display_name":"Adaptability","score":0.5241000056266785},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.516700029373169},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.459199994802475},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.45669999718666077},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.44769999384880066},{"id":"https://openalex.org/keywords/benchmark","display_name":"Benchmark (surveying)","score":0.4291999936103821}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.9223999977111816},{"id":"https://openalex.org/C48145219","wikidata":"https://www.wikidata.org/wiki/Q1335365","display_name":"Security token","level":2,"score":0.6359000205993652},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.5365999937057495},{"id":"https://openalex.org/C97931131","wikidata":"https://www.wikidata.org/wiki/Q5282087","display_name":"Discriminative model","level":2,"score":0.5297999978065491},{"id":"https://openalex.org/C177606310","wikidata":"https://www.wikidata.org/wiki/Q5674297","display_name":"Adaptability","level":2,"score":0.5241000056266785},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.516700029373169},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.459199994802475},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.45669999718666077},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.44769999384880066},{"id":"https://openalex.org/C185798385","wikidata":"https://www.wikidata.org/wiki/Q1161707","display_name":"Benchmark (surveying)","level":2,"score":0.4291999936103821},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.427700012922287},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.40720000863075256},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.3968000113964081},{"id":"https://openalex.org/C137287247","wikidata":"https://www.wikidata.org/wiki/Q1329550","display_name":"Static program analysis","level":4,"score":0.38359999656677246},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.35690000653266907},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.34689998626708984},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.34619998931884766},{"id":"https://openalex.org/C32833848","wikidata":"https://www.wikidata.org/wiki/Q4115054","display_name":"Extensibility","level":2,"score":0.3222000002861023},{"id":"https://openalex.org/C184337299","wikidata":"https://www.wikidata.org/wiki/Q1437428","display_name":"Semantics (computer science)","level":2,"score":0.30469998717308044},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3043000102043152},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3003000020980835},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.29600000381469727},{"id":"https://openalex.org/C168065819","wikidata":"https://www.wikidata.org/wiki/Q845566","display_name":"Debugging","level":2,"score":0.2816999852657318},{"id":"https://openalex.org/C13540734","wikidata":"https://www.wikidata.org/wiki/Q5318996","display_name":"Dynamic network analysis","level":2,"score":0.2734000086784363},{"id":"https://openalex.org/C16311509","wikidata":"https://www.wikidata.org/wiki/Q4148050","display_name":"Dependency graph","level":3,"score":0.2651999890804291},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.26440000534057617},{"id":"https://openalex.org/C177148314","wikidata":"https://www.wikidata.org/wiki/Q170084","display_name":"Generalization","level":2,"score":0.2614000141620636},{"id":"https://openalex.org/C149091818","wikidata":"https://www.wikidata.org/wiki/Q2429814","display_name":"Software system","level":3,"score":0.2590999901294708},{"id":"https://openalex.org/C86251818","wikidata":"https://www.wikidata.org/wiki/Q816754","display_name":"Benchmarking","level":2,"score":0.2556999921798706},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.2540999948978424}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.3390/fi17120557","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi17120557","pdf_url":null,"source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:f607648129974aa39d991d9667387e9b","is_oa":true,"landing_page_url":"https://doaj.org/article/f607648129974aa39d991d9667387e9b","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Future Internet, Vol 17, Iss 12, p 557 (2025)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.3390/fi17120557","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi17120557","pdf_url":null,"source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G340455171","display_name":null,"funder_award_id":"25UQU4331451GSSR02","funder_id":"https://openalex.org/F4320324047","funder_display_name":"Umm Al-Qura University"}],"funders":[{"id":"https://openalex.org/F4320324047","display_name":"Umm Al-Qura University","ror":"https://ror.org/01xjqrm90"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W3187025053","https://openalex.org/W4225673889","https://openalex.org/W4292491372","https://openalex.org/W4306248583","https://openalex.org/W4312690534","https://openalex.org/W4385485128","https://openalex.org/W4386608804","https://openalex.org/W4387108032","https://openalex.org/W4399837262","https://openalex.org/W4400577080","https://openalex.org/W4402176088","https://openalex.org/W4402683771","https://openalex.org/W4403587478","https://openalex.org/W4404132849","https://openalex.org/W4407215324","https://openalex.org/W4408444559","https://openalex.org/W4411504896","https://openalex.org/W4411692508","https://openalex.org/W4411964915","https://openalex.org/W4412451743","https://openalex.org/W4415647391","https://openalex.org/W4416443305"],"related_works":[],"abstract_inverted_index":{"As":[0],"software":[1],"systems":[2],"grow":[3],"increasingly":[4],"complex":[5],"and":[6,17,32,45,65,80,95,107,125,134,148,163,185,209,223,236],"interconnected,":[7],"detecting":[8],"vulnerabilities":[9,31],"in":[10,27,87,217,231],"source":[11,88],"code":[12],"has":[13],"become":[14],"a":[15,78,99,108,214],"critical":[16],"challenging":[18],"task.":[19],"Traditional":[20],"static":[21,58,233],"analysis":[22,234],"methods":[23],"often":[24],"fall":[25],"short":[26],"capturing":[28],"deep,":[29],"context-dependent":[30],"adapting":[33],"to":[34,48,68,121,131,158],"rapidly":[35],"evolving":[36,164],"threat":[37],"landscapes.":[38],"Recent":[39],"efforts":[40],"have":[41],"explored":[42],"knowledge":[43,59,104,153],"graphs":[44],"transformer-based":[46,100],"models":[47],"enhance":[49],"semantic":[50,96],"understanding;":[51],"however,":[52],"these":[53,73,205],"solutions":[54],"frequently":[55],"rely":[56],"on":[57,118,171],"bases,":[60],"exhibit":[61],"high":[62],"computational":[63],"overhead,":[64],"lack":[66],"adaptability":[67],"emerging":[69],"threats.":[70],"To":[71],"address":[72],"limitations,":[74],"we":[75],"propose":[76],"DynaKG-NER++,":[77],"novel":[79],"lightweight":[81],"framework":[82],"for":[83,229],"context-aware":[84],"vulnerability":[85,218],"detection":[86],"code.":[89],"Our":[90],"approach":[91],"integrates":[92],"lexical,":[93],"syntactic,":[94],"features":[97],"using":[98],"token":[101,133],"encoder,":[102],"dynamic":[103,146],"graph":[105],"embeddings,":[106],"Graph":[109],"Attention":[110],"Network":[111],"(GAT).":[112],"We":[113,168],"further":[114],"introduce":[115],"contrastive":[116],"learning":[117],"vulnerability\u2013patch":[119],"pairs":[120],"improve":[122],"discriminative":[123],"capacity":[124],"design":[126],"an":[127],"attention-based":[128],"fusion":[129],"module":[130],"combine":[132],"entity":[135],"representations":[136],"adaptively.":[137],"A":[138],"key":[139],"innovation":[140],"of":[141,151],"our":[142],"method":[143],"is":[144],"the":[145,152,156,190],"construction":[147],"continual":[149],"update":[150],"graph,":[154],"allowing":[155],"model":[157],"incorporate":[159],"newly":[160],"published":[161],"CVEs":[162],"relationships":[165],"without":[166],"retraining.":[167],"evaluate":[169],"DynaKG-NER++":[170,212],"five":[172],"benchmark":[173],"datasets,":[174],"demonstrating":[175],"superior":[176],"performance":[177],"across":[178],"span-level":[179],"F1":[180],"(89.3%),":[181],"token-level":[182],"accuracy":[183],"(93.2%),":[184],"AUC-ROC":[186],"(0.936),":[187],"while":[188],"achieving":[189],"lowest":[191],"false":[192],"positive":[193],"rate":[194],"(5.1%)":[195],"among":[196],"state-of-the-art":[197],"baselines.":[198],"Sta":[199],"tistical":[200],"significance":[201],"tests":[202],"confirm":[203],"that":[204],"improvements":[206],"are":[207],"robust":[208],"meaningful.":[210],"Overall,":[211],"establishes":[213],"new":[215],"standard":[216],"detection,":[219],"balancing":[220],"accuracy,":[221],"adaptability,":[222],"efficiency,":[224],"making":[225],"it":[226],"highly":[227],"suitable":[228],"deployment":[230],"real-world":[232],"pipelines":[235],"resource-constrained":[237],"environments.":[238]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-12-05T00:00:00"}