FuncVul: Function-Level Vulnerability Detection with LLMs and Code Chunks

Introduction

FuncVul is an advanced model for detecting vulnerabilities at the function level within C/C++ and Python codebases. Traditional vulnerability detection often focuses on entire packages or libraries, overlooking the specific functions responsible for weaknesses. FuncVul addresses this by employing an innovative code chunk-based approach combined with large language models (LLMs) to pinpoint precise vulnerable segments. This method significantly enhances the accuracy and granularity of vulnerability detection, making it a crucial tool for securing open-source software and mitigating supply chain risks. The project's research highlights its effectiveness, outperforming existing models and demonstrating substantial improvements by focusing on smaller, critical code segments.

Installation

To get started with FuncVul and its baseline models, you can clone the repository and run the main script. Detailed instructions for setting up the environment and dependencies are typically found within the repository.

git clone https://github.com/sajalhalder/FuncVul.git
cd FuncVul
python FuncVul+Baselines.py

For specific environment setup or dependency installation, please refer to the project's documentation within the GitHub repository.

Examples

FuncVul's research utilizes six distinct datasets to evaluate its performance, each structured to test different aspects of function-level vulnerability detection. These datasets are built using two primary approaches for labeling vulnerable samples: integrating patch information with LLMs, and leveraging LLMs alone.

The datasets include variations such as:

• Code + Description Code Chunk: Vulnerable samples defined by LLM + Patch Information.
• Code Code Chunk: Vulnerable samples defined by LLM + Patch Information.
• Code + Description Generic Code Chunk: Vulnerable samples defined by LLM + Patch Information.
• Code Generic Code Chunk: Vulnerable samples defined by LLM + Patch Information.
• Code + Description Code Chunk: Vulnerable samples defined by LLM only.
• Code Code Chunk: Vulnerable samples defined by LLM only.

Each dataset typically contains columns like cve (CVE number), code_chunks or generic_code_chunks (3-line based code chunks), vul_category (type of vulnerability, not used in experiment analysis), and label (vulnerable (1) or non-vulnerable (0)). The project also explores the impact of varying code chunk sizes (1, 3, 5, 7, 9, 10, 15, 20, 25 lines) for analysis.

Why Use FuncVul

FuncVul offers several compelling advantages for developers and security researchers:

• Function-Level Precision: It identifies vulnerabilities at the specific function level, providing more granular and actionable insights than package-level detection.
• LLM-Powered Detection: Leverages the power of Large Language Models and fine-tuned GraphCodeBERT to capture both syntactic and semantic aspects of code for robust analysis.
• Code Chunk Approach: Its innovative code chunk-based methodology significantly improves detection accuracy and F1-score compared to analyzing full functions, making it more efficient and effective.
• High Performance: Achieves impressive accuracy (87-92%) and F1 scores (86-92%) across diverse datasets, outperforming existing state-of-the-art models.
• Multi-Language Support: Designed to detect vulnerabilities in both C/C++ and Python, covering a wide range of software projects.
• Research-Backed: Supported by rigorous research, including an accepted paper at ESORICS 2025, demonstrating its scientific validity and practical utility.

Links

• GitHub Repository: https://github.com/sajalhalder/FuncVul
• arXiv Paper: http://arxiv.org/abs/2506.19453