VulSCP: Automated Code Vulnerability Detection via Sequential Convolution and Parallel Attention Mechanism
Zhe Wang1, Yu Yan2, Junqi Tong1, Yijun Lin1, Dechun Yin1,*, Xiaoliang Zhao1
1 School of Information and Network Security, People’s Public Security University of China, Beijing, China
2 Institute of Computing Technology, Chinese Academy of Sciences, Beijing, China
* Corresponding Author: Dechun Yin. Email: 
Computers, Materials & Continua https://doi.org/10.32604/cmc.2026.081155
Received 24 February 2026; Accepted 16 April 2026; Published online 06 May 2026
Abstract
As software applications grow increasingly large and complex, traditional code vulnerability detection methods struggle with performance and efficiency. Although code visualization-based algorithms have demonstrated effectiveness in capturing sparse features and complex workflows in large-scale source code, their capacity to extract global semantic information and intricate long-range dependencies remains limited. Recent large language model (LLM)-based approaches have shown promising accuracy by leveraging rich contextual information, but their high computational cost often limits practical efficiency. To address these challenges, we propose VulSCP, a new framework that integrates sequential convolution with a parallel attention mechanism. Specifically, VulSCP first constructs a semantically weighted graph from the source code, then employs sequential convolution to extract local vulnerability-related features, and finally enhances the global feature representation through parallel attention. Experimental results on large-scale C/C++ function-level datasets show that VulSCP achieves an accuracy of 85.14% and a false positive rate of 17.25%, outperforming the best baseline in accuracy by 1.73 percentage points and reducing the false positive rate by 3.38 percentage points. Moreover, while maintaining high detection accuracy, VulSCP achieves a low average inference time of 1.89 s per sample, showing favorable efficiency compared with the evaluated LLM-based methods. These results suggest that VulSCP is a promising approach for vulnerability detection in large and complex software systems, offering a favorable balance between accuracy and efficiency. The source code of VulSCP is publicly available at
https://github.com/Hwzx-ZeL/VulSCP.
Keywords
Code vulnerability detection; sequential convolution; parallel attention; program dependency graph; semantic graph representation
Open Access
Login
Register
Submit a Paper
Propose a Special lssue
Download PDF
Downloads
Citation Tools
