{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,2]],"date-time":"2026-07-02T23:16:45Z","timestamp":1783034205496,"version":"3.54.6"},"reference-count":55,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2026,10,1]],"date-time":"2026-10-01T00:00:00Z","timestamp":1790812800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2026,10,1]],"date-time":"2026-10-01T00:00:00Z","timestamp":1790812800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/legal\/tdmrep-license"},{"start":{"date-parts":[[2026,10,1]],"date-time":"2026-10-01T00:00:00Z","timestamp":1790812800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-017"},{"start":{"date-parts":[[2026,10,1]],"date-time":"2026-10-01T00:00:00Z","timestamp":1790812800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"},{"start":{"date-parts":[[2026,10,1]],"date-time":"2026-10-01T00:00:00Z","timestamp":1790812800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-012"},{"start":{"date-parts":[[2026,10,1]],"date-time":"2026-10-01T00:00:00Z","timestamp":1790812800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2026,10,1]],"date-time":"2026-10-01T00:00:00Z","timestamp":1790812800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-004"}],"funder":[{"DOI":"10.13039\/501100002980","name":"Dalian University of Technology","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100002980","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Information and Software Technology"],"published-print":{"date-parts":[[2026,10]]},"DOI":"10.1016\/j.infsof.2026.108228","type":"journal-article","created":{"date-parts":[[2026,6,14]],"date-time":"2026-06-14T18:40:41Z","timestamp":1781462441000},"page":"108228","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":0,"special_numbering":"C","title":["VulnScout: Imbalance-aware source code vulnerability detection using pretrained code models and Deep Neural Network"],"prefix":"10.1016","volume":"198","author":[{"ORCID":"https:\/\/orcid.org\/0009-0004-4810-7883","authenticated-orcid":false,"given":"Muhammad Farhat","family":"Ullah","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4311-6068","authenticated-orcid":false,"given":"Maseeh Ullah","family":"Khan","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3779-2633","authenticated-orcid":false,"given":"Ali","family":"Saeed","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-2461-5417","authenticated-orcid":false,"given":"Sabeeh Ullah","family":"Khan","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9377-2071","authenticated-orcid":false,"given":"Muhammad","family":"Ishtiaq","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-1926-8069","authenticated-orcid":false,"given":"Hasan E","family":"Rezwan","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4338-5927","authenticated-orcid":false,"given":"Weiqiang","family":"Kong","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"78","reference":[{"key":"10.1016\/j.infsof.2026.108228_b1","series-title":"32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023","first-page":"6507","article-title":"Trojan source: Invisible vulnerabilities","author":"Boucher","year":"2023"},{"key":"10.1016\/j.infsof.2026.108228_b2","doi-asserted-by":"crossref","unstructured":"W. Charoenwet, P. Thongtanunam, V.-T. Pham, C. Treude, An empirical study of static analysis tools for secure code review, in: Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2024, pp. 691\u2013703.","DOI":"10.1145\/3650212.3680313"},{"issue":"1","key":"10.1016\/j.infsof.2026.108228_b3","doi-asserted-by":"crossref","DOI":"10.1155\/int\/6660868","article-title":"Ethical principles of integrating ChatGPT into IoT\u2013based software wearables: A fuzzy-TOPSIS ranking and analysis approach","volume":"2025","author":"Khan","year":"2025","journal-title":"Int. J. Intell. Syst."},{"key":"10.1016\/j.infsof.2026.108228_b4","series-title":"25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18-21, 2018","article-title":"VulDeePecker: A deep learning-based system for vulnerability detection","author":"Li","year":"2018"},{"issue":"4","key":"10.1016\/j.infsof.2026.108228_b5","doi-asserted-by":"crossref","first-page":"2244","DOI":"10.1109\/TDSC.2021.3051525","article-title":"SySeVR: A framework for using deep learning to detect software vulnerabilities","volume":"19","author":"Li","year":"2022","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"10.1016\/j.infsof.2026.108228_b6","unstructured":"Y. Zhou, S. Liu, J.K. Siow, X. Du, Y. Liu, Devign: Effective Vulnerability Identification by Learning Comprehensive Program Semantics via Graph Neural Networks, in: H.M. Wallach, H. Larochelle, A. Beygelzimer, F. d\u2019Alch\u00e9-Buc, E.B. Fox, R. Garnett (Eds.), Advances in Neural Information Processing Systems 32: Annual Conference on Neural Information Processing Systems 2019, NeurIPS 2019, December 8-14, 2019, Vancouver, BC, Canada, 2019, pp. 10197\u201310207."},{"key":"10.1016\/j.infsof.2026.108228_b7","series-title":"Proceedings of the 46th IEEE\/ACM International Conference on Software Engineering, ICSE 2024, Lisbon, Portugal, April 14-20, 2024","first-page":"155:1","article-title":"Coca: Improving and explaining graph neural network-based vulnerability detection systems","author":"Cao","year":"2024"},{"key":"10.1016\/j.infsof.2026.108228_b8","doi-asserted-by":"crossref","DOI":"10.1016\/j.infsof.2025.107826","article-title":"Vulnerability detection with graph attention network and metric learning","volume":"186","author":"Zhang","year":"2025","journal-title":"Inf. Softw. Technol."},{"key":"10.1016\/j.infsof.2026.108228_b9","series-title":"Findings of the Association for Computational Linguistics: EMNLP 2020, Online Event, 16-20 November 2020","first-page":"1536","article-title":"CodeBERT: A pre-trained model for programming and natural languages","volume":"vol. EMNLP 2020","author":"Feng","year":"2020"},{"key":"10.1016\/j.infsof.2026.108228_b10","series-title":"Proceedings of the 2021 Conference on Empirical Methods in Natural Language Processing, EMNLP 2021, Virtual Event \/ Punta Cana, Dominican Republic, 7-11 November, 2021","first-page":"8696","article-title":"CodeT5: Identifier-aware unified pre-trained encoder-decoder models for code understanding and generation","author":"Wang","year":"2021"},{"key":"10.1016\/j.infsof.2026.108228_b11","series-title":"Proceedings of the 60th Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers), ACL 2022, Dublin, Ireland, May 22-27, 2022","first-page":"7212","article-title":"UniXcoder: Unified cross-modal pre-training for code representation","author":"Guo","year":"2022"},{"key":"10.1016\/j.infsof.2026.108228_b12","series-title":"9th International Conference on Learning Representations, ICLR 2021, Virtual Event, Austria, May 3-7, 2021","article-title":"GraphCodeBERT: Pre-training code representations with data flow","author":"Guo","year":"2021"},{"key":"10.1016\/j.infsof.2026.108228_b13","series-title":"The Twelfth International Conference on Learning Representations, ICLR 2024, Vienna, Austria, May 7-11, 2024","article-title":"WizardCoder: Empowering code large language models with evol-instruct","author":"Luo","year":"2024"},{"key":"10.1016\/j.infsof.2026.108228_b14","series-title":"CodeGen2: Lessons for training LLMs on programming and natural languages","author":"Nijkamp","year":"2023"},{"key":"10.1016\/j.infsof.2026.108228_b15","doi-asserted-by":"crossref","unstructured":"L. Ouyang, J. Wu, X. Jiang, D. Almeida, C.L. Wainwright, P. Mishkin, C. Zhang, S. Agarwal, K. Slama, A. Ray, J. Schulman, J. Hilton, F. Kelton, L. Miller, M. Simens, A. Askell, P. Welinder, P.F. Christiano, J. Leike, R. Lowe, Training language models to follow instructions with human feedback, in: S. Koyejo, S. Mohamed, A. Agarwal, D. Belgrave, K. Cho, A. Oh (Eds.), Advances in Neural Information Processing Systems 35: Annual Conference on Neural Information Processing Systems 2022, NeurIPS 2022, New Orleans, LA, USA, November 28 - December 9, 2022, 2022.","DOI":"10.52202\/068431-2011"},{"key":"10.1016\/j.infsof.2026.108228_b16","series-title":"47th IEEE\/ACM International Conference on Software Engineering, ICSE 2025, Ottawa, ON, Canada, April 26 - May 6, 2025","first-page":"1729","article-title":"Vulnerability detection with code language models: How far are we?","author":"Ding","year":"2025"},{"key":"10.1016\/j.infsof.2026.108228_b17","doi-asserted-by":"crossref","first-page":"38889","DOI":"10.1109\/ACCESS.2025.3546700","article-title":"Finetuning large language models for vulnerability detection","volume":"13","author":"Shestov","year":"2025","journal-title":"IEEE Access"},{"key":"10.1016\/j.infsof.2026.108228_b18","series-title":"LLMs in software security: A survey of vulnerability detection techniques and insights","author":"Sheng","year":"2025"},{"key":"10.1016\/j.infsof.2026.108228_b19","doi-asserted-by":"crossref","DOI":"10.1016\/j.neunet.2026.109069","article-title":"Transfer learning strategies for vulnerability detection in software binaries","author":"Smaili","year":"2026","journal-title":"Neural Netw."},{"key":"10.1016\/j.infsof.2026.108228_b20","series-title":"MSR \u201920: 17th International Conference on Mining Software Repositories, Seoul, Republic of Korea, 29-30 June, 2020","first-page":"508","article-title":"A C\/C++ code vulnerability dataset with code changes and CVE summaries","author":"Fan","year":"2020"},{"issue":"9","key":"10.1016\/j.infsof.2026.108228_b21","doi-asserted-by":"crossref","first-page":"3280","DOI":"10.1109\/TSE.2021.3087402","article-title":"Deep learning based vulnerability detection: Are we there yet?","volume":"48","author":"Chakraborty","year":"2022","journal-title":"IEEE Trans. Softw. Eng."},{"key":"10.1016\/j.infsof.2026.108228_b22","series-title":"Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2023, Hong Kong, China, October 16-18, 2023","first-page":"654","article-title":"DiverseVul: A new vulnerable source code dataset for deep learning based vulnerability detection","author":"Chen","year":"2023"},{"issue":"6","key":"10.1016\/j.infsof.2026.108228_b23","doi-asserted-by":"crossref","first-page":"654","DOI":"10.1049\/iet-sen.2020.0084","article-title":"Literature survey of deep learning-based vulnerability analysis on source code","volume":"14","author":"Semasaba","year":"2020","journal-title":"IET Softw."},{"key":"10.1016\/j.infsof.2026.108228_b24","series-title":"DeepSeek-coder: When the large language model meets programming the rise of code intelligence","author":"Guo","year":"2024"},{"issue":"12","key":"10.1016\/j.infsof.2026.108228_b25","doi-asserted-by":"crossref","first-page":"3454","DOI":"10.1109\/TSE.2024.3493245","article-title":"StagedVulBERT: Multigranular vulnerability detection with a novel pretrained code model","volume":"50","author":"Jiang","year":"2024","journal-title":"IEEE Trans. Softw. Eng."},{"issue":"7","key":"10.1016\/j.infsof.2026.108228_b26","doi-asserted-by":"crossref","first-page":"4845","DOI":"10.1007\/s10994-022-06268-8","article-title":"The class imbalance problem in deep learning","volume":"113","author":"Ghosh","year":"2024","journal-title":"Mach. Learn."},{"key":"10.1016\/j.infsof.2026.108228_b27","series-title":"Sliding window attention training for efficient large language models","author":"Fu","year":"2025"},{"key":"10.1016\/j.infsof.2026.108228_b28","doi-asserted-by":"crossref","DOI":"10.1016\/j.infsof.2024.107581","article-title":"A dual graph neural networks model using sequence embedding as graph nodes for vulnerability detection","volume":"177","author":"Ling","year":"2025","journal-title":"Inf. Softw. Technol."},{"key":"10.1016\/j.infsof.2026.108228_b29","series-title":"GPT-4 technical report","author":"OpenAI","year":"2023"},{"key":"10.1016\/j.infsof.2026.108228_b30","series-title":"StarCoder 2 and the stack v2: The next generation","author":"Lozhkov","year":"2024"},{"key":"10.1016\/j.infsof.2026.108228_b31","series-title":"Investigating large language models for code vulnerability detection: An experimental study","author":"Jiang","year":"2024"},{"key":"10.1016\/j.infsof.2026.108228_b32","series-title":"Llama 2: Open foundation and fine-tuned chat models","author":"Touvron","year":"2023"},{"key":"10.1016\/j.infsof.2026.108228_b33","series-title":"Code llama: Open foundation models for code","author":"Rozi\u00e8re","year":"2023"},{"key":"10.1016\/j.infsof.2026.108228_b34","series-title":"International Joint Conference on Neural Networks, IJCNN 2022, Padua, Italy, July 18-23, 2022","first-page":"1","article-title":"VulBERTa: Simplified source code pre-training for vulnerability detection","author":"Hanif","year":"2022"},{"key":"10.1016\/j.infsof.2026.108228_b35","series-title":"19th IEEE\/ACM International Conference on Mining Software Repositories, MSR 2022, Pittsburgh, PA, USA, May 23-24, 2022","first-page":"608","article-title":"LineVul: A transformer-based line-level vulnerability prediction","author":"Fu","year":"2022"},{"key":"10.1016\/j.infsof.2026.108228_b36","series-title":"ESEC\/FSE \u201921: 29th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, Athens, Greece, August 23-28, 2021","first-page":"292","article-title":"Vulnerability detection with fine-grained interpretations","author":"Li","year":"2021"},{"key":"10.1016\/j.infsof.2026.108228_b37","doi-asserted-by":"crossref","DOI":"10.1016\/j.jss.2025.112448","article-title":"Transfer learning for software vulnerability prediction using Transformer models","volume":"227","author":"Kalouptsoglou","year":"2025","journal-title":"J. Syst. Softw."},{"key":"10.1016\/j.infsof.2026.108228_b38","series-title":"Data and Applications Security and Privacy XXXVIII - 38th Annual IFIP WG 11.3 Conference, DBSec 2024, San Jose, CA, USA, July 15-17, 2024, Proceedings","first-page":"221","article-title":"VulPrompt: Prompt-based vulnerability detection using few-shot graph learning","volume":"vol. 14901","author":"Irtiza","year":"2024"},{"key":"10.1016\/j.infsof.2026.108228_b39","series-title":"Longformer: The long-document transformer","author":"Beltagy","year":"2020"},{"key":"10.1016\/j.infsof.2026.108228_b40","series-title":"Late chunking: Contextual chunk embeddings using long-context embedding models","author":"G\u00fcnther","year":"2024"},{"key":"10.1016\/j.infsof.2026.108228_b41","unstructured":"A.Q. Jiang, A. Ziarko, B. Piotrowski, W. Li, M. Jamnik, P. Milos, Repurposing Language Models into Embedding Models: Finding the Compute-Optimal Recipe, in: A. Globersons, L. Mackey, D. Belgrave, A. Fan, U. Paquet, J.M. Tomczak, C. Zhang (Eds.), Advances in Neural Information Processing Systems 38: Annual Conference on Neural Information Processing Systems 2024, NeurIPS 2024, Vancouver, BC, Canada, December 10 - 15, 2024, 2024."},{"key":"10.1016\/j.infsof.2026.108228_b42","series-title":"Comparative analysis of pooling mechanisms in LLMs: A sentiment analysis perspective","author":"Xing","year":"2024"},{"issue":"2","key":"10.1016\/j.infsof.2026.108228_b43","first-page":"465","article-title":"From word types to tokens and back: A survey of approaches to word meaning representation and interpretation","volume":"49","author":"Apidianaki","year":"2023","journal-title":"Comput. Linguist."},{"issue":"6","key":"10.1016\/j.infsof.2026.108228_b44","doi-asserted-by":"crossref","first-page":"166","DOI":"10.1145\/3656341","article-title":"A survey of source code search: A 3-dimensional perspective","volume":"33","author":"Sun","year":"2024","journal-title":"ACM Trans. Softw. Eng. Methodol."},{"key":"10.1016\/j.infsof.2026.108228_b45","first-page":"1","article-title":"An imbalanced multifault diagnosis method based on bias weights AdaBoost","volume":"71","author":"Jiang","year":"2022","journal-title":"IEEE Trans. Instrum. Meas."},{"key":"10.1016\/j.infsof.2026.108228_b46","doi-asserted-by":"crossref","DOI":"10.1016\/j.eswa.2022.117233","article-title":"A novel XGBoost extension for credit scoring class-imbalanced data combining a generalized extreme value link and a modified focal loss function","volume":"202","author":"Mushava","year":"2022","journal-title":"Expert Syst. Appl."},{"issue":"3","key":"10.1016\/j.infsof.2026.108228_b47","first-page":"3139","article-title":"Generalized focal loss: Towards efficient representation learning for dense object detection","volume":"45","author":"Li","year":"2023","journal-title":"IEEE Trans. Pattern Anal. Mach. Intell."},{"key":"10.1016\/j.infsof.2026.108228_b48","doi-asserted-by":"crossref","first-page":"5203217:1","DOI":"10.1155\/2022\/5203217","article-title":"Deep neural embedding for software vulnerability discovery: Comparison and optimization","volume":"2022","author":"Yuan","year":"2022","journal-title":"Secur. Commun. Netw."},{"issue":"1","key":"10.1016\/j.infsof.2026.108228_b49","article-title":"Optimising source code vulnerability detection using deep learning and deep graph network","volume":"37","author":"Xuan","year":"2025","journal-title":"Connect. Sci."},{"issue":"1","key":"10.1016\/j.infsof.2026.108228_b50","first-page":"1929","article-title":"Dropout: a simple way to prevent neural networks from overfitting","volume":"15","author":"Srivastava","year":"2014","journal-title":"J. Mach. Learn. Res."},{"issue":"14","key":"10.1016\/j.infsof.2026.108228_b51","doi-asserted-by":"crossref","first-page":"3106","DOI":"10.3390\/electronics12143106","article-title":"A review on dropout regularization approaches for deep neural networks within the scholarly domain","volume":"12","author":"Salehin","year":"2023","journal-title":"Electronics"},{"key":"10.1016\/j.infsof.2026.108228_b52","doi-asserted-by":"crossref","DOI":"10.1016\/j.infsof.2023.107328","article-title":"A software vulnerability detection method based on deep learning with complex network analysis and subgraph partition","volume":"164","author":"Cai","year":"2023","journal-title":"Inf. Softw. Technol."},{"issue":"5","key":"10.1016\/j.infsof.2026.108228_b53","doi-asserted-by":"crossref","first-page":"516","DOI":"10.1049\/sfw2.12066","article-title":"A deep learning-based approach for software vulnerability detection using code metrics","volume":"16","author":"Subhan","year":"2022","journal-title":"IET Softw."},{"key":"10.1016\/j.infsof.2026.108228_b54","series-title":"Asian Conference on Machine Learning, ACML 2021, 17-19 November 2021, Virtual Event","first-page":"1192","article-title":"Revisiting weight initialization of deep neural networks","volume":"vol. 157","author":"Skorski","year":"2021"},{"issue":"6","key":"10.1016\/j.infsof.2026.108228_b55","doi-asserted-by":"crossref","first-page":"137","DOI":"10.1007\/s10462-024-10759-6","article-title":"A survey on imbalanced learning: latest research, applications and future directions","volume":"57","author":"Chen","year":"2024","journal-title":"Artif. Intell. Rev."}],"container-title":["Information and Software Technology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S095058492600217X?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S095058492600217X?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2026,7,2]],"date-time":"2026-07-02T22:23:26Z","timestamp":1783031006000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S095058492600217X"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,10]]},"references-count":55,"alternative-id":["S095058492600217X"],"URL":"https:\/\/doi.org\/10.1016\/j.infsof.2026.108228","relation":{},"ISSN":["0950-5849"],"issn-type":[{"value":"0950-5849","type":"print"}],"subject":[],"published":{"date-parts":[[2026,10]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"VulnScout: Imbalance-aware source code vulnerability detection using pretrained code models and Deep Neural Network","name":"articletitle","label":"Article Title"},{"value":"Information and Software Technology","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.infsof.2026.108228","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2026 Elsevier B.V. All rights are reserved, including those for text and data mining, AI training, and similar technologies.","name":"copyright","label":"Copyright"}],"article-number":"108228"}}