Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

White-Basilisk: A Hybrid Model for Code Vulnerability Detection

Ioannis Lamprou, Alexander Shevtsov, Ioannis Arapakis, Sotiris Ioannidis

TL;DR

This work tackles code vulnerability detection under long-context constraints by challenging the notion that bigger models are always better. It introduces White-Basilisk, a compact 200M-parameter model that fuses Mamba state-space layers, Basilisk Self-Attention with linear scaling, and Mixture of Experts to process extremely long code sequences efficiently. Across five benchmarks, including PRIMEVUL and BigVul, the approach achieves state-of-the-art results and demonstrates strong cross-dataset generalization, outperforming much larger models. The results emphasize that architectural innovation enabling long-range context can yield substantial practical gains for domain-specific security tasks, with implications for efficient AI deployment in resource-constrained settings.

Abstract

The proliferation of software vulnerabilities presents a significant challenge to cybersecurity, necessitating more effective detection methodologies. We introduce White-Basilisk, a novel approach to vulnerability detection that demonstrates superior performance while challenging prevailing assumptions in AI model scaling. Utilizing an innovative architecture that integrates Mamba layers, linear self-attention, and a Mixture of Experts framework, White-Basilisk achieves state-of-the-art results in vulnerability detection tasks with a parameter count of only 200M. The model's capacity to process sequences of unprecedented length enables comprehensive analysis of extensive codebases in a single pass, surpassing the context limitations of current Large Language Models (LLMs). White-Basilisk exhibits robust performance on imbalanced, real-world datasets, while maintaining computational efficiency that facilitates deployment across diverse organizational scales. This research not only establishes new benchmarks in code security but also provides empirical evidence that compact, efficiently designed models can outperform larger counterparts in specialized tasks, potentially redefining optimization strategies in AI development for domain-specific applications.

White-Basilisk: A Hybrid Model for Code Vulnerability Detection

TL;DR

This work tackles code vulnerability detection under long-context constraints by challenging the notion that bigger models are always better. It introduces White-Basilisk, a compact 200M-parameter model that fuses Mamba state-space layers, Basilisk Self-Attention with linear scaling, and Mixture of Experts to process extremely long code sequences efficiently. Across five benchmarks, including PRIMEVUL and BigVul, the approach achieves state-of-the-art results and demonstrates strong cross-dataset generalization, outperforming much larger models. The results emphasize that architectural innovation enabling long-range context can yield substantial practical gains for domain-specific security tasks, with implications for efficient AI deployment in resource-constrained settings.

Abstract

The proliferation of software vulnerabilities presents a significant challenge to cybersecurity, necessitating more effective detection methodologies. We introduce White-Basilisk, a novel approach to vulnerability detection that demonstrates superior performance while challenging prevailing assumptions in AI model scaling. Utilizing an innovative architecture that integrates Mamba layers, linear self-attention, and a Mixture of Experts framework, White-Basilisk achieves state-of-the-art results in vulnerability detection tasks with a parameter count of only 200M. The model's capacity to process sequences of unprecedented length enables comprehensive analysis of extensive codebases in a single pass, surpassing the context limitations of current Large Language Models (LLMs). White-Basilisk exhibits robust performance on imbalanced, real-world datasets, while maintaining computational efficiency that facilitates deployment across diverse organizational scales. This research not only establishes new benchmarks in code security but also provides empirical evidence that compact, efficiently designed models can outperform larger counterparts in specialized tasks, potentially redefining optimization strategies in AI development for domain-specific applications.

Paper Structure

This paper contains 63 sections, 17 equations, 1 figure, 18 tables.

Table of Contents

  1. Introduction
  2. Related Work
  3. Model Architecture
  4. Basilisk Self-Attention
  5. Integration with Mamba and Mixture of Experts
  6. Pretraining
  7. Fine-tuning and Evaluation
  8. Experimental Results
  9. Main Results: Dataset-Specific and Unified Training
  10. PRIMEVUL Paired Evaluation
  11. Context Length Impact
  12. Limitations and Future Work
  13. Conclusion
  14. Appendix
  15. Architectural Details and Hyperparameters
  16. ...and 48 more sections

Figures (1)

  • Figure 1: White-Basilisk Model architecture