Our work explores the utilization of deep learning, specifically leveraging the CodeBERT model, to enhance code security testing for Python applications by detecting SQL injection vulnerabilities. Unlike traditional security testing methods that may be slow and error-prone, our approach transforms source code into vector representations and trains a Long Short-Term Memory (LSTM) model to identify vulnerable patterns. When compared with existing static application security testing (SAST) tools, our model displays superior performance, achieving higher precision, recall, and F1-score. The study demonstrates that deep learning techniques, particularly with CodeBERT's advanced contextual understanding, can significantly improve vulnerability detection, presenting a scalable methodology applicable to various programming languages and vulnerability types.

翻译：本研究探索利用深度学习技术，特别是基于CodeBERT模型，通过检测SQL注入漏洞来增强Python应用程序的代码安全测试。与传统可能缓慢且易出错的安全测试方法不同，我们的方法将源代码转换为向量表示，并训练长短期记忆（LSTM）模型以识别易受攻击的模式。与现有的静态应用程序安全测试（SAST）工具相比，我们的模型表现出更优的性能，实现了更高的精确率、召回率和F1分数。研究表明，深度学习技术，特别是借助CodeBERT先进的上下文理解能力，可以显著改善漏洞检测，提出了一种可扩展的方法论，适用于多种编程语言和漏洞类型。