Inductive Vulnerability Detection via Gated Graph Neural Network

2022 IEEE 25th International Conference on Computer Supported Cooperative Work in Design (CSCWD)(2022)

Cited 2|Views30
No score
Vulnerability detection is an essential means to ensure the normal operation of various software tools and system security. The Recurrent Neural Networks (RNNs) have achieved remarkable results in vulnerability detection, but the sequence-based code representation has great limitations in feature expression and propagation. In this paper, we propose a fine-grained code vulnerability detection framework based on Gated Graph Neural Network (GGNN). Firstly, we process the source code into fine-grained slices. Secondly, graph embedding of code slices is constructed by clustering neighborhood information. Finally, GGNN is used to learn the syntax and semantic information of vulnerability codes for graph-level classification. Furthermore, we theoretically analyze that GGNN has a strong inductive learning ability. This means that the model requires only a small amount of training data to obtain sufficient advanced features, which is significant for vulnerability detection tasks that are difficult to collect data sets. We carry out conventional experiments and inductive experiments with manually collected data sets, and the results show that the framework is superior to RNNs in vulnerability detection performance. Moreover, our framework performs better than RNNs under inductive conditions.
Translated text
Key words
Vulnerability detection,Inductive learning,Gated graph neural network,Code slices,Graph embedding
AI Read Science
Must-Reading Tree
Generate MRT to find the research sequence of this paper
Chat Paper
Summary is being generated by the instructions you defined