Chao Ni,Xinrong Guo,Yan Zhu,Xiaodan Xu,Xiaohu Yang

DOI: https://doi.org/10.1109/ase56229.2023.00084

2024-01-01

Abstract:Software vulnerabilities damage the functionality of software systems. Recently, many deep learning-based approaches have been proposed to detect vulnerabilities at the function level by using one or a few different modalities (e.g., text representation, graph-based representation) of the function and have achieved promising performance. However, some of these existing studies have not completely leveraged these diverse modalities, particularly the underutilized image modality, and the others using images to represent functions for vulnerability detection have not made adequate use of the significant graph structure underlying the images. In this paper, we propose MVulD, a multi-modal-based function-level vulnerability detection approach, which utilizes multi-modal features of the function (i.e., text representation, graph representation, and image representation) to detect vulnerabilities. Specifically, MVulD utilizes a pre-trained model (i.e., UniXcoder) to learn the semantic information of the textual source code, employs the graph neural network to distill graph-based representation, and makes use of computer vision techniques to obtain the image representation while retaining the graph structure of the function. We conducted a large-scale experiment on 25,816 functions. The experimental results show that MVulD improves four state-of-the-art baselines by 30.8%-81.3%, 12.8%-27.4%, 48.8%-115%, and 22.9%-141% in terms of F1-score, Accuracy, Precision, and PR-AUC respectively.

Jinfu Chen,Yemin Yin,Saihua Cai,Weijia Wang,Shengran Wang,Jiming Chen

DOI: https://doi.org/10.1016/j.scico.2024.103156

IF: 1.039

2024-01-01

Science of Computer Programming

Abstract:Software vulnerability detection is a challenging task in the security field, the boom of deep learning technology promotes the development of automatic vulnerability detection. Compared with sequence-based deep learning models, graph neural network (GNN) can learn the structural features of code, it performs well in the field of vulnerability detection for source code. However, different GNNs have different detection results for the same code, and using a single kind of GNN may lead to high false positive rate and false negative rate. In addition, the complex structure of source code causes single GNN model cannot effectively learn their depth feature, thereby leading to low detection accuracy. To solve these limitations, we propose a software vulnerability detection model called iGnnVD based on the integrated graph neural networks. In the proposed iGnnVD model, the base detectors including GCN, GAT and APPNP are first constructed to capture the bidirectional information in the code graph structure with bidirectional structure; And then, the residual connection is used to aggregate the features while retaining the features each time; Finally, the convolutional layer is used to perform the aggregated classification. In addition, an integration module that analyses the detection results of three detectors for final classification is designed using a voting strategy to solve the problem of high false positive rate and false negative rate caused by using a single kind of base detector. We perform extensive experiments on three datasets and experimental results show that the proposed iGnnVD model can improve the detection accuracy of vulnerabilities in source code as well as reduce the false positive rate and false negative rate compared with existing deep learning-based vulnerability detection models, it also has good stability.

Li Zhou,Minhuan Huang,Yujun Li,Yuanping Nie,Jin Li,Yiwei Liu

DOI: https://doi.org/10.48550/arXiv.2202.02501

2022-02-05

Abstract:With the continuous extension of the Industrial Internet, cyber incidents caused by software vulnerabilities have been increasing in recent years. However, software vulnerabilities detection is still heavily relying on code review done by experts, and how to automatedly detect software vulnerabilities is an open problem so far. In this paper, we propose a novel solution named GraphEye to identify whether a function of C/C++ code has vulnerabilities, which can greatly alleviate the burden of code auditors. GraphEye is originated from the observation that the code property graph of a non-vulnerable function naturally differs from the code property graph of a vulnerable function with the same functionality. Hence, detecting vulnerable functions is attributed to the graph classification <a class="link-external link-http" href="http://problem.GraphEye" rel="external noopener nofollow">this http URL</a> is comprised of VecCPG and GcGAT. VecCPG is a vectorization for the code property graph, which is proposed to characterize the key syntax and semantic features of the corresponding source code. GcGAT is a deep learning model based on the graph attention graph, which is proposed to solve the graph classification problem according to VecCPG. Finally, GraphEye is verified by the SARD Stack-based Buffer Overflow, Divide-Zero, Null Pointer Deference, Buffer Error, and Resource Error datasets, the corresponding F1 scores are 95.6%, 95.6%,96.1%,92.6%, and 96.1% respectively, which validate the effectiveness of the proposed solution.

Cryptography and Security,Machine Learning

Chunyong Zhang,Bin Liu,Qing-Hai Fan,Xin Yang,Hao Zhu

DOI: https://doi.org/10.36227/techrxiv.19783456.v1

2022-01-01

Abstract:Static code vulnerability detection is a critical topic in software security. Existing software analysis methods have a high rate of false positives and false negatives. Researchers are interested in employing deep learning to discover vulnerabilities automatically, thanks to the recent success of deep learning algorithms in other application domains.This paper aims at the problem of insufficient and effective extraction of syntax and semantics, the issue of data imbalance, and the problem of overlapping feature distributions between vulnerable and non-vulnerable samples. We illustrate how to create models in a more principled way. We build GSM, a systematic vulnerability detection model based on Graph Attention Network, Sampling methods, and Metric Learning, one phase for one problem solution. When compared to the state-of-the-art approaches, our method achieves 11.5%, 12.3%, 12.57%, and 7.90% improvement in Precision, Recall, F1-Score, and AUC, respectively. Finally, based on the methods proposed in each stage of this paper, we put forward directions and suggestions for more efficient vulnerability detection tasks in the following research.

Wenbo Guo,Yong Fang,Cheng Huang,Haoran Ou,Chun Lin,Yongyan Guo

DOI: https://doi.org/10.1016/j.cose.2022.102823

IF: 5.105

2022-01-01

Computers & Security

Abstract:In recent years, software programs tend to be large and complex, software has become the infrastructure of modern society, but software security issues can not be ignored. software vulnerabilities have become one of the main threats to computer security. There are countless cases of exploiting source code vulnerabilities to launch attacks. At the same time, the development of open source software has made source code vulnerability detection more and more critical. Traditional vulnerability mining methods have been unable to meet the security analysis needs of complex software because of the high false-positive rate and false-negative rate. To resolve the existing problems, we propose a graph neural network vulnerability mining system named HyVulDect based on hybrid semantics, which constructs a composite semantic code property graph for code representation based on the causes of vulnerabilities. A gated graph neural network is used to extract deep semantic information. Since most of the vulnerabilities are data flow associated, we use taint analysis to extract the taint propagation chain, use the BiLSTM model to extract the token-level features of the context, and finally use the classifier to classify the fusion features. We introduce a dual-attention mechanism that allows the model to focus on vulnerability-related code, making it more suitable for vulnerability mining tasks. The experimental results show that HyVulDect outperforms existing state-of-the-art methods and can achieve an accuracy rate of 92% on the benchmark dataset. Compared with the rule-based static mining tools Flawfinder, RATS, and Cppcheck, it has better performance and can effectively detect the actual CVE source code vulnerabilities. (C) 2022 Elsevier Ltd. All rights reserved.

Xiangxin Meng,Shaoxiao Lu,Xu Wang,Xudong Liu,Chunming Hu

DOI: https://doi.org/10.1109/apsec60848.2023.00036

2023-01-01

Abstract:The increasing richness of software applications contributes to the enhanced productivity and convenience in daily life. However, the growing software complexity simultaneously poses significant challenges to software security. As one of the most important solutions, vulnerability detection technology attracts increasing attention. This paper proposes a novel vulnerability detection method HybridNN based on graph neural networks (GNNs). To begin, we simplify the code property graph (CPG) to design a hybrid code graph (HCG) which is better suitable for the deep semantic extraction via GNN models. Subsequently, the datasets consisting of considerable amount of samples including both artificially synthesized and real-world vulnerabilities are constructed. Next, we leverage a GNN model with a hierarchical attention mechanism which is proficient in extracting deep semantics in heterogeneous graphs, and apply it to the newly designed HCG representation. Moreover, we propose UD-Sampling method, which combines up-sampling and down-sampling methods, to balance the distribution of the training samples. Finally, extensive experiments are conducted, showing that HybridNN outperforms all baseline methods.

Yufan Zhuang,Sahil Suneja,Veronika Thost,Giacomo Domeniconi,Alessandro Morari,Jim Laredo

DOI: https://doi.org/10.48550/arXiv.2109.03341

2021-09-08

Abstract:Identifying vulnerable code is a precautionary measure to counter software security breaches. Tedious expert effort has been spent to build static analyzers, yet insecure patterns are barely fully enumerated. This work explores a deep learning approach to automatically learn the insecure patterns from code corpora. Because code naturally admits graph structures with parsing, we develop a novel graph neural network (GNN) to exploit both the semantic context and structural regularity of a program, in order to improve prediction performance. Compared with a generic GNN, our enhancements include a synthesis of multiple representations learned from the several parsed graphs of a program, and a new training loss metric that leverages the fine granularity of labeling. Our model outperforms multiple text, image and graph-based approaches, across two real-world datasets.

Artificial Intelligence,Software Engineering

Xin Peng,Shangwen Wang,Yihao Qin,Bo Lin,Liqian Chen,Xiaoguang Mao

2024-12-13

Abstract:Software vulnerability detection is crucial for high-quality software development. Recently, some studies utilizing Graph Neural Networks (GNNs) to learn the graph representation of code in vulnerability detection tasks have achieved remarkable success. However, existing graph-based approaches mainly face two limitations that prevent them from generalizing well to large code graphs: (1) the interference of noise information in the code graph; (2) the difficulty in capturing long-distance dependencies within the graph. To mitigate these problems, we propose a novel vulnerability detection method, ANGLE, whose novelty mainly embodies the hierarchical graph refinement and context-aware graph representation learning. The former hierarchically filters redundant information in the code graph, thereby reducing the size of the graph, while the latter collaboratively employs the Graph Transformer and GNN to learn code graph representations from both the global and local perspectives, thus capturing long-distance dependencies. Extensive experiments demonstrate promising results on three widely used benchmark datasets: our method significantly outperforms several other baselines in terms of the accuracy and F1 score. Particularly, in large code graphs, ANGLE achieves an improvement in accuracy of 34.27%-161.93% compared to the state-of-the-art method, AMPLE. Such results demonstrate the effectiveness of ANGLE in vulnerability detection tasks.

Software Engineering

Peng Xiao,Qibin Xiao,Xusheng Zhang,Yumei Wu,Fengyu Yang

DOI: https://doi.org/10.1109/tifs.2024.3392536

IF: 7.231

2024-05-10

IEEE Transactions on Information Forensics and Security

Abstract:The detection of program vulnerabilities remains a challenging task in software security. The existing vulnerability detection methods rarely consider the multidimensional feature space complementarity of program graph structures, which easily overlooks contextual environment features and syntax structure features. This disadvantage leads to insufficient performance in capturing complex structural features, which hinders the improvement in detection accuracy. To address this issue, this paper introduces a novel vulnerability detection method, EnGS2F, which adopts the representation learning of an enhanced graph structure to improve the efficiency of capturing vulnerability information. On the dimension of the graph structure, a context relationship graph (CRG) is integrated on the basis of a program dependency graph (PDG) to enrich the global structural context representation. On the dimension of graph nodes, abstract syntax tree (AST) embedding and paragraph embedding are integrated to solve the problem of insufficient feature space complementarity. Moreover, the combination of a gated graph neural network (GGNN) with a graph attention mechanism further improves the learning performance of the enhanced graph structure. EnGS2F has been rigorously evaluated on program slices from open-source vulnerability datasets, demonstrating significant improvements over current competitive methods in detecting program vulnerabilities. Specifically, EnGS2F achieved a significant increase in the F1 score, outperforming existing technologies by 6%.

computer science, theory & methods,engineering, electrical & electronic

CHEN Hao,YI Ping

DOI: https://doi.org/10.11959/j.issn.2096-109x.2021039

2021-01-01

Abstract:The schemes of using neural networks for vulnerability detection are mostly based on traditional natural language processing ideas, processing the code as array samples and ignoring the structural features in the code, which may omit possible vulnerabilities. A code vulnerability detection method based on graph neural network was proposed, which realized function-level code vulnerability detection through the control flow graph feature of the intermediate language. Firstly, the source code was compiled into an intermediate representation, and then the control flow graph containing structural information was extracted. At the same time, the word vector embedding algorithm was used to initialize the vector of basic block to extract the code semantic information. Then both of above were spliced to generate the graph structure sample data. The multilayer graph neural network model was trained and tested on graph structure data features. The open source vulnerability sample data set was used to generate test data to evaluate the method proposed. The results show that the method effectively improves the vulnerability detection ability.

Tiehua Zhang,Rui Xu,Jianping Zhang,Yuze Liu,Xin Chen,Jun Yin,Xi Zheng

DOI: https://doi.org/10.1145/3674729

IF: 3.685

2024-06-28

ACM Transactions on Software Engineering and Methodology

Abstract:Vulnerability detection is a critical problem in software security and attracts growing attention both from academia and industry. Traditionally, software security is safeguarded by designated rule-based detectors that heavily rely on empirical expertise, requiring tremendous effort from software experts to generate rule repositories for large code corpus. Recent advances in deep learning, especially Graph Neural Networks (GNN), have uncovered the feasibility of automatic detection of a wide range of software vulnerabilities. However, prior learning-based works only break programs down into a sequence of word tokens for extracting contextual features of codes, or apply GNN largely on homogeneous graph representation (e.g., AST) without discerning complex types of underlying program entities (e.g., methods, variables). In this work, we are one of the first to explore heterogeneous graph representation in the form of Code Property Graph and adapt a well-known heterogeneous graph network with a dual-supervisor structure for the corresponding graph learning task. Using the prototype built, we have conducted extensive experiments on both synthetic datasets and real-world projects. Compared with the state-of-the-art baselines, the results demonstrate superior performance in vulnerability detection (average F1 improvements over 10% in real-world projects) and language-agnostic transferability from C/C++ to other programming languages (average F1 improvements over 11%).

computer science, software engineering

Tiehua Zhang,Rui Xu,Jianping Zhang,Yuze Liu,Xin Chen,Jun Yin,Xi Zheng

2024-06-06

Abstract:Vulnerability detection is a critical problem in software security and attracts growing attention both from academia and industry. Traditionally, software security is safeguarded by designated rule-based detectors that heavily rely on empirical expertise, requiring tremendous effort from software experts to generate rule repositories for large code corpus. Recent advances in deep learning, especially Graph Neural Networks (GNN), have uncovered the feasibility of automatic detection of a wide range of software vulnerabilities. However, prior learning-based works only break programs down into a sequence of word tokens for extracting contextual features of codes, or apply GNN largely on homogeneous graph representation (e.g., AST) without discerning complex types of underlying program entities (e.g., methods, variables). In this work, we are one of the first to explore heterogeneous graph representation in the form of Code Property Graph and adapt a well-known heterogeneous graph network with a dual-supervisor structure for the corresponding graph learning task. Using the prototype built, we have conducted extensive experiments on both synthetic datasets and real-world projects. Compared with the state-of-the-art baselines, the results demonstrate promising effectiveness in this research direction in terms of vulnerability detection performance (average F1 improvements over 10\% in real-world projects) and transferability from C/C++ to other programming languages (average F1 improvements over 11%).

Software Engineering,Machine Learning

Xin-Cheng Wen,Cuiyun Gao,Jiaxin Ye,Yichen Li,Zhihong Tian,Yan Jia,Xuan Wang

2023-12-11

Abstract:In recent years, deep learning (DL)-based methods have been widely used in code vulnerability detection. The DL-based methods typically extract structural information from source code, e.g., code structure graph, and adopt neural networks such as Graph Neural Networks (GNNs) to learn the graph representations. However, these methods fail to consider the heterogeneous relations in the code structure graph, i.e., the heterogeneous relations mean that the different types of edges connect different types of nodes in the graph, which may obstruct the graph representation learning. Besides, these methods are limited in capturing long-range dependencies due to the deep levels in the code structure graph. In this paper, we propose a Meta-path based Attentional Graph learning model for code vulNErability deTection, called MAGNET. MAGNET constructs a multi-granularity meta-path graph for each code snippet, in which the heterogeneous relations are denoted as meta-paths to represent the structural information. A meta-path based hierarchical attentional graph neural network is also proposed to capture the relations between distant nodes in the graph. We evaluate MAGNET on three public datasets and the results show that MAGNET outperforms the best baseline method in terms of F1 score by 6.32%, 21.50%, and 25.40%, respectively. MAGNET also achieves the best performance among all the baseline methods in detecting Top-25 most dangerous Common Weakness Enumerations (CWEs), further demonstrating its effectiveness in vulnerability detection.

Software Engineering

Mingwei Tang,Wei Tang,Qingchi Gui,Jie Hu,Mingfeng Zhao

DOI: https://doi.org/10.1016/j.eswa.2023.122216

IF: 8.5

2023-10-23

Expert Systems with Applications

Abstract:It is essential to detect potential vulnerabilities in software to ensure its safety. As software systems become more complex, traditional static vulnerability detection methods perform poorly. Currently, deep learning-based vulnerability detection models only extract source code vulnerability features using sequences or graphs. Sequential neural networks ignore structural information in the code, such as control flow diagrams and data flow diagrams. Additionally, graph neural networks cannot accurately extract features due to the lack of effective methods for extracting nodes' features and aggregating global information. To address the above issue, we propose a vulnerability detection algorithm based on residual graph attention networks for source code imbalance (RGAN). Firstly, a local feature extraction module (PE-BL-A module) is designed. Using the sequence neural network, the module extracts various useful features, including node features in a control flow diagram based on local semantic features. Secondly, we present the Residual Graph Attention Network module (RGAT). To learn and update node features along the control flow direction, the module uses a graph attention network with residual connections. In this module, a mean biaffine attention pooling mechanism is proposed that can extract total graph vulnerability features more effectively. Thirdly, a dynamic cross-entropy loss function is designed. Using this function, it can handle sample imbalances during training. Finally, experiments conducted on several benchmark datasets demonstrate that the proposed model achieves state-of-the-art results.

computer science, artificial intelligence,engineering, electrical & electronic,operations research & management science

Huijiang Liu,Shuirou Jiang,Xuexin Qi,Yang Qu,Hui Li,Tingting Li,Cheng Guo,Shikai Guo

DOI: https://doi.org/10.1016/j.eswa.2023.121764

IF: 8.5

2023-10-07

Expert Systems with Applications

Abstract:Code vulnerabilities are common in software systems and may cause many problems, including Stack Overflow, memory leaks, and so on. Public reports show that code vulnerabilities are increasing year by year, which brings greater threats to the security of software systems. Thus a variety of neural network models have been developed to detect code vulnerabilities. However, the previous neural network models cannot fully express the semantics and structure of the code with as little overhead as possible, and they also cannot enhance learning of difficult samples. Addressing to this issue, we designed a model built upon GGNN for Detecting Software Vulnerabilities (GDSV), which contains three components. Specifically, Graph Embedding component extracts the semantic and structural features, and generates a graph representation of the code; GGNN component learns these features and detects vulnerabilities in the code; weighted component improves the learning ability of Vulnerable samples through the Focal Loss function. A serial of experiments on the datasets of FFmpeg and QEMU were conducted, and the results show that GDSV performs better than the state-of-the-art efforts based on various widely used evaluations.

computer science, artificial intelligence,engineering, electrical & electronic,operations research & management science

Wenjing Cai,Junlin Chen,Jiaping Yu,Lipeng Gao

DOI: https://doi.org/10.1016/j.infsof.2023.107328

IF: 3.9

2023-12-01

Information and Software Technology

Abstract:The increasing size and complexity of software programs have made them an integral part of modern society’s infrastructure, making software vulnerabilities a major threat to computer security. To address this issue, the use of deep learning-based software vulnerability detection methods has become increasingly popular. Although the effectiveness of the deep learning-based methods has been demonstrated, these methods have faced challenges in scalability and detection performance. To tackle this challenge, we propose a new vulnerability detection method based on deep learning with complex network analysis and subgraph partition that enhances detection accuracy while maintaining scalability. The method uses complex network analysis theory to convert the CPG into an image-like matrix, and then utilizes TextCNN for vulnerability detection. As a result, our method shows a 6% improvement in accuracy and a 10% reduction in false positive rates compared to state-of-the-art methods. In addition, our approach is able to detect some of the vulnerabilities recently released by CVE.

computer science, information systems, software engineering

Fangcheng Qiu,Zhongxin Liu,Xing Hu,Xin Xia,Gang Chen,Xinyu Wang

DOI: https://doi.org/10.1109/tse.2024.3427815

IF: 7.4

2024-08-18

IEEE Transactions on Software Engineering

Abstract:During software development and maintenance, vulnerability detection is an essential part of software quality assurance. Even though many program-analysis-based and machine-learning-based approaches have been proposed to automatically detect vulnerabilities, they rely on explicit rules or patterns defined by security experts and suffer from either high false positives or high false negatives. Recently, an increasing number of studies leverage deep learning techniques, especially Graph Neural Network (GNN), to detect vulnerabilities. These approaches leverage program analysis to represent the program semantics as graphs and perform graph analysis to detect vulnerabilities. However, they suffer from two main problems: (i) Existing GNN-based techniques do not effectively learn the structural and semantic features from source code for vulnerability detection. (ii) These approaches tend to ignore fine-grained information in source code. To tackle these problems, in this paper, we propose a novel vulnerability detection approach, named MGVD (M ultiple-G raph-Based V ulnerability D etection), to detect vulnerable functions. To effectively learn the structural and semantic features from source code, MGVD uses three different ways to represent each function into multiple forms, i.e., two statement graphs and a sequence of tokens. Then we encode such representations to a three-channel feature matrix. The feature matrix contains the structural feature and the semantic feature of the function. And we add a weight allocation layer to distribute the weights between structural and semantic features. To overcome the second problem, MGVD constructs each graph representation of the input function using multiple different graphs instead of a single graph. Each graph focuses on one statement in the function and its nodes denote the related statements and their fine-grained code elements. Finally, MGVD leverages CNN to identify whether this function is vulnerable based on such feature matrix. We conduct experiments on 3 vulnerability datasets with a total of 30,341 vulnerable functions and 127,931 non-vulnerable functions. The experimental results show that our method outperforms the state-of-the-art by 9.68% – 10.28% in terms of F1-score.

engineering, electrical & electronic,computer science, software engineering

Qian Wang,Zhengdao Li,Hetong Liang,Xiaowei Pan,Hui Li,Tingting Li,Xiaochen Li,Chenchen Li,Shikai Guo

DOI: https://doi.org/10.1016/j.engappai.2024.108296

IF: 8

2024-03-22

Engineering Applications of Artificial Intelligence

Abstract:Code vulnerability exposes millions of software to the possibility of being attacked, as evidence every year on increasing reports of security issues, such as information leaks, system compromise, and denial of service. Despite with many vulnerability detection models proposed so far, their effectiveness is still limited due to the ignorance of syntactic structural information analysis in source code and the improper handling of labeling errors. To address these issues, we propose the Graph Confident Learning for Software Vulnerability Detection (GCL4SVD) model, a machine learning model to detect software vulnerability in the development phase. It comprises two components: code graph embedding and graph confident learning denoising. To address the syntactic structural information analysis limitation, the code graph embedding component extracts the structure and semantic information of source code with a sliding window mechanism, and then encodes source code into a graph structure to capture the patterns and characteristics of code vulnerabilities. Additionally, the graph confident learning denoising component identifies labeling errors to improve the quality of training set. Experimental results show that GCL4SVD outperforms the state-of-the-art vulnerability detection models on four open source datasets by 3.7%, 3.3%, 2.5%, 0.8% in terms of Accuracy, respectively, and by 10.2%, 21.8%, 8.2%, 11.2% in terms of F1-score.

automation & control systems,computer science, artificial intelligence,engineering, electrical & electronic, multidisciplinary

Wei Xiao,Zhengzhang Hou,Tao Wang,Chengxian Zhou,Chao Pan

DOI: https://doi.org/10.1016/j.infsof.2024.107442

IF: 3.9

2024-06-01

Information and Software Technology

Abstract:Software security has drawn extensive attention as software projects have grown increasingly large and complex. Since the traditional manual or equipment vulnerability detection technology cannot meet today&#x27;s software development needs, there is a recognized need to create more effective techniques to address security issues. Although various vulnerability detection systems have been proposed, most are based only on serialization or graph representation, to inadequate effect. We propose a system, MSGVUL, that provides superior vulnerability detection using a new multi-semantic approach. MSGVUL uses versatile and efficient code slicing employing a search algorithm based on sensitive data and functions and innovatively constructs an SSVEC model to fully integrate the semantic and structural information into the code. We also developed a novel BAG model, made up of BAP and PAG frameworks, that enables the hierarchical extraction of code vulnerability representations from the graph and sequence levels. The MSGVUL model is evaluated on slice-level and function-level vulnerability datasets, and the results demonstrate that the MSGVUL method outperforms other state-of-the-art methods.

computer science, information systems, software engineering

Peng Liu,Wenzhe Ye,Haiying Duan,Xianxian Li,Shuyi Zhang,Chuanjian Yao,Yongnan Li

DOI: https://doi.org/10.1186/s42400-023-00160-1

2023-01-01

Abstract:Vulnerability reports are essential for improving software security since they record key information on vulnerabilities. In a report, CWE denotes the weakness of the vulnerability and thus helps quickly understand the cause of the vulnerability. Therefore, CWE assignment is useful for categorizing newly discovered vulnerabilities. In this paper, we propose an automatic CWE assignment method with graph neural networks. First, we prepare a dataset that contains 3394 real world vulnerabilities from Linux, OpenSSL, Wireshark and many other software programs. Then, we extract statements with vulnerability syntax features from these vulnerabilities and use program slicing to slice them according to the categories of syntax features. On top of slices, we represent these slices with graphs that characterize the data dependency and control dependency between statements. Finally, we employ the graph neural networks to learn the hidden information from these graphs and leverage the Siamese network to compute the similarity between vulnerability functions, thereby assigning CWE IDs for these vulnerabilities. The experimental results show that the proposed method is effective compared to existing methods.