Code vulnerability detection method based on  graph neural network

CHEN Hao, YI Ping

doi:10.11959/j.issn.2096-109x.2021039

网络与信息安全学报 (Jun 2021)

Code vulnerability detection method based on graph neural network

CHEN Hao, YI Ping

Affiliations

CHEN Hao, YI Ping: School of Cyber Science and Engineering, Shanghai Jiao Tong University, Shanghai 200240, China

DOI: https://doi.org/10.11959/j.issn.2096-109x.2021039
Journal volume & issue: Vol. 7, no. 3
pp. 37 – 45

Abstract

Read online

The schemes of using neural networks for vulnerability detection are mostly based on traditional natural language processing ideas, processing the code as array samples and ignoring the structural features in the code, which may omit possible vulnerabilities. A code vulnerability detection method based on graph neural network was proposed, which realized function-level code vulnerability detection through the control flow graph feature of the intermediate language. Firstly, the source code was compiled into an intermediate representation, and then the control flow graph containing structural information was extracted. At the same time, the word vector embedding algorithm was used to initialize the vector of basic block to extract the code semantic information. Then both of above were spliced to generate the graph structure sample data. The multilayer graph neural network model was trained and tested on graph structure data features. The open source vulnerability sample data set was used to generate test data to evaluate the method proposed. The results show that the method effectively improves the vulnerability detection ability.

Published in 网络与信息安全学报

ISSN: 2096-109X (Print)
Publisher: POSTS&TELECOM PRESS Co., LTD
Country of publisher: China
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: http://www.infocomm-journal.com/cjnis/CN/2096-109X/home.shtml

About the journal

Abstract

Keywords