Code Vulnerability Detection Based on Graph Neural Network

[1] Cnnvd. [EB/OL]. https://www.cnnvd.org.cn.2023-7-19 Cnnvd . [EB/OL]. www.cnnvd.org.cn https://www.cnnvd.org.cn .2023-7-19 Search in Google Scholar

[2] Hinton G E, Osindero S, Teh Y W. A Fast Learning Algorithm for Deep Belief Nets[J]. Neural Computation, 2006, 18(7): 1527-1554. Hinton G E Osindero S Teh Y W A Fast Learning Algorithm for Deep Belief Nets[J] . Neural Computation , 2006 , 18 ( 7 ): 1527 - 1554 . Search in Google Scholar

[3] Jacob D, Ming-Wei C, Kenton L, Kristina T, et al. BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding. [C], North American Chapter of the Association for Computational Linguistics, 2019, abs/1810.04805() Jacob D Ming-Wei C Kenton L Kristina T BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding . [C], North American Chapter of the Association for Computational Linguistics , 2019 , abs/1810.04805() Search in Google Scholar

[4] Hoa K D, Truyen T, Trang P, Shien W N, John G, Aditya G, et al. Automatic feature learning for vulnerability prediction. [J], arXiv: Software Engineering, 2017, abs/1708.02368() Hoa K D Truyen T Trang P Shien W N John G Aditya G Automatic feature learning for vulnerability prediction . [J], arXiv: Software Engineering , 2017 , abs/1708.02368() Search in Google Scholar

[5] Hoa K D, Truyen T, Trang P, Shien W N, John G, Aditya G, et al. Automatic Feature Learning for Predicting Vulnerable Software Components[J], IEEE Transactions on Software Engineering, 2021, 47(1): 67-85. Hoa K D Truyen T Trang P Shien W N John G Aditya G Automatic Feature Learning for Predicting Vulnerable Software Components[J] , IEEE Transactions on Software Engineering , 2021 , 47 ( 1 ): 67 - 85 . Search in Google Scholar

[6] Sanghoon Jeon, Huy Kang Kim. Autovas: An Automated Vulnerability Analysis System with A Deep Learning Approach[J], Computers & security, 2021, 106: 102308. Jeon Sanghoon Kim Huy Kang Autovas: An Automated Vulnerability Analysis System with A Deep Learning Approach[J] , Computers & security , 2021 , 106 : 102308 . Search in Google Scholar

[7] Shigang L, Guanjun L, Lizhen Q, Jun Z, Olivier Y D V, Paul M, Yang X, et al. CD-VulD: Cross-Domain Vulnerability Discovery Based on Deep Domain Adaptation[J], IEEE Transactions on Dependable and Secure Computing, 2022, 19(1): 438-451. Shigang L Guanjun L Lizhen Q Jun Z Olivier Y D V Paul M Yang X CD-VulD: Cross-Domain Vulnerability Discovery Based on Deep Domain Adaptation[J] , IEEE Transactions on Dependable and Secure Computing , 2022 , 19 ( 1 ): 438 - 451 . Search in Google Scholar

[8] Thomas Shippey, David Bowes, Tracy Hall. Automatically identifying code features for software defect prediction: Using AST N-grams. [J], Information & Software Technology, 2019, 106(): 142-160. Shippey Thomas Bowes David Hall Tracy Automatically identifying code features for software defect prediction: Using AST N-grams . [J], Information & Software Technology , 2019 , 106 (): 142 - 160 . Search in Google Scholar

[9] Junfeng Tian, Wenjing Xing, Zhen Li. BVDetector: A Program Slice-based Binary Code Vulnerability Intelligent Detection System[J], Information & Software Technology, 2020, 123(): 106289. Tian Junfeng Xing Wenjing Li Zhen BVDetector: A Program Slice-based Binary Code Vulnerability Intelligent Detection System[J] , Information & Software Technology , 2020 , 123 (): 106289 . Search in Google Scholar

[10] Song Wang, Taiyue Liu, Lin Tan. Automatically learning semantic features for defect prediction. [J], Proceedings - International Conference on Software Engineering. International Conference on Software Engineering, 2016: 297-308. Wang Song Liu Taiyue Tan Lin Automatically learning semantic features for defect prediction [J], Proceedings - International Conference on Software Engineering . International Conference on Software Engineering , 2016 : 297 - 308 . Search in Google Scholar

[11] Fabian Y, Christian W, Hugo G, Konrad R, et al. Chucky: exposing missing checks in source code for vulnerability discovery[J], Computer Science, 2013: 499-510. Fabian Y Christian W Hugo G Konrad R Chucky: exposing missing checks in source code for vulnerability discovery[J] , Computer Science , 2013 : 499 - 510 . Search in Google Scholar

[12] Thong H, Hoa K D, Yasutaka K, David L, Naoyasu U, et al. DeepJIT: an end-to-end deep learning framework for just-in-time defect prediction[C], IEEE Working Conference on Mining Software Repositories, 2019: 34-45. Thong H Hoa K D Yasutaka K David L Naoyasu U DeepJIT: an end-to-end deep learning framework for just-in-time defect prediction[C] , IEEE Working Conference on Mining Software Repositories , 2019 : 34 - 45 . Search in Google Scholar

[13] Luca Pascarella, Fabio Palomba, Alberto Bacchelli. Fine-grained just-in-time defect prediction. [J], Journal of Systems and Software, 2019, 150(): 22-36. Pascarella Luca Palomba Fabio Bacchelli Alberto Fine-grained just-in-time defect prediction . [J], Journal of Systems and Software , 2019 , 150 (): 22 - 36 . Search in Google Scholar

[14] Yan, X. D. Research on Software Vulnerability Detection Technology Based on Static Taint Analysis and Deep Learning [Master's thesis, Harbin Institute of Technology]. DOI: 10.27061/d.cnki.ghgdu.2021.003610. Yan X. D. Research on Software Vulnerability Detection Technology Based on Static Taint Analysis and Deep Learning [ Master's thesis , Harbin Institute of Technology ]. 10.27061/d.cnki.ghgdu.2021.003610 . Open DOISearch in Google Scholar

[15] Wu F, Wang J, Liu J, Wang W. Vulnerability detection with deep learning//Proceedings of the International C onference on Computer and Communications. Chengd u, China, 2017: 1298-1302. Wu F Wang J Liu J Wang W. Vulnerability detection with deep learning//Proceedings of the International C onference on Computer and Communications . Chengdu, China , 2017 : 1298 - 1302 . Search in Google Scholar

[16] Rebecca L R, Louis K, Lei H H, Tomo L, Jacob A H, Onur O, Paul M E, Marc W M, et al. Automated Vulne rability Detection in Source Code Using Deep Represe ntation Learning[J], 2018 17th IEEE International Conf erence on Machine Learning and Applications (ICML A), 2018, abs/1807.04320: 757-762. Rebecca L R Louis K Lei H H Tomo L Jacob A H Onur O Paul M E Marc W M Automated Vulne rability Detection in Source Code Using Deep Represe ntation Learning[J] , 2018 17th IEEE International Conf erence on Machine Learning and Applications (ICML A) , 2018 , abs/1807.04320: 757 - 762 . Search in Google Scholar

[17] Han Y, Senlin L, Limin P, Yifei Z, et al. Han-Bsvd: A Hierarchical Attention Network for Binary Software V ulnerability Detection[J], Computers & security, 2021, 108: 102286. Han Y Senlin L Limin P Yifei Z Han-Bsvd: A Hierarchical Attention Network for Binary Software V ulnerability Detection[J] , Computers & security , 2021 , 108 : 102286 . Search in Google Scholar

[18] Li Z, Zou D, Xu S, et al. VulDeeLocator: A Deep Learning-based Fine-grained Vulnerability Detector[J]. IEEE Transactions on Dependable and Secure Computing, 2022, 19(4): 2821-2837. Li Z Zou D Xu S VulDeeLocator: A Deep Learning-based Fine-grained Vulnerability Detector[J] . IEEE Transactions on Dependable and Secure Computing , 2022 , 19 ( 4 ): 2821 - 2837 . Search in Google Scholar

[19] Li Z, Zou D, Xu S, et al. VulDeePecker: A Deep Learning-Based System for Vulnerability Detection[C]//Proceedings 2018 Network and Distributed System Security Symposium. 2018. Li Z Zou D Xu S VulDeePecker: A Deep Learning-Based System for Vulnerability Detection[C] // Proceedings 2018 Network and Distributed System Security Symposium . 2018 . Search in Google Scholar

[20] Zou D, Wang S, Xu S, et al. μDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 18(5): 2224-2236. Zou D Wang S Xu S μDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection[J] . IEEE Transactions on Dependable and Secure Computing , 2021 , 18 ( 5 ): 2224 - 2236 . Search in Google Scholar

[21] Li Z, Zou D, Xu S, et al. SySeVR: A Framework for Using Deep Learning to Detect Software Vulnerabilities[J]. IEEE Transactions on Dependable and Secure Computing, 2022, 19(4): 2244-2258. Li Z Zou D Xu S SySeVR: A Framework for Using Deep Learning to Detect Software Vulnerabilities[J] . IEEE Transactions on Dependable and Secure Computing , 2022 , 19 ( 4 ): 2244 - 2258 . Search in Google Scholar

[22] Zhou, Y, Liu, S, Siow, J, Du, X, Liu, Y, et al. Devign: Effective Vulnerability Identification by Learning Comprehensive Program Semantics via Graph Neural Networks[J], Advances in neural information processing systems, 2019, 32(): 10197-10207. Zhou Y Liu S Siow J Du X Liu Y Devign: Effective Vulnerability Identification by Learning Comprehensive Program Semantics via Graph Neural Networks[J] , Advances in neural information processing systems , 2019 , 32 (): 10197 - 10207 . Search in Google Scholar

[23] Wang H, Ye G, Tang Z, et al. Combining Graph-Based Learning with Automated Data Collection for Code Vulnerability Detection[J]. IEEE Transactions on Information Forensics and Security, 2021, 16: 1943-1958. Wang H Ye G Tang Z Combining Graph-Based Learning with Automated Data Collection for Code Vulnerability Detection[J] . IEEE Transactions on Information Forensics and Security , 2021 , 16 : 1943 - 1958 . Search in Google Scholar

[24] Zheng W, Jiang Y, Su X. Vu1SPG: Vulnerability Detection Based on Slice Property Graph Representation Learning[J], IEEE International Symposium on Software Reliability Engineering, 2021. Zheng W Jiang Y Su X. Vu1SPG: Vulnerability Detection Based on Slice Property Graph Representation Learning[J] , IEEE International Symposium on Software Reliability Engineering , 2021 . Search in Google Scholar

[25] Cao S, Sun X, Bo L, et al. MVD: Memory-Related Vulnerability Detection Based on Flow-Sensitive Graph Neural Networks[C]//Proceedings of the 44th International Conference on Software Engineering. 2022: 1456-1468. Cao S Sun X Bo L MVD: Memory-Related Vulnerability Detection Based on Flow-Sensitive Graph Neural Networks[C] // Proceedings of the 44th International Conference on Software Engineering . 2022 : 1456 - 1468 . Search in Google Scholar

[26] Zou D, Hu Y, Li W, Wu Y, Zhao H, Jin H. mVulPreter: A Multi-Granularity Vulnerability Detection System with Interpretations[J], IEEE Transactions on Dependable and Secure Computing, 2022, PP (99): 1-12. Zou D Hu Y Li W Wu Y Zhao H Jin H. mVulPreter: A Multi-Granularity Vulnerability Detection System with Interpretations[J] , IEEE Transactions on Dependable and Secure Computing , 2022 , PP ( 99 ): 1 - 12 . Search in Google Scholar

[27] Fabian Y, Nico G, Daniel A, Konrad R, et al. Modeling and Discovering Vulnerabilities with Code Property Graphs[C], IEEE Symposium on Security and Privacy, 2014: 590-604. Fabian Y Nico G Daniel A Konrad R Modeling and Discovering Vulnerabilities with Code Property Graphs[C] , IEEE Symposium on Security and Privacy , 2014 : 590 - 604 . Search in Google Scholar

[28] Hu Yutao, Wang Suyuan, Wu Yueming, et al. A Graph Neural Network-Based Method for Slice-Level Vulner a-bility Detection and Explanation[J]. Journal of Softw are,2023,34(06): 2543-2561. DOI:10.13328/j.cnki.jos.0 06849. Yutao Hu Suyuan Wang Yueming Wu A Graph Neural Network-Based Method for Slice-Level Vulner a-bility Detection and Explanation[J] . Journal of Softw are , 2023 , 34 ( 06 ): 2543 - 2561 . DOI: 10.13328/j.cnki.jos.006849 . Open DOISearch in Google Scholar

[29] Kingma, Diederik P., and Jimmy Lei Ba. Adam: A Method for Stochastic Optimization[J]. International Conference on Learning Representations (ICLR), 2014, abs/1412.6980. Kingma Diederik P. Ba Jimmy Lei Adam: A Method for Stochastic Optimization[J] . International Conference on Learning Representations (ICLR) , 2014 , abs/1412.6980. Search in Google Scholar

[30] Cheng X, Wang H, Hua J, et al. DeepWukong: Statically Detecting Software Vulnerabilities Using Deep Graph Neural Network[J]. ACM Transactions on Software Engineering and Methodology, 2021, 30(3): 1-33. Cheng X Wang H Hua J DeepWukong: Statically Detecting Software Vulnerabilities Using Deep Graph Neural Network[J] . ACM Transactions on Software Engineering and Methodology , 2021 , 30 ( 3 ): 1 - 33 . Search in Google Scholar

[31] Lin G, Xiao W, Zhang J, et al. Deep learning-based vulnerable function detection: A benchmark. In: Proc. of the 21st Int ‘l Conf. on Information and Communications Security (ICICS 2019). 2019. 219-232. Lin G Xiao W Zhang J Deep learning-based vulnerable function detection: A benchmark . In: Proc. of the 21st Int ‘l Conf. on Information and Communications Security (ICICS 2019) . 2019 . 219 - 232 . Search in Google Scholar

[32] Yang Y, Li G. On the Code Vulnerability Detection Based on Deep Learning: A Comparative Study[J]. IEEE Access, 2024. Yang Y Li G. On the Code Vulnerability Detection Based on Deep Learning: A Comparative Study[J] . IEEE Access , 2024 . Search in Google Scholar