{"title":"GraphFVD: Property graph-based fine-grained vulnerability detection","authors":"Miaomiao Shao, Yuxin Ding, Jing Cao, Yilin Li","doi":"10.1016/j.cose.2025.104350","DOIUrl":null,"url":null,"abstract":"<div><div>Deep learning technology can automatically extract features from software source code, making it widely used for detecting software vulnerabilities. Most existing deep learning-based approaches rely on whole functions or sequence-level program slices to identify vulnerabilities. However, these approaches often struggle to capture comprehensive vulnerability semantics, leading to high false positive rates and false negative rates. In this paper, we propose GraphFVD, a novel property graph-based fine-grained vulnerability detection approach. Our approach extracts property graph-based slices from the Code Property Graph and introduces a Hierarchical Attention Graph Convolutional Network to learn graph embeddings. GraphFVD provides a fine-grained code representation that captures syntax, control flow, data flow, and the natural sequential order of source code relevant to vulnerabilities. We evaluate the effectiveness of our approach on two real-world vulnerability datasets. Experimental results demonstrate that our approach outperforms existing state-of-the-art vulnerability detection methods on both datasets.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"151 ","pages":"Article 104350"},"PeriodicalIF":4.8000,"publicationDate":"2025-01-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404825000392","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Deep learning technology can automatically extract features from software source code, making it widely used for detecting software vulnerabilities. Most existing deep learning-based approaches rely on whole functions or sequence-level program slices to identify vulnerabilities. However, these approaches often struggle to capture comprehensive vulnerability semantics, leading to high false positive rates and false negative rates. In this paper, we propose GraphFVD, a novel property graph-based fine-grained vulnerability detection approach. Our approach extracts property graph-based slices from the Code Property Graph and introduces a Hierarchical Attention Graph Convolutional Network to learn graph embeddings. GraphFVD provides a fine-grained code representation that captures syntax, control flow, data flow, and the natural sequential order of source code relevant to vulnerabilities. We evaluate the effectiveness of our approach on two real-world vulnerability datasets. Experimental results demonstrate that our approach outperforms existing state-of-the-art vulnerability detection methods on both datasets.
期刊介绍:
Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world.
Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
