About | Contact Us | Register | Login
ProceedingsSeriesJournalsSearchEAI
sis 24(6):

Research Article

E-GVD: Efficient Software Vulnerability Detection Techniques Based on Graph Neural Network

Download74 downloads
Cite
BibTeX Plain Text
  • @ARTICLE{10.4108/eetsis.5056,
        author={Haiye Wang and Zhiguo Qu and Le Sun},
        title={E-GVD: Efficient Software Vulnerability Detection Techniques Based on Graph Neural Network},
        journal={EAI Endorsed Transactions on Scalable Information Systems},
        volume={11},
        number={6},
        publisher={EAI},
        journal_a={SIS},
        year={2024},
        month={3},
        keywords={vulnerability detection, graph neural network, pre-trained model, interpretable machine learning},
        doi={10.4108/eetsis.5056}
    }
    
  • Haiye Wang
    Zhiguo Qu
    Le Sun
    Year: 2024
    E-GVD: Efficient Software Vulnerability Detection Techniques Based on Graph Neural Network
    SIS
    EAI
    DOI: 10.4108/eetsis.5056
Haiye Wang1,*, Zhiguo Qu1, Le Sun1
  • 1: Nanjing University of Information Science and Technology
*Contact email: whyz919@163.com

Abstract

INTRODUCTION: Vulnerability detection is crucial for preventing severe security incidents like hacker attacks, data breaches, and network paralysis. Traditional methods, however, face challenges such as low efficiency and insufficient detail in identifying code vulnerabilities.  OBJECTIVES: This paper introduces E-GVD, an advanced method for source code vulnerability detection, aiming to address the limitations of existing methods. The objective is to enhance the accuracy of function-level vulnerability detection and provide detailed, understandable insights into the vulnerabilities.  METHODS: E-GVD combines Graph Neural Networks (GNNs), which are adept at handling graph-structured data, with residual connections and advanced Programming Language (PL) pre-trained models.  RESULTS: Experiments conducted on the real-world vulnerability dataset CodeXGLUE show that E-GVD significantly outperforms existing baseline methods in detecting vulnerabilities. It achieves a maximum accuracy gain of 4.98%, indicating its effectiveness over traditional methods.  CONCLUSION: E-GVD not only improves the accuracy of vulnerability detection but also contributes by providing fine-grained explanations. These explanations are made possible through an interpretable Machine Learning (ML) model, which aids developers in quickly and efficiently repairing vulnerabilities, thereby enhancing overall software security.

Keywords
vulnerability detection, graph neural network, pre-trained model, interpretable machine learning
Received
2024-02-07
Accepted
2024-03-20
Published
2024-03-21
Publisher
EAI
http://dx.doi.org/10.4108/eetsis.5056

Copyright © 2024 H. Wang et al., licensed to EAI. This is an open access article distributed under the terms of the CC BY-NC-SA 4.0, which permits copying, redistributing, remixing, transformation, and building upon the material in any medium so long as the original work is properly cited.

EBSCOProQuestDBLPDOAJPortico
EAI Logo

About EAI

  • Who We Are
  • Leadership
  • Research Areas
  • Partners
  • Media Center

Community

  • Membership
  • Conference
  • Recognition
  • Sponsor Us

Publish with EAI

  • Publishing
  • Journals
  • Proceedings
  • Books
  • EUDL