GraphFVD: Property graph-based fine-grained vulnerability detection.
Saved in:
| Title: | GraphFVD: Property graph-based fine-grained vulnerability detection. |
|---|---|
| Authors: | Shao, Miaomiao1 (AUTHOR), Ding, Yuxin1 (AUTHOR), Cao, Jing1 (AUTHOR), Li, Yilin1 (AUTHOR) |
| Source: | Computers & Security. Apr2025, Vol. 151, pN.PAG-N.PAG. 1p. |
| Subject Terms: | *COMPUTER security vulnerabilities, *COMPUTER software, SOURCE code, SYNTAX (Grammar), SEMANTICS |
| Abstract: | Deep learning technology can automatically extract features from software source code, making it widely used for detecting software vulnerabilities. Most existing deep learning-based approaches rely on whole functions or sequence-level program slices to identify vulnerabilities. However, these approaches often struggle to capture comprehensive vulnerability semantics, leading to high false positive rates and false negative rates. In this paper, we propose GraphFVD, a novel property graph-based fine-grained vulnerability detection approach. Our approach extracts property graph-based slices from the Code Property Graph and introduces a Hierarchical Attention Graph Convolutional Network to learn graph embeddings. GraphFVD provides a fine-grained code representation that captures syntax, control flow, data flow, and the natural sequential order of source code relevant to vulnerabilities. We evaluate the effectiveness of our approach on two real-world vulnerability datasets. Experimental results demonstrate that our approach outperforms existing state-of-the-art vulnerability detection methods on both datasets. [ABSTRACT FROM AUTHOR] |
| Copyright of Computers & Security is the property of Pergamon Press - An Imprint of Elsevier Science and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| Database: | Business Source Index |
Full Text Finder 
Nájsť tento článok vo Web of Science Be the first to leave a comment!