A multitype software buffer overflow vulnerability prediction method based on a software graph structure and a self-attentive graph neural network

•A method for predicting buffer overflow vulnerabilities in multiple types of software is proposed.•A software vulnerability feature set called GSVFset is proposed.•A vulnerability feature update mechanism based on self-attentive graph neural network is designed. Buffer overflow vulnerabilities are...

Full description

Saved in:

Bibliographic Details
Published in:	Information and software technology Vol. 160; p. 107246
Main Authors:	Zheng, Zhangqi, Liu, Yongshan, Zhang, Bing, Liu, Xinqian, He, Hongyan, Gong, Xiang
Format:	Journal Article
Language:	English
Published:	Elsevier B.V 01.08.2023
Subjects:	Graph neural networks Multitype buffer overflow vulnerability Self-attentive Software graph structure Software graph structure Graph neural networks Multitype buffer overflow vulnerability Self-attentive
ISSN:	0950-5849, 1873-6025
Online Access:	Get full text
Tags:	Add Tag No Tags, Be the first to tag this record!

Description
Summary:	•A method for predicting buffer overflow vulnerabilities in multiple types of software is proposed.•A software vulnerability feature set called GSVFset is proposed.•A vulnerability feature update mechanism based on self-attentive graph neural network is designed. Buffer overflow vulnerabilities are one of the most common and dangerous software vulnerabilities; however, the complexity of software code makes predicting buffer overflow vulnerabilities in software challenging. To accurately predict multiple types of software buffer overflow vulnerabilities, this paper proposes a multitype software buffer overflow vulnerability prediction method called MSVAGraph that is based on the graph structure of software and a self-attentive graph neural network. First, by analyzing software buffer overflow type vulnerabilities, a vulnerability feature set GSVFset extraction method based on graph structure is proposed to act as the software's basic unit. Second, a self-attentive pooling mechanism is used to design a vulnerability feature update mechanism based on a self-attentive graph neural network to transform the graph structure of the vulnerability feature set GSVFset into a feature vector representation. Finally, based on the updated GSVFset feature vector, a time-recursive-based neural network is designed to construct a prediction method for multitype software buffer overflow vulnerabilities. The method proposed in this paper validates executable programs of four types of buffer overflow vulnerabilities in the Juliet dataset using precision, accuracy, recall and F1 value as evaluation metrics. The prediction results have higher values after introducing the self-attentive pooling mechanism. The proposed MSVAGraph achieves high precision, accuracy, recall and F1 value, and can better preserve the network topology and node content information of graphs in the software's graph structure.
ISSN:	0950-5849 1873-6025
DOI:	10.1016/j.infsof.2023.107246