A multitype software buffer overflow vulnerability prediction method based on a software graph structure and a self-attentive graph neural network

•A method for predicting buffer overflow vulnerabilities in multiple types of software is proposed.•A software vulnerability feature set called GSVFset is proposed.•A vulnerability feature update mechanism based on self-attentive graph neural network is designed. Buffer overflow vulnerabilities are...

Celý popis

Uloženo v:

Podrobná bibliografie
Vydáno v:	Information and software technology Ročník 160; s. 107246
Hlavní autoři:	Zheng, Zhangqi, Liu, Yongshan, Zhang, Bing, Liu, Xinqian, He, Hongyan, Gong, Xiang
Médium:	Journal Article
Jazyk:	angličtina
Vydáno:	Elsevier B.V 01.08.2023
Témata:	Graph neural networks Multitype buffer overflow vulnerability Self-attentive Software graph structure Software graph structure Graph neural networks Multitype buffer overflow vulnerability Self-attentive
ISSN:	0950-5849, 1873-6025
On-line přístup:	Získat plný text
Tagy:	Přidat tag Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!

Popis
Shrnutí:	•A method for predicting buffer overflow vulnerabilities in multiple types of software is proposed.•A software vulnerability feature set called GSVFset is proposed.•A vulnerability feature update mechanism based on self-attentive graph neural network is designed. Buffer overflow vulnerabilities are one of the most common and dangerous software vulnerabilities; however, the complexity of software code makes predicting buffer overflow vulnerabilities in software challenging. To accurately predict multiple types of software buffer overflow vulnerabilities, this paper proposes a multitype software buffer overflow vulnerability prediction method called MSVAGraph that is based on the graph structure of software and a self-attentive graph neural network. First, by analyzing software buffer overflow type vulnerabilities, a vulnerability feature set GSVFset extraction method based on graph structure is proposed to act as the software's basic unit. Second, a self-attentive pooling mechanism is used to design a vulnerability feature update mechanism based on a self-attentive graph neural network to transform the graph structure of the vulnerability feature set GSVFset into a feature vector representation. Finally, based on the updated GSVFset feature vector, a time-recursive-based neural network is designed to construct a prediction method for multitype software buffer overflow vulnerabilities. The method proposed in this paper validates executable programs of four types of buffer overflow vulnerabilities in the Juliet dataset using precision, accuracy, recall and F1 value as evaluation metrics. The prediction results have higher values after introducing the self-attentive pooling mechanism. The proposed MSVAGraph achieves high precision, accuracy, recall and F1 value, and can better preserve the network topology and node content information of graphs in the software's graph structure.
ISSN:	0950-5849 1873-6025
DOI:	10.1016/j.infsof.2023.107246