BovdGFE: buffer overflow vulnerability detection based on graph feature extraction

Automatically detecting buffer overflow vulnerabilities is an important research topic in software security. Recent studies have shown that vulnerability detection performance utilizing deep learning-based techniques can be significantly enhanced. However, due to information loss during code represe...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Applied intelligence (Dordrecht, Netherlands) Ročník 53; číslo 12; s. 15204 - 15221
Hlavní autoři: Lv, Xinghang, Peng, Tao, Chen, Jia, Liu, Junping, Hu, Xinrong, He, Ruhan, Jiang, Minghua, Cao, Wenli
Médium: Journal Article
Jazyk:angličtina
Vydáno: New York Springer US 01.06.2023
Springer Nature B.V
Témata:
Artificial Intelligence
Buffers
Computer Science
Deep learning
Feature extraction
Machine learning
Machines
Manufacturing
Mechanical Engineering
Overflow
Processes
Representations
Deep learning
Data dependency graph
Abstract syntax tree
Code representation
Vulnerability detection
Control flow graph
ISSN:0924-669X, 1573-7497
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Automatically detecting buffer overflow vulnerabilities is an important research topic in software security. Recent studies have shown that vulnerability detection performance utilizing deep learning-based techniques can be significantly enhanced. However, due to information loss during code representation, existing approaches cannot learn the features associated with vulnerabilities, leading to a high false negative rate (FNR) and low precision. To resolve the existing problems, we propose a method for buffer overflow vulnerability detection based on graph feature extraction (BovdGFE) in C/C++ programs. BovdGFE constructs the buffer overflow function samples. Then, we present a new representation structure, code representation sequence (CoRS), which incorporates the control flow, data dependencies, and syntax structure of the vulnerable code for reducing information loss during code representation. After the function samples are transformed into CoRS, a deep learning model is used to learn vulnerable features and perform vulnerability classification. The results of the experiments show that BovdGFE improves the precision and FNR by 6.3 % and 3.9 % respectively compared with state-of-the-art methods, which can significantly improve the capability of vulnerability detection.
Bibliografie:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0924-669X
1573-7497
DOI:10.1007/s10489-022-04214-8