Code Property Graph based Vulnerability Type Identification with Fusion Representation.

CSCWD(2023)

引用 0|浏览2
暂无评分
摘要
Deep learning-based vulnerability detection methods have become one of the mainstream methods of vulnerability detection. The vulnerability type information is of great value in helping vulnerability location and vulnerability remediation. This paper proposes a framework for Vulnerability Type Identification based on Code Property Graph with Fusion Representation. First, this paper uses code property graph information. Code property graph(CPG) is a joint data structure that combines Abstract Syntax Trees(AST), Control Flow Graphs (CFG), and Program Dependency Graphs (PDG). We encode CPG information. Secondly, we use Convolutional neural network combined with Recurrent Neural Network(CNN-RNN) and Attention-Based Bidirectional Gate Recurrent Unit (Att-BiGRU) to extract AST and CFG combined with PDG information. We fuse the extracted features to obtain an effective representation. And then, we perform multi-classification to derive the predicted value of the vulnerability type. Finally, we use 59 vulnerabilities with third-level CWE-ID for evaluation. The experiments show that this paper’s code property graph information can better represent the type information of vulnerabilities. Compared with the classical RNNs, our model in this paper has a more accurate identification effect.
更多
查看译文
关键词
Vulnerability detection,Type identification,Code property graph
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要