基于残差门控图卷积网络的源代码漏洞检测

doi:10.3778/j.issn.1002-8331.2207-0361

摘要/Abstract

摘要： 软件漏洞是导致网络安全事故的一项重要因素。针对现有静态代码分析工具存在较高的误报率与漏报率问题，提出了一种基于残差门控图卷积网络的自动化漏洞检测方法。首先将源代码转换成包含语义、语法特征信息的代码图数据，然后使用残差门控图卷积神经网络对图结构数据进行表示学习，最后训练神经网络模型来预测代码漏洞，实现了C/C++函数代码自动漏洞检测。该方法采用VDISC数据集来验证有效性，检测结果的F1值（CWE-119漏洞类型）达到了76.60%，并与基线方法相比，F1值分别提高了9.46个百分点、7.24个百分点、5.67个百分点、8.42个百分点，所提方法有效提高了漏洞检测能力，证明了该方法的有效性。

关键词: 图卷积网络, 漏洞检测, 深度学习

Abstract: Software vulnerabilities are an important factor leading to network security incidents. To address the problem of high false positive and false negative rates of existing static code analysis tools, an automated vulnerability detection method based on residual gated graph convolutional networks is proposed. Firstly, the source code is converted into code graph data containing semantic and syntactic feature information, then a residual gated graph convolutional neural network is used to learn the representation of the graph structure data, and finally a neural network model is trained to predict code vulnerabilities, enabling automatic vulnerability detection of C/C++ function code. In this paper, the method uses VDISC dataset to verify the effectiveness of the method, and the F1 value （CWE-119 vulnerability type） of the detection result reaches 76.60%, and compared with the baseline methods, the F1 value is improved by 9.46 percentage points, 7.24 percentage points, 5.67 percentage points and 8.42 percentage points respectively, and the proposed method effectively improves the vulnerability detection ability. The effectiveness of the method is proved.

Key words: graph convolutional networks, vulnerability detection, deep learning

张俊, 李山山, 李磊, 王浩宇. 基于残差门控图卷积网络的源代码漏洞检测[J]. 计算机工程与应用, 2023, 59(22): 293-299.

ZHANG Jun, LI Shanshan, LI Lei, WANG Haoyu. Source Code Vulnerability Detection Based on Residual Gated Graph Convolutional Networks[J]. Computer Engineering and Applications, 2023, 59(22): 293-299.

参考文献

[1] ANDRONIDIS A，CADAR C.SnapFuzz：an efficient fuzzing framework for network applications[J].arXiv：2201.04048，2022.
[2] XU Z，CHEN B，CHANDRAMOHAN M，et al.SPAIN：security patch analysis for binaries towards understanding the pain and pills[C]//Proceedings?of?the 39th International Conference on Software Engineering，2017：462-472.
[3] CHANDRAMOHAN M，XUE Y，XU Z，et al.BinGo：cross-architecture cross-OS binary search[C]//Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering，2016：678-689.
[4] LI Y，XUE Y，CHEN H，et al.Cerebro：context-aware adaptive fuzzing for effective vulnerability detection[C]//Proceedings?of?the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering，2019：533-544.
[5] CHEN H，XUE Y，LI Y，et al.Hawkeye：towards a desired directed grey-box fuzzer[C]//Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security，2018：2095-2108.
[6] LI Y，CHEN B，CHANDRAMOHAN M，et al.Steelix：program-state based binary fuzzing[C]//Proceedings?of?the 2017 11th Joint Meeting on Foundations of Software Engineering，2017：627-637.
[7] NEUHAUS S，ZIMMERMANN T，HOLLER C，et al.Predicting vulnerable software components[C]//Proceedings of the 2007 ACM Conference on Computer and Communications Security，2007：529-540.
[8] NGUYEN V H，TRAN L M S.Predicting vulnerable software components with dependency graphs[C]//Proceedings of the 6th International Workshop on Security Measurements and Metrics，2010.
[9] SHIN Y，MENEELY A，WILLIAMS L，et al.Evaluating complexity，code churn，and developer activity metrics as indicators of software vulnerabilities[J].IEEE Transactions on Software Engineering，2011，37（6）：772-787.
[10] CWE.CWE list version 3.1[EB/OL]（2018）[2022-06-08].https：//cwe.mitre.org/data/index.html.
[11] BESSEY A，BLOCK K，CHELF B，et al.A few billion lines of code later：using static analysis to find bugs in the real world[J].Communications of the ACM，2010，53（2）：66-75.
[12] MURALI V，CHAUDHURI S，JERMAINE C.Bayesian specification learning for finding API usage errors[C]//Proceedings of the Joint Meeting on Foundations of Software Engineering，2017：151-162.
[13] CHANG R Y，PODGURSKI A.Discovering programming rules and violations by mining interprocedural dependences[J].Journal of Software Evolution and Process，2012，24（1）：51-66.
[14] NGUYEN T T，NGUYEN H A，PHAM N H，et al.Graph-based mining of multiple object usage patterns[C]//Proceedings of the 7th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering，Amsterdam，2009.
[15] LI Z，ZOU D，XU S，et al.VulDeePecker：a deep learning-based system for vulnerability detection[C]//Proceedings of the 25th Annual Network and Distributed System Security Symposium，2018.
[16] RUSSELL R，KIM L，HAMILTON L，et al.Automated vulnerability detection in source code using deep representation learning[C]//Proceedings of the 2018 17th IEEE International Conference on Machine Learning and Applications，2018：757-762.
[17] DAM H K，TRAN T，PHAM T，et al.Automatic feature learning for vulnerability prediction[J].arXiv：1708.02368，2017.
[18] HOCHREITER S，SCHMIDHUBER J.Long short-term memory[J].Neural Computation，1997，9（8）：1735-1780.
[19] DEVLIN J，CHANG M W，LEE K，et al.BERT：pre-training of deep bidirectional transformers for language understanding[C]//Proceedings of the 2019 Conference of the North American Chapter of the Association for Computational Linguistics：Human Language Technologies，2019：4171-4186.
[20] KIM Y.Convolutional neural networks for sentence classification[C]//Proceedings of the 2014 Conference on Empirical Methods in Natural Language Processing，2014：1746-1751.
[21] LI Z，ZOU D，XU S，et al.SySeVR：a framework for using deep learning to detect software vulnerabilities[J].IEEE Transactions on Dependable and Secure Computing，2022，19（4）：2244-2258.
[22] HAMILTON W L，YING R，LESKOVEC J.Representation learning on graphs：methods and applications[J].arXiv：1709.05584，2017.
[23] NGUYEN D Q.Representation learning for graph-structured data[D].Monash University，2021.
[24] WU Z，PAN S，CHEN F，et al.A comprehensive survey on graph neural networks[J].arXiv：1901.00596，2019.
[25] HUANG L，MA D，LI S，et al.Text level graph neural network for text classification[C]//Proceedings of the 2019 Conference on Empirical Methods in Natural Language Processing and the 9th International Joint Conference on Natural Language Processing，2019：3442-3448.
[26] NGUYEN D Q，NGUYEN T D，PHUNG D.Quaternion graph neural networks[C]//Proceedings of the 2021 Asian Conference on Machine Learning，2021：236-251.
[27] YAO L，MAO C，LUO Y.Graph convolutional networks for text classification[C]//Proceedings of the 33rd AAAI Conference on Artificial Intelligence，the 31st Innovative Applications of Artificial Intelligence Conference，the 9th AAAI Symposium on Educational Advances in Artificial Intelligence，2019：7370-7377.
[28] ZHANG Y，YU X，CUI Z，et al.Every document owns its structure：inductive text classification via graph neural networks[C]//Proceedings of the 58th Annual Meeting of the Association for Computational Linguistics，2020：334-339.
[29] BRESSON X，LAURENT T.Residual gated graph Conv-
Nets[J].arXiv：1711.07553，2017.
[30] KIPF T N，WELLING M.Semi-supervised classification with graph convolutional networks[C]//Proceedings of the 5th International Conference on Learning Representations，2017.
[31] VELICKOVIC P，CUCURULL G，CASANOVA A，et al.Graph attention networks[J].arXiv：1710.10903，2017.
[32] LI Y，TARLOW D，BROCKSCHMIDT M，et al.Gated graph sequence neural networks[J].arXiv：1511.05493，2015.
[33] RUSSELL R L，KIM L Y，HAMILTON L H，et al.Automated vulnerability detection in source code using deep representation learning[C]//Proceedings of the 2018 17th IEEE International Conference on Machine Learning and Applications，2018：757-762.