Detection Method for C Language Family Based on Graph Neural Network and Generic Vulnerability Analysis Framework

doi:10.3969/j.issn.1671-1122.2022.10.009

Abstract

Abstract:

Most of the existing automated vulnerability mining tools have poor generalization ability and high false positive and false negative rale. In this paper, a static detection model called CSVDM was proposed for multi-class vulnerabilities in C language family. CSVDM used code similarity detection and generic vulnerability analysis framework module to perform vulnerability mining at the source code level. The similarity detection module integrated longest common subsequence(LCS) algorithm and graph neural network to implement code cloning and homology detection, generating the vulnerability similarity list according to a preset threshold. The generic vulnerability analysis framework module performed context-dependent data flow and controled flow analysis of the source code to be tested to compensate for the the similarity detection module’s high false negatives in detecting vulnerabilities not caused by code cloning, and generated the vulnerability analysis list. CSVDM combined the vulnerability similarity list and the vulnerability analysis list to generate the final vulnerability detection report. The experimental results show that CSVDM has a substantial improvement in evaluation metrics compared to other vulnerability mining tools such as checkmarx.

Key words: generic vulnerability analysis framework, LCS algorithm, Skip-Gram model, graph neural network, graph attention mechanism

CLC Number:

TP309

ZHU Lina, MA Mingrui, ZHU Dongzhao. Detection Method for C Language Family Based on Graph Neural Network and Generic Vulnerability Analysis Framework[J]. Netinfo Security, 2022, 22(10): 59-68.

Figures/Tables 21

References 15

[1]	LIU Jian, SU Purui, YANG Min, et al. Software and Cyber Security-A Survey[J]. Journal of Software, 2018, 29(1): 42-68.
	刘剑, 苏璞睿, 杨珉, 等. 软件与网络安全研究综述[J]. 软件学报, 2018, 29(1): 42-68.
[2]	KULENOVIC M, DONKO D. A Survey of Static Code Analysis Methods for Security Vulnerabilities Detection[C]// IEEE. 2014 37th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO). New York: IEEE, 2014: 1381-1386.
[3]	MA Mingrui, HAN Lansheng, QIAN Yekui. CVDF DYNAMIC-A Dynamic Fuzzy Testing Sample Generation Framework Based on Bi-LSTM and Genetic Algorithm[J]. Sensors, 2022, 22(3): 12-25.
[4]	LI Zhen, ZOU Deqing, XU Shouhuai, et al. Vulpecker: An Automated Vulnerability Detection System Based on Code Similarity Analysis[C]// ACM. Proceedings of the 32nd Annual Conference on Computer Security Applications. New York: ACM, 2016: 201-213.
[5]	XIA Zhiyang, YI Ping, YANG Tao. Static Vulnerability Detection Based on Neural Network and Code Similarity[J]. Computer Engineering, 2019, 45(12): 141-146.
	夏之阳, 易平, 杨涛. 基于神经网络与代码相似性的静态漏洞检测[J]. 计算机工程, 2019, 45(12): 141-146.
[6]	LIANG Hongliang, WANG Lei, WU Dongyang, et al. MLSA: A Static Bugs Analysis Tool Based on LLVM IR[C]// IEEE. 2016 17th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD). New York: IEEE, 2016: 407-412.
[7]	FANG Zhejun, LIU Qixu, ZHANG Yuqing, et al. A Static Technique for Detecting Input Validation Vulnerabilities in Android Apps[J]. Science China Information Sciences, 2017, 60(5): 1-16.
[8]	GRIECO G, GRINBLAT G L, UZAL L, et al. Toward Large-Scale Vulnerability Discovery Using Machine Learning[C]// ACM. Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy. New York: ACM, 2016: 85-96.
[9]	YAMAGUCHI F, MAIER A, GASCON H, et al. Automatic Inference of Search Patterns for Taint-Style Vulnerabilities[C]// IEEE. 2015 IEEE Symposium on Security and Privacy. New York: IEEE, 2015: 797-812.
[10]	LI Zhen, ZOU Deqing, XU Shouhuai, et al. Vuldeepecker: A Deep Learning-Based System for Vulnerability Detection[J]. (2018-01-05)[2022-06-22]. https://arxiv.org/abs/1801.01681v1.
[11]	LIN Guanjun, ZHANG Jun, LUO Wei, et al. Cross-Project Transfer Representation Learning for Vulnerable Function Discovery[J]. IEEE Transactions on Industrial Informatics, 2018, 14(7): 3289-3297.
[12]	ZHOU Yaqin, LIU Shangqing, SIOW J, et al. Devign: Effective Vulnerability Identification by Learning Comprehensive Program Semantics via Graph Neural Networks[J]. Advances in Neural Information Processing Systems, 2019(32): 12-18.
[13]	MIKOLOV T, CHEN Kai, CORRADO G, et al. Efficient Estimation of Word Representations in Vector Space[EB/OL]. (2012-09-07)[2022-06-22]. https://arxiv.org/abs/1301.3781.
[14]	TANG Jian, QU Meng, WANG Mingzhe, et al. LINE: Large-Scale Information Network Embedding[EB/OL]. (2015-03-12)[2022-06-22]. https://arxiv.org/abs/1503.03578.
[15]	NIST. NVD[EB/OL]. [2022-06-29]. https://nvd.nist.gov/.

状态字符	$Q'$	$L$	$D$	$U$
0	$\{X\}$	$\text{ }\!\!\{\!\!\text{ 1,2,}Y\text{ }\!\!\}\!\!\text{ }$	$\varphi $	$\text{ }\!\!\{\!\!\text{ 1,2,}Y\text{ }\!\!\}\!\!\text{ }$
1	$\text{ }\!\!\{\!\!\text{ 1,2,}Y\text{ }\!\!\}\!\!\text{ }$	$\text{ }\!\!\{\!\!\text{ 2,}Y\text{ }\!\!\}\!\!\text{ }$	$\text{ }\!\!\{\!\!\text{ 2,}Y\text{ }\!\!\}\!\!\text{ }$	$\text{ }\!\!\{\!\!\text{ 2,}Y\text{ }\!\!\}\!\!\text{ }$
2	$\text{ }\!\!\{\!\!\text{ 2,}Y\text{ }\!\!\}\!\!\text{ }$	$\text{ }\!\!\{\!\!\text{ 2,}Y\text{ }\!\!\}\!\!\text{ }$	$\text{ }\!\!\{\!\!\text{ 2,}Y\text{ }\!\!\}\!\!\text{ }$	$\text{ }\!\!\{\!\!\text{ 2,}Y\text{ }\!\!\}\!\!\text{ }$

数量	I	like	enjoy	deep	Learning	NLP	Flying	.
I	0	2	1	0	0	0	0	0
like	2	0	0	1	0	1	0	0
enjoy	1	0	0	0	0	0	1	0
deep	0	1	0	0	1	0	0	0
Learning	0	0	0	1	0	0	0	1
NLP	0	1	0	0	0	0	0	1
Flying	0	0	1	0	0	0	0	1
.	0	0	0	0	1	1	1	0

评价指标模型	W_AvgFPR	W_AvgTPR	W_AvgF1
CSVDM	1.03%	92.88%	91.37%
Vuldeepecker	19.84%	63.87%	65.32%
Checkmarx	23.81%	46.52%	43.28%
Flawfinder	39.64%	32.38%	31.73%
相似性模型	10.33%	69.84%	69.24%

评价指标模型	W_AvgFPR	W_AvgTPR	W_AvgF1
Model1	5.84%	82.17%	80.65%
Model2	8.89%	77.69%	75.64%
Model3	8.17%	78.17%	76.21%
Model4	1.96%	89.69%	87.24%
Model5	1.03%	92.88%	91.37%

评价指标$\theta $	W_AvgFPR	W_AvgTPR	W_AvgF1
0.2	7.83%	82.37%	79.66%
0.3	6.25%	84.36%	81.74%
0.4	4.89%	87.87%	85.23%
0.5	2.52%	89.97%	88.35%
0.6	1.04%	92.78%	91.29%
0.7	1.74%	90.46%	89.33%
0.8	3.84%	88.71%	84.99%