English

MVD: Memory-Related Vulnerability Detection Based on Flow-Sensitive Graph Neural Networks

Cryptography and Security 2022-03-08 v1 Software Engineering

Abstract

Memory-related vulnerabilities constitute severe threats to the security of modern software. Despite the success of deep learning-based approaches to generic vulnerability detection, they are still limited by the underutilization of flow information when applied for detecting memory-related vulnerabilities, leading to high false positives. In this paper,we propose MVD, a statement-level Memory-related Vulnerability Detection approach based on flow-sensitive graph neural networks (FS-GNN). FS-GNN is employed to jointly embed both unstructured information (i.e., source code) and structured information (i.e., control- and data-flow) to capture implicit memory-related vulnerability patterns. We evaluate MVD on the dataset which contains 4,353 real-world memory-related vulnerabilities, and compare our approach with three state-of-the-art deep learning-based approaches as well as five popular static analysisbased memory detectors. The experiment results show that MVD achieves better detection accuracy, outperforming both state-of-theart DL-based and static analysis-based approaches. Furthermore, MVD makes a great trade-off between accuracy and efficiency.

Keywords

Cite

@article{arxiv.2203.02660,
  title  = {MVD: Memory-Related Vulnerability Detection Based on Flow-Sensitive Graph Neural Networks},
  author = {Sicong Cao and Xiaobing Sun and Lili Bo and Rongxin Wu and Bin Li and Chuanqi Tao},
  journal= {arXiv preprint arXiv:2203.02660},
  year   = {2022}
}

Comments

To appear in the Technical Track of ICSE 2022

R2 v1 2026-06-24T10:03:01.442Z