MVD: Memory-Related Vulnerability Detection Based on Flow-Sensitive Graph Neural Networks
Abstract
Memory-related vulnerabilities constitute severe threats to the security of modern software. Despite the success of deep learning-based approaches to generic vulnerability detection, they are still limited by the underutilization of flow information when applied for detecting memory-related vulnerabilities, leading to high false positives. In this paper,we propose MVD, a statement-level Memory-related Vulnerability Detection approach based on flow-sensitive graph neural networks (FS-GNN). FS-GNN is employed to jointly embed both unstructured information (i.e., source code) and structured information (i.e., control- and data-flow) to capture implicit memory-related vulnerability patterns. We evaluate MVD on the dataset which contains 4,353 real-world memory-related vulnerabilities, and compare our approach with three state-of-the-art deep learning-based approaches as well as five popular static analysisbased memory detectors. The experiment results show that MVD achieves better detection accuracy, outperforming both state-of-theart DL-based and static analysis-based approaches. Furthermore, MVD makes a great trade-off between accuracy and efficiency.
Cite
@article{arxiv.2203.02660,
title = {MVD: Memory-Related Vulnerability Detection Based on Flow-Sensitive Graph Neural Networks},
author = {Sicong Cao and Xiaobing Sun and Lili Bo and Rongxin Wu and Bin Li and Chuanqi Tao},
journal= {arXiv preprint arXiv:2203.02660},
year = {2022}
}
Comments
To appear in the Technical Track of ICSE 2022