2021
DOI: 10.1016/j.infsof.2021.106576
|View full text |Cite
|
Sign up to set email alerts
|

BGNN4VD: Constructing Bidirectional Graph Neural-Network for Vulnerability Detection

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
73
0

Year Published

2021
2021
2023
2023

Publication Types

Select...
4
3
2

Relationship

1
8

Authors

Journals

citations
Cited by 152 publications
(73 citation statements)
references
References 12 publications
0
73
0
Order By: Relevance
“…For software vulnerability detection, prior approaches have utilized document embedding methods like Doc2Vec [29], or word embedding methods such as GloVe [47] and Word2Vec [43] to generate pre-trained vectors for singular tokens, which are then aggregated in some way. For example, Cao et al [9] utilized averaged Word2Vec embeddings to transform raw code statements into vector representations.…”
Section: Source Code Embeddingmentioning
confidence: 99%
See 1 more Smart Citation
“…For software vulnerability detection, prior approaches have utilized document embedding methods like Doc2Vec [29], or word embedding methods such as GloVe [47] and Word2Vec [43] to generate pre-trained vectors for singular tokens, which are then aggregated in some way. For example, Cao et al [9] utilized averaged Word2Vec embeddings to transform raw code statements into vector representations.…”
Section: Source Code Embeddingmentioning
confidence: 99%
“…The model outputs often present developers with limited information for prediction outcome validation and interpretation, leading to extra efforts when evaluating and mitigating the software vulnerabilities. Consequently, many proposed SVD solutions have transitioned to either function-level [9,10,32,61] or slice-level [12,33,35,36] predictions, which are a major improvement from file-level predictions [16,24,52]. Some other works further leverage supplementary information, such as commit-level code changes with accompanying log messages, to build the prediction model [23,49].…”
Section: Introductionmentioning
confidence: 99%
“…CFGs form the entire representation of the Android application. It forms a graph consisting of finite sets of nodes (N) [23] of the documented API calls and the finite set of edges (E) [24], which link successive instructions. Control Flow Graph (CFG) is a directed graph description of how a program is controlled during execution.…”
Section: Api Callsmentioning
confidence: 99%
“…Cao et al collected a C/C++ vulnerability dataset from GitHub and the National Vulnerability Database, consisting of 2149 vulnerabilities [57]. They used the dataset to train a bi-directional graph neural network for a vulnerability detection system.…”
Section: Vulnerability Datasetsmentioning
confidence: 99%