Mobile QR Code
Title Comparison of Program Representations on Vulnerability Detection with Graph Neural Networks
Authors (Yoola Choi) ; (Young-Woo Kwon)
Page pp.477-482
ISSN 2287-5255
Keywords Vulnerability detection; Graph neural networks; Static program analysis
Abstract As software vulnerabilities have surged, efforts to discover them have increased. The syntactic and semantic information of a program is required to detect vulnerabilities. Each information can be represented as a graph, such as Abstract Syntax Tree and Program Dependency Graph. In this paper, the program representations were extracted using various static analysis tools, including Clang Static Analyzer, Joern, and SVF, and compared using Graph Neural Networks to select the appropriate representations for vulnerability detection in C/C++. From the comparison, PDG shows the best performance among the multiple representations. This result indicates a suitable program representation and a tool for vulnerability detection that can be utilized in research utilizing graph neural networks.