• Enhanced Graph Neural Networks...

*Result*: Enhanced Graph Neural Networks for Vulnerability Detection in Java via Advanced Subgraph Construction

Title:
Enhanced Graph Neural Networks for Vulnerability Detection in Java via Advanced Subgraph Construction
Authors:
Lekeufack Foulefack, Rosmael Zidane, Marchetto, Alessandro
Contributors:
Lekeufack Foulefack, Rosmael Zidane, Marchetto, Alessandro
Publisher Information:
Springer Cham
Cham (SW)
Publication Year:
2025
Collection:
Università degli Studi di Trento: CINECA IRIS
Subject Terms:
Deep learning, Embedding, Graph neural Network, Java Source code, Vulnebility detection
Document Type:
*Conference* conference object
Language:
English
Relation:
info:eu-repo/semantics/altIdentifier/isbn/9783031808883; info:eu-repo/semantics/altIdentifier/wos/WOS:001446560600009; ispartofbook:Testing Software and Systems; 36th IFIP WG 6.1 International Conference on Testing Software and Systems (ICTSS 2024); volume:15383; firstpage:131; lastpage:148; numberofpages:18; serie:LECTURE NOTES IN COMPUTER SCIENCE; https://hdl.handle.net/11572/449211
DOI:
10.1007/978-3-031-80889-0_9
Availability:
https://hdl.handle.net/11572/449211
https://doi.org/10.1007/978-3-031-80889-0_9
https://link.springer.com/book/10.1007/978-3-031-80889-0_9
Rights:
info:eu-repo/semantics/closedAccess ; license:Tutti i diritti riservati (All rights reserved) ; license uri:iris.PRI01
Accession Number:
edsbas.6FAE4AFA
Database:
BASE

*Further Information*

*Software vulnerability detection (SVD) in source code remains a significant challenge, capturing the attention of researchers due to its critical importance. Numerous automated detection techniques have emerged, leveraging deep learning and large language models. Graph Neural Network models have been used for SVD and have shown promising results. However, graph-based models often struggle to capture long-term dependencies within code snippets due to simplistic hop neighborhood encoding. This study explores the potential of enhancing graph neural networks by capturing both local and global complex code structures through node and edge embeddings. By generating contextualised embeddings using Node2vec model, we aim to enrich the model’s understanding of source code through an advanced subgraph construction. Our results demonstrate an improvement in the detection capabilities of graph neural networks for identifying vulnerabilities at the statement level in Java source code. Specifically, the proposed approach has achieved a detection precision of up to 82.08% (i.e., improvement of 11.33%), enhancing the model’s noise robustness and detection capability. ; Software vulnerability detection (SVD) in source code remains a significant challenge, capturing the attention of researchers due to its critical importance. Numerous automated detection techniques have emerged, leveraging deep learning and large language models. Graph Neural Network models have been used for SVD and have shown promising results. However, graph-based models often struggle to capture long-term dependencies within code snippets due to simplistic hop neighborhood encoding. This study explores the potential of enhancing graph neural networks by capturing both local and global complex code structures through node and edge embeddings. By generating contextualised embeddings using Node2vec model, we aim to enrich the model’s understanding of source code through an advanced subgraph construction. Our results demonstrate an improvement in the detection ...*