| Title | An Efficient Vulnerability Extrapolation Using Similarity of Graph Kernel of PDGs |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Zeng, Jingxiang, Nie, Xiaofan, Chen, Liwei, Li, Jinfeng, Du, Gewangzi, Shi, Gang |
| Conference Name | 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) |
| Date Published | dec |
| Keywords | compositionality, extrapolation, feature extraction, Graph Kernel, Human Behavior, Labeling, Metrics, Open Source Software, privacy, program dependence graph, pubcrawl, Resiliency, supervised learning, Training, vulnerability detection, vulnerability extrapolation |
| Abstract | Discovering the potential vulnerabilities in software plays a crucial role in ensuring the security of computer system. This paper proposes a method that can assist security auditors with the analysis of source code. When security auditors identify new vulnerabilities, our method can be adopted to make a list of recommendations that may have the same vulnerabilities for the security auditors. Our method relies on graph representation to automatically extract the mode of PDG(program dependence graph, a structure composed of control dependence and data dependence). Besides, it can be applied to the vulnerability extrapolation scenario, thus reducing the amount of audit code. We worked on an open-source vulnerability test set called Juliet. According to the evaluation results, the clustering effect produced is satisfactory, so that the feature vectors extracted by the Graph2Vec model are applied to labeling and supervised learning indicators are adopted to assess the model for its ability to extract features. On a total of 12,000 small data sets, the training score of the model can reach up to 99.2%, and the test score can reach a maximum of 85.2%. Finally, the recommendation effect of our work is verified as satisfactory. |
| DOI | 10.1109/TrustCom50675.2020.00229 |
| Citation Key | zeng_efficient_2020 |
An Efficient Vulnerability Extrapolation Using Similarity of Graph Kernel of PDGs