Code property graph: Difference between revisions

Code property graphs provide the basis for several machine-learning-based approaches to vulnerability discovery. In particular, [[graph neural network]]s (GNN) have been employed to derive vulnerability detectors.<ref>{{cite journal |last1=Zhou |first1=Yaqin |last2=Liu |first2=Shangqing |last3=Siow |first3=Jingkai |last4=Du |first4=Xiaoning |last5=Liu |first5=Yang |title=Devign: effective vulnerability identification by learning comprehensive program semantics via graph neural networks |journal=Proceedings of the 33rd International Conference on Neural Information Processing Systems |date=8 December 2019 |pages=10197–10207 |url=https://dl.acm.org/doi/10.5555/3454287.3455202 |publisher=Curran Associates Inc.|arxiv=1909.03496 }}</ref><ref>{{cite book |last1=Haojie |first1=Zhang |last2=Yujun |first2=Li |last3=Yiwei |first3=Liu |last4=Nanxin |first4=Zhou |title=2021 18th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP) |chapter=Vulmg: A Static Detection Solution for Source Code Vulnerabilities Based on Code Property Graph and Graph Attention Network |date=December 2021 |pages=250–255 |doi=10.1109/ICCWAMTIP53232.2021.9674145|isbn=978-1-6654-1364-0 |s2cid=246039350 }}</ref><ref>{{cite book |last1=Zheng |first1=Weining |last2=Jiang |first2=Yuan |last3=Su |first3=Xiaohong |title=2021 IEEE 32nd International Symposium on Software Reliability Engineering (ISSRE) |chapter=Vu1SPG: Vulnerability detection based on slice property graph representation learning |date=October 2021 |pages=457–467 |doi=10.1109/ISSRE52982.2021.00054|isbn=978-1-6654-2587-2 |s2cid=246751595 }}</ref><ref>{{cite journal |last1=Chakraborty |first1=Saikat |last2=Krishna |first2=Rahul |last3=Ding |first3=Yangruibo |last4=Ray |first4=Baishakhi |title=Deep Learning based Vulnerability Detection: Are We There Yet |journal=IEEE Transactions on Software Engineering |date=2021 |volume=48 |issue=9 |pages=3280–3296 |doi=10.1109/TSE.2021.3087402|arxiv=2009.07235 |s2cid=221703797 }}</ref><ref>{{cite book |last1=Zhou |first1=Li |last2=Huang |first2=Minhuan |last3=Li |first3=Yujun |last4=Nie |first4=Yuanping |last5=Li |first5=Jin |last6=Liu |first6=Yiwei |title=2021 IEEE Sixth International Conference on Data Science in Cyberspace (DSC) |chapter=GraphEye: A Novel Solution for Detecting Vulnerable Functions Based on Graph Attention Network |date=October 2021 |pages=381–388 |doi=10.1109/DSC53577.2021.00060|arxiv=2202.02501 |isbn=978-1-6654-1815-7 |s2cid=246634824 }}</ref><ref>{{cite book |last1=Ganz |first1=Tom |last2=Härterich |first2=Martin |last3=Warnecke |first3=Alexander |last4=Rieck |first4=Konrad |title=Proceedings of the 14th ACM Workshop on Artificial Intelligence and Security |chapter=Explaining Graph Neural Networks for Vulnerability Discovery |date=15 November 2021 |pages=145–156 |doi=10.1145/3474369.3486866|isbn=9781450386579 |s2cid=240001850 |doi-access=free }}</ref><ref>{{cite journalbook |last1=Duan |first1=Xu |last2=Wu |first2=Jingzheng |last3=Ji |first3=Shouling |last4=Rui |first4=Zhiqing |last5=Luo |first5=Tianyue |last6=Yang |first6=Mutian |last7=Wu |first7=Yanjun |title=VulSniper: Focus Your Attention to Shoot Fine-Grained Vulnerabilities |journal=Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence |chapter=VulSniper: Focus Your Attention to Shoot Fine-Grained Vulnerabilities |date=August 2019 |pages=4665–4671 |doi=10.24963/ijcai.2019/648|isbn=978-0-9992411-4-1 |s2cid=199466292 |doi-access=free }}</ref>