Vulnerability Detection Based on Enhanced Graph Representation Learning

The detection of program vulnerabilities remains a challenging task in software security. The existing vulnerability detection methods rarely consider the multidimensional feature space complementarity of program graph structures, which easily overlooks contextual environment features and syntax structure features. This disadvantage leads to insufficient performance in capturing complex structural features, which hinders the improvement in detection accuracy. To address this issue, this paper introduces a novel vulnerability detection method, EnGS2F, which adopts the representation learning of an enhanced graph structure to improve the efficiency of capturing vulnerability information. On the dimension of the graph structure, a context relationship graph (CRG) is integrated on the basis of a program dependency graph (PDG) to enrich the global structural context representation. On the dimension of graph nodes, abstract syntax tree (AST) embedding and paragraph embedding are integrated to solve the problem of insufficient feature space complementarity. Moreover, the combination of a gated graph neural network (GGNN) with a graph attention mechanism further improves the learning performance of the enhanced graph structure. EnGS2F has been rigorously evaluated on program slices from open-source vulnerability datasets, demonstrating significant improvements over current competitive methods in detecting program vulnerabilities. Specifically, EnGS2F achieved a significant increase in the F1 score, outperforming existing technologies by 6%.