MultiGLICE: Combining Graph Neural Networks and Program Slicing for Multiclass Software Vulnerability Detection
Kaydedildi:
| Yayımlandı: | Computers vol. 14, no. 3 (2025), p. 98 |
|---|---|
| Yazar: | |
| Diğer Yazarlar: | , |
| Baskı/Yayın Bilgisi: |
MDPI AG
|
| Konular: | |
| Online Erişim: | Citation/Abstract Full Text + Graphics Full Text - PDF |
| Etiketler: |
Etiket eklenmemiş, İlk siz ekleyin!
|
| Özet: | This paper presents MultiGLICE (Multi class Graph Neural Network with Program Slice), a model for static code analysis to detect security vulnerabilities. MultiGLICE extends our previous GLICE model with multiclass detection for a large number of vulnerabilities across multiple programming languages. It builds upon the earlier SySeVR and FUNDED models and uniquely integrates inter-procedural program slicing with a graph neural network. Users can configure the depth of the inter-procedural analysis, which allows a trade-off between the detection performance and computational efficiency. Increasing the depth of the inter-procedural analysis improves the detection performance, at the cost of computational efficiency. We conduct experiments with MultiGLICE for the multiclass detection of 38 different CWE types in C/C++, C#, Java, and PHP code. We evaluate the trade-offs in the depth of the inter-procedural analysis and compare its vulnerability detection performance and resource usage with those of prior models. Our experimental results show that MultiGLICE improves the weighted F1-score by about 23% when compared to the FUNDED model adapted for multiclass classification. Furthermore, MultiGLICE offers a significant improvement in computational efficiency. The time required to train the MultiGLICE model is approximately 17 times less than that of FUNDED. |
|---|---|
| ISSN: | 2073-431X |
| DOI: | 10.3390/computers14030098 |
| Kaynak: | Advanced Technologies & Aerospace Database |