MultiGLICE: Combining Graph Neural Networks and Program Slicing for Multiclass Software Vulnerability Detection
Tallennettuna:
| Julkaisussa: | Computers vol. 14, no. 3 (2025), p. 98 |
|---|---|
| Päätekijä: | |
| Muut tekijät: | , |
| Julkaistu: |
MDPI AG
|
| Aiheet: | |
| Linkit: | Citation/Abstract Full Text + Graphics Full Text - PDF |
| Tagit: |
Ei tageja, Lisää ensimmäinen tagi!
|
MARC
| LEADER | 00000nab a2200000uu 4500 | ||
|---|---|---|---|
| 001 | 3181425410 | ||
| 003 | UK-CbPIL | ||
| 022 | |a 2073-431X | ||
| 024 | 7 | |a 10.3390/computers14030098 |2 doi | |
| 035 | |a 3181425410 | ||
| 045 | 2 | |b d20250101 |b d20251231 | |
| 084 | |a 231447 |2 nlm | ||
| 100 | 1 | |a de Kraker, Wesley |u Department of Computer Science, Open Universiteit, 6419 AT Heerlen, The Netherlands | |
| 245 | 1 | |a MultiGLICE: Combining Graph Neural Networks and Program Slicing for Multiclass Software Vulnerability Detection | |
| 260 | |b MDPI AG |c 2025 | ||
| 513 | |a Journal Article | ||
| 520 | 3 | |a This paper presents MultiGLICE (Multi class Graph Neural Network with Program Slice), a model for static code analysis to detect security vulnerabilities. MultiGLICE extends our previous GLICE model with multiclass detection for a large number of vulnerabilities across multiple programming languages. It builds upon the earlier SySeVR and FUNDED models and uniquely integrates inter-procedural program slicing with a graph neural network. Users can configure the depth of the inter-procedural analysis, which allows a trade-off between the detection performance and computational efficiency. Increasing the depth of the inter-procedural analysis improves the detection performance, at the cost of computational efficiency. We conduct experiments with MultiGLICE for the multiclass detection of 38 different CWE types in C/C++, C#, Java, and PHP code. We evaluate the trade-offs in the depth of the inter-procedural analysis and compare its vulnerability detection performance and resource usage with those of prior models. Our experimental results show that MultiGLICE improves the weighted F1-score by about 23% when compared to the FUNDED model adapted for multiclass classification. Furthermore, MultiGLICE offers a significant improvement in computational efficiency. The time required to train the MultiGLICE model is approximately 17 times less than that of FUNDED. | |
| 653 | |a Deep learning | ||
| 653 | |a Datasets | ||
| 653 | |a Static code analysis | ||
| 653 | |a Artificial intelligence | ||
| 653 | |a C plus plus | ||
| 653 | |a Open source software | ||
| 653 | |a Graph neural networks | ||
| 653 | |a Programming languages | ||
| 653 | |a Neural networks | ||
| 653 | |a Tradeoffs | ||
| 653 | |a Computational efficiency | ||
| 653 | |a Software reliability | ||
| 653 | |a Automation | ||
| 653 | |a Semantics | ||
| 700 | 1 | |a Vranken, Harald |u Department of Computer Science, Open Universiteit, 6419 AT Heerlen, The Netherlands; Institute for Computing and Information Sciences, Radboud University, 6525 EC Nijmegen, The Netherlands | |
| 700 | 1 | |a Hommersom, Arjen |u Department of Computer Science, Open Universiteit, 6419 AT Heerlen, The Netherlands; Institute for Computing and Information Sciences, Radboud University, 6525 EC Nijmegen, The Netherlands | |
| 773 | 0 | |t Computers |g vol. 14, no. 3 (2025), p. 98 | |
| 786 | 0 | |d ProQuest |t Advanced Technologies & Aerospace Database | |
| 856 | 4 | 1 | |3 Citation/Abstract |u https://www.proquest.com/docview/3181425410/abstract/embedded/L8HZQI7Z43R0LA5T?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text + Graphics |u https://www.proquest.com/docview/3181425410/fulltextwithgraphics/embedded/L8HZQI7Z43R0LA5T?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text - PDF |u https://www.proquest.com/docview/3181425410/fulltextPDF/embedded/L8HZQI7Z43R0LA5T?source=fedsrch |