An attention-based automatic vulnerability detection approach with GGNN

Vulnerability detection has long been an important issue in software security. The existing methods mainly define the rules and features of vulnerabilities through experts, which are time-consuming and laborious, and usually with poor accuracy. Thus automatic vulnerability detection methods based on code representation graph and Graph Neural Network (GNN) have been proposed with the advantage of effectively capture both the semantics and structure information of the source code, showing a better performance. However, these methods ignore the redundant information in the graph and the GNN model, leading to a still unsatisfactory performance. To alleviate this problem, we propose a attention-based automatic vulnerability detection approach with Gated Graph Sequence Neural Network (GGNN). Firstly, we introduce two preprocessing methods namely pruning and symbolization representation to reduce the redundant information of the input code representation graph, and then put the graph into the GGNN layer to update the node features. Next, the key subgraph extraction and global feature aggregation are realized through the attention-based Pooling layers. Finally, the classification result is obtained through a linear classifier. The experimental results show the effectiveness of our proposed preprocessing methods and attention-based Pooling layers, especially the higher Accuracy and F1-score gains compared with the state-of-the-art automatic vulnerability detection approaches.