Most current deep learning-based vulnerability detection methods struggle with detecting imbalanced real-world vulnerabilities in Industrial 5.0 systems,often resulting in high false-positive rates due to insufficient utilization of program control flow information.To address this issue,this paper proposes a class-sensitive graph neural network(CS-GNN),a novel function-level vulnerability detection method for real-world scenarios.The method leverages a code property graph(CPG)and a heterogeneous graph transformer(HGT)to enhance the detection capability and reliability,thereby protec-ting the security of the consumer digital ecosystem.The HGT is used to capture and learn rich semantic information and the relationships between statements within the CPG generated from the code,enabling it to effectively learn vulnerability-relat-ed features.Additionally,a novel convolutional pooling module is introduced to improve feature distinction among samples.Experimental results show that CS-GNN achieves superior detection accuracy,precision,recall,and Fl score,outperfor-ming state-of-the-art deep learning methods by 13.21%to 153.75%on the same dataset.
关键词
工业5.0/消费者数字生态系统/漏洞检测/图神经网络/异构图
Key words
industry 5.0/consumer digital ecosystems/vulnerability detection/graph neural network/heterogeneous graph
引用本文复制引用
基金项目
国家自然科学基金面上项目(61373131)
国家自然科学基金面上项目(62071240)
网络与交换技术国家重点实验室开放基金项目(北京邮电大学)(SKLNST-2020-l-17)
江苏省高等学校优势学科建设(PAPD)()
江苏省大气环境与装备技术协同创新中心(CICAEET)(61373131)
江苏省大气环境与装备技术协同创新中心(CICAEET)(62071240)
Priority Academic Program Development of Jiangsu Higher Education Institutions(PAPD)()
Collaborative Innovation Center of Atmospheric Environment and Equipment Technology(CICAEET)()
维普
万方数据