A survey on graph-based methods for Software Vulnerability Detection

A survey on graph-based methods for Software Vulnerability Detection

연구 분야: Strategies

학회: 2024 1st International Conference on Emerging Technologies for Dependable Internet of Things (ICETI)

In computer security, finding software vulnerabilities is essential since they provide serious security hazards to both individuals and companies. Known vulnerability variations or recently undiscovered vulnerabilities are frequently difficult to find using traditional vulnerability detection techniques. Graph representations are useful and successful methods for finding software system vulnerabilities. Conventional techniques for detecting vulnerabilities frequently depend on pattern matching and structural analysis, which may not be sufficient to find intricate and dynamic vulnerabilities. Graph-based methods, on the other hand, offer a more thorough and adaptable representation that catches the complex interrelationships and dependencies between code pieces. This research aims to make progress in the field of vulnerability detection by exploring the potential of graph-based techniques to address existing challenges and limitations: handling large-scale graphs can be computationally expensive, and detecting zero-day vulnerabilities remains a challenging task. By investigating how graph representations can effectively manage code diversity, capture intricate relationships, and improve vulnerability identification, we contribute to developing more robust and adaptive security mechanisms. Our comprehensive survey provides a thorough overview of graph-based vulnerability detection methods, offering insights into their potential, limitations, and effectiveness. This research serves as a valuable resource for researchers and practitioners, guiding them in selecting appropriate methods and motivating further developments in this domain.