MH-GAT: A Buffer Overflow Vulnerability Detection Method via Cross-Graph Semantic Alignment
摘要
As one of the most destructive threats in the field of software security, buffer overflow vulnerability has become the primary target of attackers because of its strong concealment and low threshold for exploitation. Vulnerability detection performance can be significantly improved by utilizing deep learning-based techniques. However, the existing methods generally have the problem of information loss in the code feature representation stage. Existing methods cannot learn features related to vulnerabilities, resulting in high False Negative Rate (FNR) and low accuracy. Therefore, this paper proposes a buffer vulnerability detection framework based on cross-graph semantic alignment. An anchor driven cross-graph alignment mechanism was designed, and AST syntax, CFG control flow and PDG dependencies were integrated to construct a code representation that retained complete topology. Construct a buffer-sensitive multi-head graph attention network was proposed to accurately focus on vulnerability characteristics through decoupled attention and high-risk operation gating enhancement. On the NVD dataset, the F1 value of MH-GAT reaches 92.6%, which significantly improves the detection ability.