/linevd

Statement-level deep learning model for automated software vulnerability detection in C/C++ (Accepted in MSR 2022)

Primary LanguagePythonMIT LicenseMIT

LineVD

This repository provides the code for LineVD: Statement-level Vulnerability Detection using Graph Neural Networks. The environment can be built using Singularity, or by following / following the commands in the Singularity file. To start, clone the repository and navigate to the root directory.

Directory Structure

(main module) ├── sastvd
              │   ├── codebert
              │   ├── helpers
              │   ├── ivdetect
              │   ├── linevd
              │   └── scripts
              ├── storage
(memoization) │   ├── cache
(raw data)    │   ├── external
(csvs)        │   ├── outputs
(models)      │   └── processed
(tests)       └── tests

Training LineVD from scratch

Build and initialise environment and download dataset

sudo singularity build main.sif Singularity
singularity run main.sif -p initialise

Feature extraction (Increase NUM_JOBS if running on HPC for speed up)

singularity exec main.sif python sastvd/scripts/prepare.py
singularity exec main.sif python sastvd/scripts/getgraphs.py

Train model (Training takes around 1-2 hours using GTX 3060)

singularity exec --nv main.sif python sastvd/scripts/train_best.py