Coca: Improving and Explaining Graph Neural Network-Based Vulnerability Detection Systems
Sicong Cao, Xiaobing Sun, Xiaoxue Wu, David Lo, Lili Bo, Bin Li, Wei Liu
Abstract
Recently, Graph Neural Network (GNN)-based vulnerability detection systems have achieved remarkable success. However, the lack of explainability poses a critical challenge to deploy black-box models in security-related domains. For this reason, several approaches have been proposed to explain the decision logic of the detection model by providing a set of crucial statements positively contributing to its predictions. Unfortunately, due to the weakly-robust detection models and suboptimal explanation strategy, they have the danger of revealing spurious correlations and redundancy issue.
Topics & Concepts
Computer scienceRedundancy (engineering)Spurious relationshipArtificial neural networkArtificial intelligenceMachine learningDeep neural networksVulnerability (computing)Computer securityOperating systemAdversarial Robustness in Machine LearningSoftware Engineering ResearchSoftware Testing and Debugging Techniques