Attributed Graphs Research Articles

Static vulnerability detection based on class separation

Software vulnerability detection is a key step to prevent the system from being attacked. However, tens of thousands of codes have brought great challenges to engineers, so we urgently need an automatic and intelligent vulnerability detection method. The existing vulnerability detection model based on deep learning has the problem that it is difficult to separate the features of vulnerable and neutral code. Based on the code data drive, this paper proposes a static vulnerability detection method SDV(Statically Detecting Vulnerability) for C∖C++ programs. SDV is a function-level vulnerability code detection method. This paper uses a code property graph to represent the code and decouples the feature extractor and the classifier. In the graph feature extraction stage, we use Jump Graph Attention Network layers and convolutional pooling layers. Their combination can not only prevent the over-smoothing problem but also separate the sample classes deeply. Finally, on the chrdeb dataset, SDV outperforms state-of-the-art function-level vulnerability detection methods by 52.3%, 15.9%, and 39.6% in Precision, Recall, and F1-Score, respectively. On the real project sard, the number of vulnerabilities detected by SDV is 10.7 times more than Reveal.

Property graph representation learning for node classification

Graph representation learning (graph embedding) has led to breakthrough results in various machine learning graph-based applications such as node classification, link prediction and recommendation. Many real-world graphs can be characterized as the property graphs, because besides the structure information, there exists rich property information related to each node in the graphs. Many existing graph representation learning methods—e.g. random walk-based methods like DeepWalk and Node2vec, focus only on the structure of graph for learning the node embedding. Although graph representation learning based on neural networks (e.g. typical GNN methods such as GraphSAGE) uses the property of nodes as the initial features of nodes and then aggregates feature information of the neighbours, their limitation is that the neighbourhood of a node is considered to be uniform—i.e. there is no way to differentiate among neighbours of a node when learning a node embedding. Additionally, their definition of neighbourhood is local, i.e. only nodes connected to the current node are considered as neighbours. Hence, those methods fail to capture implicit/latent relationships among nodes, which are implicit in the given structure. In this study, our aim is to improve the performance of graph representation learning methods on property graphs. We present a new framework called Enhanced Property Graph Embedding (EPGE)—a graph representation learning framework to address above-mentioned limitations. Our proposed framework relies on the notion of latent neighbourhood, as well as systematic sampling of neighbouring nodes to obtain better representation of the nodes. The experimental results on five publicly available graph datasets demonstrate that EPGE outperforms state-of-the-art baselines for the task of node classification. We further evaluate the superiority of our proposed formulation by defining a novel quantitative metric to measure the usefulness of the sampled neighbourhood in the graph.

VulPathsFinder: A Static Method for Finding Vulnerable Paths in PHP Applications Based on CPG

Today, as PHP application technology is becoming increasingly mature, the functions of modern multi-layer web applications are becoming more and more complete, and the complexity is also gradually increasing. While providing developers with various business functions and interfaces, multi-tier Web applications also successfully cover the details of application development. This type of web application adopts a unified entrance, many object-oriented codes are used, and features such as encapsulation, inheritance, and polymorphism bring challenges to vulnerability mining from the perspective of static analysis. A large amount of object-oriented code makes it impossible for a simple function name-matching method to build a complete call graph (CG), resulting in the inability to perform a comprehensive interprocedural analysis. At the same time, the encapsulation feature of the class makes the data hidden in the object attribute, and the vulnerability path cannot be obtained through the general data-flow analysis. In response to the above issues, we propose a vulnerability detection method that supports vulnerability detection for multi-layer web applications based on MVC (Model-View-Control) architecture. First, we improve the construction of the call graph and Code Property Graph (CPG). Then, based on the enhanced Code Property Graph, we propose a technique to support vulnerability detection for multi-layer web applications. Based on this approach, we implemented a prototype of VulPathsFinder, a security analysis tool extended from the PHP security analyzer Joern-PHP. Then, we select ten MVC based and ten non-MVC-based applications to form a test dataset and validate the effectiveness of VulPathsFinder based on this dataset. Experimental results show that, compared with currently available tools, VulPathsFinder can handle framework applications more effectively, build a complete code property map, and detect vulnerabilities in framework applications that existing tools cannot detect.

Full-Power Graph Querying: State of the Art and Challenges

Graph databases are enjoying enormous popularity, through both their RDF and Property Graphs (PG) incarnations, in a variety of applications. To query graphs, query languages provide structured, as well as unstructured primitives. While structured queries allow expressing precise information needs, they are unsuited for exploring unfamiliar datasets, as they require prior knowledge of the schema and structure of the dataset. Prior research on keyword search in graph databases do not suffer from this limitation. However, keyword queries do not allow expressing precise search criteria when users do know some.This tutorial (1.5 hours) builds a continuum between structured graph querying through languages such as SPARQL and GPML, a recently proposed standard for PG querying, on one hand, and graph keyword search, on the other hand. In this space between querying and information retrieval, we analyze the features of modern query languages that go toward unstructured search, discuss their strength, limitations, and compare their computational complexity. In particular, we focus on (i) lessons learned from the rich literature of graph keyword search, in particular with respect to result scoring; (ii) language mechanisms for integratingbothcomplex structured querying and powerful methods to search for connections users do not know in advance. We conclude by discussing the open challenges and future work directions.

CPVD: Cross Project Vulnerability Detection Based on Graph Attention Network and Domain Adaptation

Code vulnerability detection is critical for software security prevention. Vulnerability annotation in large-scale software code is quite tedious and challenging, which requires domain experts to spend a lot of time annotating. This work offers CPVD, a cross-domain vulnerability detection approach based on the challenge of ”learning to predict the vulnerability labels of another item quickly using one item with rich vulnerability labels.” CPVD uses the code property graph to represent the code and uses the Graph Attention Network and Convolution Pooling Network to extract the graph feature vector. It reduces the distribution between the source domain and target domain data in the Domain Adaptation Representation Learning stage for cross-domain vulnerability detection. In this paper, we test each other on different real-world project codes. Compared with methods without domain adaptation and domain adaptation methods based on natural language processing, CPVD is more general and performs better in cross-domain vulnerability detection tasks. Specifically, for the four datasets of chr_deb, qemu, libav, and sard, they achieved the best results of 70.2%, 81.1%, 59.7%, and 78.1% respectively on the F1-Score, and 88.4%,86.3%, 85.2%, and 88.6% on the AUC.

Learning Semantic Representation on Visual Attribute Graph for Person Re-identification and Beyond

Person re-identification (re-ID) aims to match pedestrian pairs captured from different cameras. Recently, various attribute-based models have been proposed to combine the pedestrian attribute as an auxiliary semantic information to learn a more discriminative pedestrian representation. However, these methods usually directly concatenate the visual branch and attribute branch embeddings as the final pedestrian representation, which ignores the semantic relation between the pedestrian revealed by attribute similarity. To capture and explore such semantic relation, we propose a unified pedestrian representation framework, called Visual Attribute Graph Embedding Network (VAGEN), to simultaneously learn attribute and visual representation. We unify the visual embedding and attribute similarity into a Visual Attribute Graph, where pedestrian is considered as a node and attribute similarity as an edge. Then, we learn graph node embedding to generate pedestrian representation through Graph Neural Network. Except for this unified representation for visual and attribute embeddings, VAGEN also conducts implicitly hard example mining for visual similar false-positive results, which has not been explored yet among existing attribute-based methods. We conduct extensive empirical studies on several person re-ID datasets to evaluate our proposed algorithm from different aspects. The results show that our proposed method outperforms state-of-the-art techniques with considerable margins.

Normalizing Property Graphs

Normalization aims at minimizing sources of potential data inconsistency and costs of update maintenance incurred by data redundancy. For relational databases, different classes of dependencies cause data redundancy and have resulted in proposals such as Third, Boyce-Codd, Fourth and Fifth Normal Form. Features of more advanced data models make it challenging to extend achievements from the relational model to missing, non-atomic, or uncertain data. We initiate research on the normalization of graph data, starting with a class of functional dependencies tailored to property graphs. We show that this class captures important semantics of applications, constitutes a rich source of data redundancy, its implication problem can be decided in linear time, and facilitates the normalization of property graphs flexibly tailored to their labels and properties that are targeted by applications. We normalize property graphs into Boyce-Codd Normal Form without loss of data and dependencies whenever possible for the target labels and properties, but guarantee Third Normal Form in general. Experiments on real-world property graphs quantify and qualify various benefits of graph normalization: 1) removing redundant property values as sources of inconsistent data, 2) detecting inconsistency as violation of functional dependencies, 3) reducing update overheads by orders of magnitude, and 4) significant speed ups of aggregate queries.

Uniqueness Constraints for Object Stores

Object stores offer an increasingly popular choice for data management and analytics. As with every data model, managing the integrity of objects is fundamental for data quality but also important for the efficiency of update and query operations. In response to shortcomings of unique and existence constraints in object stores, we propose a new principled class of constraints that separates uniqueness from existence dimensions of data quality, and fully supports multiple labels and composite properties. We illustrate benefits of the constraints on real-world examples of property graphs where node integrity is enforced for better update and query performance. The benefits are quantified experimentally in terms of perfectly scaling the access to data through indices that result from the constraints. We establish axiomatic and algorithmic characterizations for the underlying implication problem. In addition, we fully characterize which non-redundant families of constraints attain maximum cardinality for any given finite sets of labels and properties. We exemplify further use cases of the constraints: elicitation of business rules, identification of data quality problems, and design for data quality. Finally, we propose extensions to managing the integrity of objects in object stores such as graph databases.

PG-Schema: Schemas for Property Graphs

Property graphs have reached a high level of maturity, witnessed by multiple robust graph database systems as well as the ongoing ISO standardization effort aiming at creating a new standard Graph Query Language (GQL). Yet, despite documented demand, schema support is limited both in existing systems and in the first version of the GQL Standard. It is anticipated that the second version of the GQL Standard will include a rich DDL. Aiming to inspire the development of GQL and enhance the capabilities of graph database systems, we propose PG-Schema, a simple yet powerful formalism for specifying property graph schemas. It features PG-Schema with flexible type definitions supporting multi-inheritance, as well as expressive constraints based on the recently proposed PG-Keys formalism. We provide the formal syntax and semantics of PG-Schema, which meet principled design requirements grounded in contemporary property graph management scenarios, and offer a detailed comparison of its features with those of existing schema languages and graph database systems.

Theories and Principles Matter: Towards Visually Appealing and Effective Abstraction of Property Graph Queries

Existing visual abstraction of a property graph query by representing it as a labeled atomic graph (LAG) has great potential to democratize the usage of property graph databases as it enables user-friendly visual query formulation without demanding the need to learn a property graph query language e.g., Cypher. Unfortunately, existing LAG-based query interfaces do not embrace HCI principles and psychology theories to inform their design and as a result may have adverse impact on their usability and aesthetics. In this paper, we depart from the classical theory- and principles-oblivious LAG abstraction to present a novel theory-informed visual abstraction called labeled composite graph (LCG) to address this limitation. It realizes a novel and extensible visual shape definition language called VEDA to create and maintain an LCG systematically, guided by a variety of theories and principles from HCI, visualization and psychology. We build a novel LCG-based visual property graph query interface for Cypher called SIERRA and demonstrate through a user study its superiority to an industrial-strength LAG-based query interface for property graphs w.r.t. usability, aesthetics and efficient query formulation.

SedSVD: Statement-level software vulnerability detection based on Relational Graph Convolutional Network with subgraph embedding

Current deep-learning based vulnerability detection methods have been proven more automatic and correct to a certain extent, nonetheless, they are limited to detect at function-level or file-level, which can hinder software developers from acquiring more detailed information and conducting more targeted repairs. Graph-based detection methods have shown dominant performance over others. Unfortunately, the information they reveal has not been fully utilized. We design SedSVD (Subgraph embedding driven Statement-level Vulnerability Detection) with two objectives: (i) to better utilize the information the code-related graphs can reflect; (ii) to detect vulnerabilities at a finer-grained level. In our work, we propose a novel graph-based detection framework that embeds graphs at subgraph-level to realize statement-level detection. It first leverages Code Property Graph (CPG) to learn both semantic and syntactic information from source code, and then selects several center nodes (code elements) in CPG to build their subgraphs. After embedding each subgraph with its nodes and edges, we apply Relational Graph Convolutional Network (RGCN) to process different edges differently. A Multi-Layer Perceptron (MLP) layer is further added to ensure its prediction performance. We conduct our experiments on C/C++ projects from NVD and SARD. Experimental results show that SedSVD achieves 95.15% in F1-measure which proves our work to be more effective. Our work detects at a finer-grained level and achieves higher F1-measure than existing state-of-art vulnerability detection techniques. Besides, we provide a more detailed detection report pointing the specific error code elements within statements.

Natural language querying of process execution data

Process-oriented data analysis techniques allow organizations to understand how their processes operate, where modifications are needed and where enhancements are possible. A recurrent task in any process analysis technique is querying. Process data querying allows analysts to easily explore the data with the intent of getting insights about the execution of business processes. The current generation of process query languages targets data scientists. However, there is a need to a query language to support domain analysts who may be inexperienced with database technologies. This paper addresses this challenge by proposing a natural language interface that assists the end-users in querying the stored event data. The interface takes a natural language query from the user, automatically constructs a corresponding structured query to be executed over the stored event data. We use graph based storage techniques, namely labeled property graphs, which allow to explicitly model event data relationships. As an executable query language, we use the Cypher language which is widely used for querying property graphs. The approach has been implemented and evaluated using two publicly available event logs.

Privacy Property Graph: Towards Automated Privacy Threat Modeling via Static Graph-based Analysis

Privacy threat modeling should be done frequently throughout development and production to be able to quickly mitigate threats. Yet, it can also be a very time-consuming activity. In this paper, we use an enhanced code property graph to partly automate the privacy threat modeling process: It automatically generates a data flow diagram from source code which exhibits privacy properties of data flows, and which can be analyzed semi-automatically via queries. We provide a list of such reusable queries that can be used to detect various privacy threats. To enable this analysis, we integrate a taint-tracking mechanism into the graph using privacy-specific labels. Since no benchmark for such an approach exists, we also present a test suite for privacy threat implementations which comprises implementations for 22 privacy threats in multiple programming languages. We expect that our approach significantly reduces time consumption of threat modeling and show that it also has potential beyond the threat categories defined by LINDDUN, e.g. to detect privacy anti-patterns and verify compliance to privacy policies.

Extended Property-level k-vertex Cardinality Constraints Model for Graph Databases

Graph databases are nowadays considered the most appropriate solution for highly connected domains. Nevertheless, the lack of a fixed schema perplexes the implementation of business rules and inhibits the usage of graph database technology in practical use cases. To tackle this challenge, we study cardinality constraints in graph databases, as their focus is on the essential component of the property graph data model - relationships between entities. This paper presents an abstract cardinality constraints model for enforcing cardinality constraints in graph databases, which represent complex graph patterns. We extend our initial k-vertex cardinality constraints model to allow the representation of cardinality constraints between a node and a subgraph with given node and/or edge properties. Second, we implement the proposed model as procedures deployed in the Neo4j Graph Database Management System (GDBMS) to prevent adding new edges that violate k-vertex cardinality constraints to the graph database. Finally, we study the performance of the implemented approach on synthetic and real datasets and analyze its performance compared to the initial model. Overall, the query execution time (QET) of the procedure increases exponentially on larger datasets. Still, the added node/edge property-level evaluation does not show a significant performance effect on the edge insertion process.

RTGEN++: A Relative Temporal Graph GENerator

Graph management systems have become popular for storing and querying graph-oriented data, and they are often evaluated with benchmarks based on large-scale graphs. However, obtaining such graphs is difficult due to their limited public availability. Several graph generators have been developed to address this challenge, producing synthetic graphs with characteristics similar to real-world graphs, such as degree distribution, community structure, and diameter. Generating synthetic graphs with constantly changing topology has received less attention despite its importance in developing useful benchmarks for temporal graph systems. In this paper, we present RTGEN++, a temporal graph generator that supports two evolution models. The first model generates temporal graphs by controlling the evolution of their degree distributions, using optimal transport methods to minimize the transformation effort. We also extend our method in order to consider the community structure of the generated graphs. The second model allows one to control the number of added and removed graph entities, thus enabling the modeling of the evolution of real-world graphs in many use cases. Our generator also includes a decorator that adds types and time-varying attributes to nodes and edges, enhancing the generated graphs and aligning with data platforms that use the property graph model. We validate our approach with experiments that demonstrate the reliability of the generated graphs in approximating ground-truth parameters.

BjXnet: an improved bug localization model based on code property graph and attention mechanism

bjXnet: an improved bug localization model based on code property graph and attention mechanism

LPG-Based Knowledge Graphs: A Survey, a Proposal and Current Trends

A significant part of the current research in the field of Artificial Intelligence is devoted to knowledge bases. New techniques and methodologies are emerging every day for the storage, maintenance and reasoning over knowledge bases. Recently, the most common way of representing knowledge bases is by means of graph structures. More specifically, according to the Semantic Web perspective, many knowledge sources are in the form of a graph adopting the Resource Description Framework model. At the same time, graphs have also started to gain momentum as a model for databases. Graph DBMSs, such as Neo4j, adopt the Labeled Property Graph model. Many works tried to merge these two perspectives. In this paper, we will overview different proposals aimed at combining these two aspects, especially focusing on possibility for them to add reasoning capabilities. In doing this, we will show current trends, issues and possible solutions. In this context, we will describe our proposal and its novelties with respect to the current state of the art, highlighting its current status, potential, the methodology, and our prospect.

IFC-graph for facilitating building information access and query

This study attempts to address a challenge regarding the extraction of building information, which is one of the fundamental tasks that needs to be addressed in the construction domain. Current technologies, such as relational databases, have difficulty in efficiently and effectively managing and querying the interconnected building information with full of hidden relationships. To address this problem, this study adopted the graph-theory-based graph database technology to reveal hidden relationships within building information. A model-driven approach was developed to enable a full conversion of Industry Foundation Classes data into labeled property graph, which is referred to as IFC-Graph. The result shows that IFC-Graph can represent interconnected building information and reveal hidden relationships, supporting effective and efficient building information access and query. This study can benefit a vast number of future studies in the area of building information query by improving its accessibility and queryability.

A graph database for life cycle inventory using Neo4j

Life cycle inventory (LCI) databases constitute the basis for the life cycle assessment (LCA) of a product system. LCI data involve complex relationships between the production activities and the environment. The currently used relational database employs a rigid schema structure of two-dimensional tables and lacks direct support for the complex relationships between LCI data. In this paper, a graph database was designed and constructed using Neo4j graph database management system. First, an LCI knowledge graph (LCIKG) model for the graph database is proposed, which employs the labeled property graph structure and describes the LCI data and the semantic relationships among LCI data concepts. Second, Ecoinvent datasets were successfully used to construct the LCI graph database by automatically extracting Cypher syntax patterns; then, Neo4j was used to store, visualize, and retrieve LCI data. Finally, a set of queries have been executed to evaluate the performance of the graph database; a case study has been provided to demonstrate the effectiveness of the proposed graph database. The graph database can effectively reduce the time and effort to query and process LCI data of a product system. Moreover, the dynamic schema of the LCIKG model promotes the scalability and interoperability of LCI data. The completed work provides a feasible solution for the issues and challenges in current LCI research and promotes the wide application of LCA.

Insecurity Refactoring: Automated Injection of Vulnerabilities in Source Code

Insecurity Refactoring is a change to the internal structure of software to inject a vulnerability without changing the observable behavior in a normal use case scenario. An implementation of Insecurity Refactoring is formally explained to inject vulnerabilities in source code projects by using static code analysis. It creates learning examples with source code patterns from known vulnerabilities.Insecurity Refactoring is achieved by creating an Adversary Controlled Input Dataflow tree based on a Code Property Graph. The tree is used to find possible injection paths. Transformation of the possible injection paths allows to inject vulnerabilities. Insertion of data flow patterns introduces different code patterns from related Common Vulnerabilities and Exposures (CVE) reports. The approach is evaluated on 307 open source projects. Additionally, insecurity-refactored projects are deployed in virtual machines to be used as learning examples. Different static code analysis tools, dynamic tools and manual inspections are used with modified projects to confirm the presence of vulnerabilities.The results show that in 8.1% of the open source projects it is possible to inject vulnerabilities. Different inspected code patterns from CVE reports can be inserted using corresponding data flow patterns. Furthermore the results reveal that the injected vulnerabilities are useful for a small sample size of attendees (n=16). Insecurity Refactoring is useful to automatically generate learning examples to improve software security training. It uses real projects as base whereas the injected vulnerabilities stem from real CVE reports. This makes the injected vulnerabilities unique and realistic.