Research Article
HGVul: A Code Vulnerability Detection Method Based on Heterogeneous Source-Level Intermediate Representation
Table 11
Performance for the vulnerable functions of actual CVEs.
| Project | Vulnerable funcs | RATS | Flawfinder | VUDDY | VulDeePecker | BGNN4VD | Devign | HGVul | Detected | F1 (%) | Detected | F1 (%) | Detected | F1 (%) | Detected | F1 (%) | Detected | F1 (%) | Detected | F1 (%) | Detected | F1 (%) |
| ffmpeg | 11 | 1 | 15.4 | 1 | 15.4 | 0 | 0 | 6 | 52.2 | 8 | 61.5 | 7 | 51.9 | 9 | 66.7 | openssl | 16 | 6 | 42.9 | 4 | 33.3 | 8 | 66.7 | 7 | 43.8 | 14 | 66.7 | 14 | 63.6 | 12 | 57.1 | libav | 10 | 2 | 28.6 | 2 | 28.6 | 6 | 75.0 | 5 | 50.0 | 5 | 43.5 | 8 | 61.5 | 7 | 56.0 | httpd | 13 | 4 | 38.1 | 4 | 38.1 | 10 | 87.0 | 6 | 46.2 | 10 | 58.8 | 9 | 58.1 | 12 | 66.7 | nginx | 10 | 2 | 28.6 | 2 | 28.6 | 1 | 18.2 | 8 | 69.6 | 10 | 69.0 | 8 | 64.0 | 9 | 64.3 | libtiff | 13 | 1 | 13.3 | 1 | 13.3 | 5 | 55.6 | 4 | 42.1 | 10 | 58.8 | 11 | 64.7 | 11 | 68.8 | Total/avg | 73 | 16 | 27.8 | 14 | 26.2 | 30 | 50.4 | 36 | 50.7 | 56 | 58.8 | 54 | 59.0 | 60 | 63.3 |
|
|