A naukri.com initiative
Arxiv
1d
192
Image Credit: Arxiv
Call Me Maybe: Enhancing JavaScript Call Graph Construction using Graph Neural Networks
- Static analysis is crucial in bug detection, including security flaws, with call graphs being a vital component.
- Existing call graph construction algorithms for JavaScript lack accuracy due to complex language features.
- The GRAPHIA approach aims to enhance tools by identifying missed call edges through link prediction on full program graphs.
- GRAPHIA uses graph neural networks to model relationships between code elements, incorporating syntactic- and semantic-based edges.
- The method learns from imperfect labels and evaluations show significant improvements in ranking function definitions for unresolved call sites.
- Evaluation involved 50 popular JavaScript libraries with 163K call edges, resulting in improved recall for call graph construction.
- The approach ranked the correct target as the top candidate in over 42% of cases and within the top 5 in 72% of cases, reducing manual analysis efforts.
- GRAPHIA builds program graphs with millions of structural and semantic edges, demonstrating the effectiveness of learning-based methods.
- This work is the first to employ GNN-based link prediction for full multi-file program graphs in interprocedural analysis for JavaScript.
Read Full Article
11 Likes
For uninterrupted reading, download the app