{"id":"https://openalex.org/W4416962840","doi":"https://doi.org/10.1109/pst65910.2025.11268830","title":"FragmentFool: Fragment-based Adversarial Perturbation for Graph Neural Network-based Vulnerability Detection","display_name":"FragmentFool: Fragment-based Adversarial Perturbation for Graph Neural Network-based Vulnerability Detection","publication_year":2025,"publication_date":"2025-08-26","ids":{"openalex":"https://openalex.org/W4416962840","doi":"https://doi.org/10.1109/pst65910.2025.11268830"},"language":null,"primary_location":{"id":"doi:10.1109/pst65910.2025.11268830","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pst65910.2025.11268830","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 22nd Annual International Conference on Privacy, Security, and Trust (PST)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5057163844","display_name":"Muhammad Fakhrur Rozi","orcid":"https://orcid.org/0000-0003-1606-1265"},"institutions":[{"id":"https://openalex.org/I90023481","display_name":"National Institute of Information and Communications Technology","ror":"https://ror.org/016bgq349","country_code":"JP","type":"facility","lineage":["https://openalex.org/I90023481"]}],"countries":["JP"],"is_corresponding":true,"raw_author_name":"Muhammad Fakhrur Rozi","raw_affiliation_strings":["Cyber Security Research Institute NICT,Koganei,Japan"],"affiliations":[{"raw_affiliation_string":"Cyber Security Research Institute NICT,Koganei,Japan","institution_ids":["https://openalex.org/I90023481"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014860606","display_name":"Tao Ban","orcid":"https://orcid.org/0000-0002-9616-3212"},"institutions":[{"id":"https://openalex.org/I90023481","display_name":"National Institute of Information and Communications Technology","ror":"https://ror.org/016bgq349","country_code":"JP","type":"facility","lineage":["https://openalex.org/I90023481"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Tao Ban","raw_affiliation_strings":["Cyber Security Research Institute NICT,Koganei,Japan"],"affiliations":[{"raw_affiliation_string":"Cyber Security Research Institute NICT,Koganei,Japan","institution_ids":["https://openalex.org/I90023481"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048669520","display_name":"Seiichi Ozawa","orcid":"https://orcid.org/0000-0002-0965-0064"},"institutions":[{"id":"https://openalex.org/I65837984","display_name":"Kobe University","ror":"https://ror.org/03tgsfw79","country_code":"JP","type":"education","lineage":["https://openalex.org/I65837984"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Seiichi Ozawa","raw_affiliation_strings":["Kobe University,Center for Mathematical and Data Sciences,Kobe,Japan"],"affiliations":[{"raw_affiliation_string":"Kobe University,Center for Mathematical and Data Sciences,Kobe,Japan","institution_ids":["https://openalex.org/I65837984"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5024530310","display_name":"Hiroaki Inoue","orcid":"https://orcid.org/0000-0003-0043-942X"},"institutions":[{"id":"https://openalex.org/I65837984","display_name":"Kobe University","ror":"https://ror.org/03tgsfw79","country_code":"JP","type":"education","lineage":["https://openalex.org/I65837984"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Hiroaki Inoue","raw_affiliation_strings":["Kobe University,Graduate School of Engineering,Kobe,Japan"],"affiliations":[{"raw_affiliation_string":"Kobe University,Graduate School of Engineering,Kobe,Japan","institution_ids":["https://openalex.org/I65837984"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029032117","display_name":"Takeshi Takahashi","orcid":"https://orcid.org/0000-0002-6477-7770"},"institutions":[{"id":"https://openalex.org/I90023481","display_name":"National Institute of Information and Communications Technology","ror":"https://ror.org/016bgq349","country_code":"JP","type":"facility","lineage":["https://openalex.org/I90023481"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Takeshi Takahashi","raw_affiliation_strings":["Cyber Security Research Institute NICT,Koganei,Japan"],"affiliations":[{"raw_affiliation_string":"Cyber Security Research Institute NICT,Koganei,Japan","institution_ids":["https://openalex.org/I90023481"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5052766937","display_name":"Sajjad Dadkhah","orcid":"https://orcid.org/0000-0002-5582-0255"},"institutions":[{"id":"https://openalex.org/I106938459","display_name":"University of New Brunswick","ror":"https://ror.org/05nkf0n29","country_code":"CA","type":"education","lineage":["https://openalex.org/I106938459"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Sajjad Dadkhah","raw_affiliation_strings":["Canadian Institute for Cybersecurity University of New Brunswick,Fredericton,Canada"],"affiliations":[{"raw_affiliation_string":"Canadian Institute for Cybersecurity University of New Brunswick,Fredericton,Canada","institution_ids":["https://openalex.org/I106938459"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5057163844"],"corresponding_institution_ids":["https://openalex.org/I90023481"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.52480367,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.25429999828338623,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.25429999828338623,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.2442999929189682,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.1535000056028366,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.5924000144004822},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.4864000082015991},{"id":"https://openalex.org/keywords/graph","display_name":"Graph","score":0.4724000096321106},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.400299996137619},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.3682999908924103},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.34700000286102295}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7200000286102295},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.5924000144004822},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.4864000082015991},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.4724000096321106},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.42969998717308044},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.42089998722076416},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.400299996137619},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.3682999908924103},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.34700000286102295},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.3449000120162964},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.3398999869823456},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.3310000002384186},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.32280001044273376},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.31610000133514404},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.2644999921321869},{"id":"https://openalex.org/C177918212","wikidata":"https://www.wikidata.org/wiki/Q803623","display_name":"Perturbation (astronomy)","level":2,"score":0.25679999589920044},{"id":"https://openalex.org/C88230418","wikidata":"https://www.wikidata.org/wiki/Q131476","display_name":"Graph theory","level":2,"score":0.25540000200271606},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.25}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/pst65910.2025.11268830","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pst65910.2025.11268830","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 22nd Annual International Conference on Privacy, Security, and Trust (PST)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":15,"referenced_works":["https://openalex.org/W1964071625","https://openalex.org/W1992114977","https://openalex.org/W2137952932","https://openalex.org/W2144344516","https://openalex.org/W2792256830","https://openalex.org/W3004658838","https://openalex.org/W3109966548","https://openalex.org/W3166095789","https://openalex.org/W3168561516","https://openalex.org/W4231449374","https://openalex.org/W4238983745","https://openalex.org/W4312044266","https://openalex.org/W4381327068","https://openalex.org/W4386857732","https://openalex.org/W4402809959"],"related_works":[],"abstract_inverted_index":{"Software":[0],"vulnerability":[1,56,97],"detection":[2,41,57],"has":[3],"achieved":[4],"promising":[5],"performance":[6],"using":[7,94],"graph":[8,19,79],"neural":[9],"networks":[10],"(GNNs)":[11],"to":[12,26,59,67],"capture":[13],"structural":[14,60],"information":[15],"in":[16],"source":[17,54],"code":[18,55],"representations.":[20],"However,":[21],"these":[22,40],"methods":[23,58],"are":[24],"vulnerable":[25],"various":[27],"attacks.":[28],"Exploiting":[29],"GNN":[30,69,95,111],"vulnerabilities":[31],"can":[32],"significantly":[33],"compromise":[34],"the":[35,48,51,77,104,115],"robustness":[36],"and":[37],"reliability":[38],"of":[39,50,76],"systems.":[42],"In":[43],"this":[44],"study,":[45],"we":[46],"investigate":[47],"susceptibility":[49],"current":[52],"GNN-based":[53],"perturbations.":[61],"We":[62],"propose":[63],"a":[64,90],"novel":[65],"approach":[66,107],"perturb":[68],"inputs":[70],"through":[71],"fragment":[72],"or":[73],"subtree":[74],"manipulation":[75],"original":[78],"representations,":[80],"such":[81],"as":[82,89],"abstract":[83],"syntax":[84],"trees,":[85],"targeting":[86],"structure":[87],"features":[88],"critical":[91],"feature":[92],"when":[93],"for":[96],"detection.":[98],"Our":[99],"comprehensive":[100],"experiments":[101],"demonstrate":[102],"that":[103],"proposed":[105],"perturbation":[106],"effectively":[108],"attacks":[109],"common":[110],"models,":[112],"thereby":[113],"reducing":[114],"overall":[116],"performance.":[117]},"counts_by_year":[],"updated_date":"2026-03-07T16:01:11.037858","created_date":"2025-12-03T00:00:00"}