GraphGuard AI

GAT Based Code Vulnerability Detector For C

CONNECTING...

source_code.c

C Analysis Mode

Engine State: Idle / Ready for Input

GraphGuard Forensic Engine

Automated vulnerability detection for C based on Graph Attention Networks (GAT). Deploys hybrid static analysis to identify logic flaws in control flow.

Supported Vulnerabilities

CWE-121:STACK BASED BUFFER OVERFLOW

CWE-122:HEAP BASED BUFFER OVERFLOW

CWE-190:INT OVERFLOW

CWE-134:FORMAT STRING

CWE-78:CMD INJECTION

Quick Load Vulnerability Patterns

Operational Protocols

01
Syntactic Integrity
Input must be valid, compilable C99/C11 syntax. The AST parser requires standard grammar to generate the graph topology. Syntax errors will abort the pipeline.
02
Dependency Resolution
Always include standard headers (e.g., <string.h>, <stdio.h>). The engine relies on symbol resolution to identify library calls.
03
Scope Containment
Analysis is limited to the provided translation unit (single file). Inter-procedural logic across multiple files is currently ignored.
04
Function-Centricity
The GAT model optimizes for function-level control flow. For best results, encapsulate vulnerable logic within functions rather than global scope.
05
Preprocessor Stability
Avoid complex, nested macro expansions. Heavily obfuscated preprocessor directives may obscure the Code Property Graph (CPG).

System Constraints & Limitations

Neural Architecture (GATv2)

SOURCEJOERNCPGPYG TENSORINFERENCE

ModelHeterogeneous GATv2

EmbeddingGraphCodeBERT (768-dim)

Loss FuncFocal Loss + Smoothing

PruningGhost Edge Elimination

InputCPG (AST + Data Flow Edges)

Attention4 Heads → 1 Head

Built withby Bharateesha

GraphGuard Forensic Engine

Synthetic Training Bias

Inherent Complexity of this Task

Pointer Aliasing Depth

Dynamic Memory Ambiguity

Opaque External Calls