WGAN-AFL: Seed Generation Augmented Fuzzer with Wasserstein-GAN
CoRR(2024)
摘要
The importance of addressing security vulnerabilities is indisputable, with
software becoming crucial in sectors such as national defense and finance.
Consequently, The security issues caused by software vulnerabilities cannot be
ignored. Fuzz testing is an automated software testing technology that can
detect vulnerabilities in the software. However, most previous fuzzers
encounter challenges that fuzzing performance is sensitive to initial input
seeds. In the absence of high-quality initial input seeds, fuzzers may expend
significant resources on program path exploration, leading to a substantial
decrease in the efficiency of vulnerability detection. To address this issue,
we propose WGAN-AFL. By collecting high-quality testcases, we train a
generative adversarial network (GAN) to learn their features, thereby obtaining
high-quality initial input seeds. To overcome drawbacks like mode collapse and
training instability inherent in GANs, we utilize the Wasserstein GAN (WGAN)
architecture for training, further enhancing the quality of the generated
seeds. Experimental results demonstrate that WGAN-AFL significantly outperforms
the original AFL in terms of code coverage, new paths, and vulnerability
discovery, demonstrating the effective enhancement of seed quality by WGAN-AFL.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要