|
Intelligent Fuzzy Testing Method Based on Sequence Generative Adversarial Networks
Journal of Information Security Reserach
2024, 10 (6):
490-.
The increase in the number of vulnerabilities and the emergence of a large number of highly dangerous vulnerabilities, such as supercritical and highrisk ones, pose great challenges to the state of network security. As a mainstream security testing method, fuzz testing is widely used. Test case generation, as a core step, directly determines the quality of fuzz testing. However, traditional test case generation methods based on pregeneration, random generation, and mutation strategies face bottlenecks such as low coverage, high labor costs, and low quality. Generating highquality, highly available, and comprehensive test cases is a difficult problem in intelligent fuzz testing. To address this issue, this paper proposes an intelligent fuzz testing method based on the sequence generation adversarial network (SeqGAN) model. By combining the idea of reinforcement learning, the test case generation is abstracted as a learning and approximate generation problem for universally applicable variablelength discrete sequence data. Innovatively, a configurable embedding layer is added to the generator part to standardize the generation, and a reward function is designed from the dimensions of authenticity and diversity through dynamic weight adjustment. This ultimately achieves the goal of automatically and intelligently constructing a comprehensive, complete, and usable test case set for flexible and efficient intelligent fuzz testing. This paper verifies the proposed scheme from two aspects of effectiveness and universality. The average test case pass rate of over 95% and the average target defect detection rate of 10% under four different testing targets fully demonstrate the universality of the scheme. The 98% test case pass rate, 9% target defect detection rate, and the ability to generate 20000 usable test cases per unit time under four different schemes fully demonstrate the effectiveness of the scheme.
Reference |
Related Articles |
Metrics
|
|