Author
Listed:
- Chunlai Du
(School of Information Science and Technology, North China University of Technology, Beijing 100144, China)
- Guizhi Xu
(School of Information Science and Technology, North China University of Technology, Beijing 100144, China)
- Yanhui Guo
(Department of Computer Science, University of Illinois Springfield, Springfield, IL 62703, USA)
- Zhongru Wang
(School of Information Science and Technology, North China University of Technology, Beijing 100144, China
Chinese Academy of Cyberspace Studies, Beijing 100048, China)
- Weiqiang Yu
(Beijing DigApis Technology Co., Ltd., Beijing 100081, China)
Abstract
Coverage-guided fuzzing has been widely applied in software error and security vulnerability detection. The fuzzing technique based on AFL (American Fuzzy Loop) is a common coverage-guided fuzzing method. The code coverage during AFL fuzzing is highly dependent on the quality of the initial seeds. If the selected seeds’ quality is poor, the AFL may not be able to detect program paths in a targeted manner, resulting in wasted time and computational resources. To solve the problems that the seed selection strategy in traditional AFL fuzzing cannot quickly and effectively generate high-quality seed sets and the mutated test cases cannot reach deeper paths and trigger security vulnerabilities, this paper proposes an attention mechanism-based generative adversarial network (GAN) seed generation approach for vulnerability mining, which can learn the characteristics and distribution of high-quality test samples during the testing process and generate high-quality seeds for fuzzing. The proposed method improves the GAN by introducing fully connected neural networks to balance the competitive adversarial process between discriminators and generators and incorporating attention mechanisms, greatly improving the quality of generated seeds. Our experimental results show that the seeds generated by the proposed method have significant improvements in coverage, triggering unique crashes and other indicators and improving the efficiency of AFL fuzzing.
Suggested Citation
Chunlai Du & Guizhi Xu & Yanhui Guo & Zhongru Wang & Weiqiang Yu, 2024.
"A Novel Seed Generation Approach for Vulnerability Mining Based on Generative Adversarial Networks and Attention Mechanisms,"
Mathematics, MDPI, vol. 12(5), pages 1-16, March.
Handle:
RePEc:gam:jmathe:v:12:y:2024:i:5:p:745-:d:1349609
Download full text from publisher
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jmathe:v:12:y:2024:i:5:p:745-:d:1349609. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.