一种高效的软件模糊测试种子生成方法OA北大核心CSTPCD

As one of the effective ways to exploit software vulnerabilities in the current software engineering field,fuzzing plays a significant role in discovering potential software vulnerabilities.The traditional seed selection strategy in fuzzing cannot effectively generate high-quality seeds,which results in the testcases generated by mutation being unable to reach deeper paths and trigger more security vulnerabilities.To address these challenges,a seed generation method for efficient fuzzing based on the improved generative adversarial network(GAN)is proposed which can flexibly expand the type of seed generation through encoding and decoding technology and significantly improve the fuzzing performance of most applications with different input types.In experiments,the seed generation strategy adopted in this paper significantly improved the coverage and unique crashes,and effectively increased the seed generation speed.Six open-sourced programs with different highly-structured inputs were selected to demonstrate the effectiveness of our strategy.As a result,the average branch coverage increased by 2.79%,the number of paths increased by 10.35%and additional 86.92%of unique crashes were found compared to the original strategy.