基于序列生成对抗网络的智能模糊测试方法OA北大核心CSTPCD

The increase in the number of vulnerabilities and the emergence of a large number of highly dangerous vulnerabilities,such as supercritical and high-risk ones,pose great challenges to the state of network security.As a mainstream security testing method,fuzz testing is widely used.Test case generation,as a core step,directly determines the quality of fuzz testing.However,traditional test case generation methods based on pre-generation,random generation,and mutation strategies face bottlenecks such as low coverage,high labor costs,and low quality.Generating high-quality,highly available,and comprehensive test cases is a difficult problem in intelligent fuzz testing.To address this issue,this paper proposes an intelligent fuzz testing method based on the sequence generation adversarial network(SeqGAN)model.By combining the idea of reinforcement learning,the test case generation is abstracted as a learning and approximate generation problem for universally applicable variable-length discrete sequence data.Innovatively,a configurable embedding layer is added to the generator part to standardize the generation,and a reward function is designed from the dimensions of authenticity and diversity through dynamic weight adjustment.This ultimately achieves the goal of automatically and intelligently constructing a comprehensive,complete,and usable test case set for flexible and efficient intelligent fuzz testing.This paper verifies the proposed scheme from two aspects of effectiveness and universality.The average test case pass rate of over 95％and the average target defect detection rate of 10％under four different testing targets fully demonstrate the universality of the scheme.The 98％test case pass rate,9％target defect detection rate,and the ability to generate 20 000 usable test cases per unit time under four different schemes fully demonstrate the effectiveness of the scheme.