SaTC: CORE: Small: Machine Learning for Effective Fuzz Testing

SaTC：核心：小型：用于有效模糊测试的机器学习

• 批准号: 1817122
• 负责人: Koushik Sen
• 金额: $ 50万
• 依托单位: University of California-Berkeley
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2018
• 资助国家: 美国
• 起止时间: 2018-10-01 至 2022-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1817122&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Machine; Learning

In recent years, fuzz testing has evolved as one of the most effective testing techniques for finding security vulnerabilities and correctness bugs in real-world software systems. It has been used successfully by major software companies for security testing and quality assurance. State-of-the-art fuzz testing tools have found numerous security vulnerabilities and bugs in widely used software such as Web browsers, network tools, image processors, popular system libraries, C compilers, and interpreters.Fuzz testing works by generating random input data for a program under test. A key reason behind its huge popularity is that it has low computation overhead compared to other sophisticated techniques such as dynamic symbolic execution. While fuzz testing has been highly successful in practice, it has been mostly implemented in ad-hoc ways by incorporating a collection of hacks and best practices. As such, fuzz testing techniques usually generate many redundant test inputs and take several days to weeks to find bugs. For complex input formats, such as for random C program inputs for a C compiler, a huge amount of manual tuning is required to make fuzz testing generate valid test inputs. This project proposes to make fuzz testing smarter and more effective by applying machine learning with customizable testing objectives. The proposed techniques will use probabilistic machine learning models, such as n-grams, recurrent neural networks (RNN), recursive neural networks, or multi-armed bandits, to generate inputs from scratch or to mutate a set of seed inputs. The model will be trained in such a way that the inputs generated by it will maximize the custom testing objective. We expect that such a model will generate fewer redundant inputs and can be customized to user-provided testing objectives. This project aims to contribute to the development of reliable, secure, and trustworthy software. The tools and techniques developed in this project will make it easier for programmers to write correct and secure programs.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

近年来，模糊测试已发展为在现实世界软件系统中找到安全漏洞和正确性错误的最有效测试技术之一。 主要软件公司成功使用了它来进行安全测试和质量保证。 最先进的绒毛测试工具在广泛使用的软件中发现了许多安全漏洞和错误，例如Web浏览器，网络工具，图像处理器，流行的系统库，C编译器和口译员。通过为正在测试的程序生成随机输入数据，可以通过生成随机输入数据。 与其他复杂技术（例如动态符号执行）相比，其巨大受欢迎程度背后的关键原因是，它的计算开销较低。 虽然模糊测试在实践中取得了非常成功的效果，但它主要通过纳入骇客和最佳实践来以临时的方式实施。因此，模糊测试技术通常会产生许多冗余测试输入，并需要几天到几周才能找到错误。对于复杂的输入格式，例如用于C编译器的随机C程序输入，需要大量的手动调整才能使模糊测试生成有效的测试输入。 该项目建议通过使用可自定义的测试目标应用机器学习，使模糊测试更聪明，更有效。所提出的技术将使用概率的机器学习模型，例如N-Gram，复发性神经网络（RNN），递归神经网络或多臂匪徒，从划痕或突变一组种子输入来生成输入。 该模型的培训方式将以使其生成的输入将最大化自定义测试目标。我们希望这样的模型会产生更少的冗余输入，并且可以自定义为用户提供的测试目标。该项目旨在为可靠，安全和值得信赖的软件的开发做出贡献。 该项目中开发的工具和技术将使程序员更容易编写正确且安全的程序。该奖项反映了NSF的法定任务，并被认为是值得通过基金会的知识分子优点和更广泛的影响评估标准通过评估来支持的。

项目成果

Quickly Generating Diverse Valid Test Inputs with Reinforcement Learning ICSE 2020

使用强化学习快速生成多样化的有效测试输入 ICSE 2020

• DOI: 10.1145/3380399
• 发表时间: 2020
• 期刊: International conference on software engineering (ICSE'2020
• 作者: Sameer Reddy, Caroline Lemieux

JQF: coverage-guided property-based testing in Java

• DOI: 10.1145/3293882.3339002
• 发表时间: 2019-07
• 期刊: Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis
• 作者: Rohan Padhye;Caroline Lemieux;Koushik Sen

FUZZFACTORY: Domain-Specific Fuzzing with Waypoints

• DOI: 10.1145/3360600
• 发表时间: 2019-10-01
• 期刊: PROCEEDINGS OF THE ACM ON PROGRAMMING LANGUAGES-PACMPL
• 影响因子: 1.8
• 作者: Padhye, Rohan;Lemieux, Caroline;Vijayakumar, Hayawardh
• 通讯作者: Vijayakumar, Hayawardh

VizSmith: Automated Visualization Synthesis by Mining Data-Science Notebooks

• DOI: 10.1109/ase51524.2021.9678696
• 发表时间: 2021-11
• 期刊: 2021 36th IEEE/ACM International Conference on Automated Software Engineering (ASE)
• 作者: Rohan Bavishi;Shadaj Laddad;H. Yoshida;M. Prasad;Koushik Sen

Growing a Test Corpus with Bonsai Fuzzing

• DOI: 10.1109/icse43902.2021.00072
• 发表时间: 2021-03
• 期刊: 2021 IEEE/ACM 43rd International Conference on Software Engineering (ICSE)
• 作者: Vasudev Vikram;Rohan Padhye;Koushik Sen