The mutation-based greybox fuzz testing technique is one of the widely used dynamic vulnerability detection techniques. It generates testcases for testing by mutating input seeds. In the process of fuzz testing, the s...
详细信息
The mutation-based greybox fuzz testing technique is one of the widely used dynamic vulnerability detection techniques. It generates testcases for testing by mutating input seeds. In the process of fuzz testing, the seed scheduling strategy and energy scheduling strategy impact the test results and efficiency. Existing seed scheduling strategies, however, only consider a few specific seed attributes and ignore contextual information during seed execution. This oversight makes it challenging to prioritize the selection of suitable seeds based on historical fuzz test results. Meanwhile, current methods for calculating coverage lack evaluation of software paths, which makes it easy to waste time on testing high-frequency and low-risk paths. This article proposes a new greybox fuzzing scheme, LinFuzz, which transforms the seed scheduling problem into a contextual multi-armed bandit machine model. It utilizes the linucb algorithm to assess the value of seeds for scheduling by considering their historical execution information. At the same time, LinFuzz improves the calculation method for fuzz testing path rewards and the seed energy scheduling algorithm. It allocates more energy for testing low-frequency paths in the testing program, thereby enhancing the efficiency of exploration and the path coverage ability of the testing tool. This article evaluated the proposed LinFuzz on 12 real programs in comparison with other open-source tools such as AFL, AFLFast, FairFuzz, Neuzz, etc. The results show that under the same testing time budget, LinFuzz outperforms other tools in terms of vulnerability discovery quantity and code coverage ability. Compared with complex fuzz testing optimization algorithms, LinFuzz has lower memory consumption and time complexity.
As Internet technology continues to evolve, recommender systems have become an integral part of daily life. However, traditional methods are increasingly falling short of meeting evolving user expectations. Utilizing ...
详细信息
As Internet technology continues to evolve, recommender systems have become an integral part of daily life. However, traditional methods are increasingly falling short of meeting evolving user expectations. Utilizing survey data from the MovieLens dataset, a comparative approach was employed to investigate the efficacy, performance, and applicability of the UCB(Upper Confidence Bound) algorithm in addressing the multi-armed bandit problem. The study reveals that the UCB algorithm significantly impacts the cumulative regret value, indicating its robust performance in the multi-armed bandit setting. Furthermore, linucb—an enhanced version of the UCB algorithm—exhibits exceptional overall performance. The algorithm's efficiency is not just limited to the regret value but extends to handling high-dimensional feature spaces and delivering personalized recommendations. Unlike traditional UCB algorithms,linucb adapts more fluidly to high-dimensional environments by leveraging a linear model to simulate the reward function associated with each arm. This adaptability makes linucb particularly effective for complex, feature-rich recommendation scenarios. The performance of the UCB algorithm is also contingent upon parameter selection, making this an important factor to consider in practical implementations. Overall, both UCB and its modified version, linucb,present compelling solutions for the challenges faced by modern recommender systems.
暂无评论