The importance of addressing security vulnerabilities is indisputable, with software becoming crucial in sectors such as national defense and finance. Consequently, The security issues caused by software vulnerabilities cannot be ignored. Fuzz testing is an automated software testing technology that can detect vulnerabilities in the software. However, most previous fuzzers encounter challenges that fuzzing performance is sensitive to initial input seeds. In the absence of high-quality initial input seeds, fuzzers may expend significant resources on program path exploration, leading to a substantial decrease in the efficiency of vulnerability detection. To address this issue, we propose WGAN-AFL. By collecting high-quality testcases, we train a generative adversarial network (GAN) to learn their features, thereby obtaining high-quality initial input seeds. To overcome drawbacks like mode collapse and training instability inherent in GANs, we utilize the Wasserstein GAN (WGAN) architecture for training, further enhancing the quality of the generated seeds. Experimental results demonstrate that WGAN-AFL significantly outperforms the original AFL in terms of code coverage, new paths, and vulnerability discovery, demonstrating the effective enhancement of seed quality by WGAN-AFL.

翻译：解决安全漏洞的重要性毋庸置疑，随着软件在国防、金融等领域的应用日益关键，软件漏洞引发的安全问题不容忽视。模糊测试是一种能够检测软件漏洞的自动化软件测试技术。然而，现有大多数模糊测试工具面临一个挑战：其测试性能对初始输入种子高度敏感。当缺乏高质量初始输入种子时，模糊测试工具可能耗费大量资源进行程序路径探索，导致漏洞检测效率显著下降。为解决这一问题，我们提出WGAN-AFL。通过收集高质量测试用例，训练生成对抗网络（GAN）学习其特征，从而获得高质量初始输入种子。为克服GAN固有的模式坍塌和训练不稳定等缺陷，我们采用Wasserstein GAN（WGAN）架构进行训练，进一步提升了生成种子的质量。实验结果表明，WGAN-AFL在代码覆盖率、新路径发现和漏洞检测方面均显著优于原始AFL，证明了WGAN-AFL对种子质量的有效提升。