Towards Intelligent Fuzzing: Leveraging Large Language Models for Improved Software Security
摘要
Proving the security and robustness of software systems is a longstanding challenge in computer science and cybersecurity, particularly when programs are exposed to unexpected or invalid inputs that could trigger vulnerabilities. Fuzz testing has become an effective method to evaluate software resilience by generating arbitrary inputs. However, traditional fuzzing approaches require substantial manual effort, including selecting a fuzzing framework, crafting suitable targets, and optimizing input generation to achieve desired coverage levels. This research investigates the potential of large language models (LLMs) as a generative tool to automate key fuzz testing processes, reducing manual overhead while enhancing coverage and effectiveness. By analyzing the applicability of LLMs to fuzz testing, this study highlights emerging trends, presents successful methodologies, and discusses the opportunities for improving software reliability and security through a more adaptive, intelligent approach to input generation. Additionally, this work explores the integration of multiple LLMs, the use of prompt engineering, and the potential for LLM-driven bug detection and remediation, offering new insights into advancing fuzz testing practices.