학술논문
NNTailor: A Neural Network-Driven Fuzzer for DataBase Management Systems
Document Type
Conference
Source
2024 IEEE 36th International Conference on Tools with Artificial Intelligence (ICTAI) ICTAI Tools with Artificial Intelligence (ICTAI), 2024 IEEE 36th International Conference on. :564-572 Oct, 2024
Subject
Language
ISSN
2375-0197
Abstract
DataBase Management Systems (DBMS) are essential software for efficient data storage, management, and analysis, playing a crucial role in modern data-intensive applications. Vulnerabilities in DBMS can significantly threaten data security and application functionality, impacting millions of software systems. While fuzz testing(fuzzing) is a prevalent technique for uncovering DBMS vulnerabilities, there is limited research on employing Neural Network Language Models (NNLMs) for this purpose. This paper introduces NNTailor, a novel approach using NNLMs based on AST code fragments for DBMS fuzzing. A key advantage of this method is its effectiveness in black-box testing scenarios. We evaluated NNTailor on SQLite and PostgreSQL, demonstrating its capability to generate effective SQL test cases.