English

BertRLFuzzer: A BERT and Reinforcement Learning Based Fuzzer

Software Engineering 2024-10-02 v5 Cryptography and Security Machine Learning

Abstract

We present a novel tool BertRLFuzzer, a BERT and Reinforcement Learning (RL) based fuzzer aimed at finding security vulnerabilities for Web applications. BertRLFuzzer works as follows: given a set of seed inputs, the fuzzer performs grammar-adhering and attack-provoking mutation operations on them to generate candidate attack vectors. The key insight of BertRLFuzzer is the use of RL with a BERT model as an agent to guide the fuzzer to efficiently learn grammar-adhering and attack-provoking mutation operators. In order to establish the efficacy of BertRLFuzzer we compare it against a total of 13 black box and white box fuzzers over a benchmark of 9 victim websites with over 16K LOC. We observed a significant improvement relative to the nearest competing tool in terms of time to first attack (54% less), new vulnerabilities found (17 new vulnerabilities), and attack rate (4.4% more attack vectors generated).

Keywords

Cite

@article{arxiv.2305.12534,
  title  = {BertRLFuzzer: A BERT and Reinforcement Learning Based Fuzzer},
  author = {Piyush Jha and Joseph Scott and Jaya Sriram Ganeshna and Mudit Singh and Vijay Ganesh},
  journal= {arXiv preprint arXiv:2305.12534},
  year   = {2024}
}
R2 v1 2026-06-28T10:40:37.197Z