Google Open Sources AI-Aided Fuzzing Framework
05-Mar-24
Google has released its fuzzing framework in open source to boost the ability of developers and researchers to identify vulnerabilities.In an effort to help developers and researchers find vulnerabilities faster, Google has released its AI-aided fuzzing framework in open source.
The tool leverages large language models (LLM) to generate fuzz targets for real-world C and C++ projects and benchmarks them using Google’s OSS-Fuzz service, which has long been the top resource for the automated discovery of vulnerabilities in open source software.
To automate certain aspects of manual fuzz testing, the internet giant started using LLMs in August 2023 “to write project-specific code to boost fuzzing coverage and find more vulnerabilities”, which resulted in a 30% increase in code coverage on more than 300 OSS-Fuzz C/C++ projects.
