Every novel technology adds hidden vulnerabilities ready to be exploited by a growing number of cyber-attacks. Automated software testing can be a promising solution to quickly analyze thousands of lines of code by generating and slightly modifying function-specific testing data to encounter a multitude of vulnerabilities and attack vectors. This process draws similarities to the constrained adversarial examples generated by adversarial learning methods, so there could be significant benefits to the integration of these methods in automated testing tools. Therefore, this systematic review is focused on the current state-of-the-art of constrained data generation methods applied for adversarial learning and software testing, aiming to guide researchers and developers to enhance testing tools with adversarial learning methods and improve the resilience and robustness of their digital systems. The found constrained data generation applications for adversarial machine learning were systematized, and the advantages and limitations of approaches specific for software testing were thoroughly analyzed, identifying research gaps and opportunities to improve testing tools with adversarial attack methods.
翻译:自动软件测试可成为一个很有希望的解决方案,通过生成和略微修改特定功能的测试数据,快速分析数千行代码,以适应多种脆弱性和攻击矢量,从而应对多种脆弱性和攻击矢量。这一过程与对抗式学习方法产生的有限的对抗性实例相似,因此,将这些方法纳入自动测试工具将有很大益处。因此,系统审查的重点是用于对抗式学习和软件测试的限制性数据生成方法的现状,目的是指导研究人员和开发人员用对抗式学习方法加强测试工具,提高数字系统的复原力和稳健性。发现用于对抗性机器学习的有限数据生成应用程序已经系统化,对软件测试特定方法的优势和局限性进行了彻底分析,找出研究差距和机会,用对抗性攻击方法改进测试工具。</s>