Since the past few months, I have been really immersed in software security and found source code analysis as a really interesting domain under which I wanted to pursue further research. I have the following research idea and needed validation from fellow DL enthusiast Redditors if the idea is even feasible.

Idea :

Create a GAN that can help generate test cases that can break/crash/exploit the given source code. The idea revolves around the fact that the Generator will help generate the test cases and the discriminator will evaluate the test case and score the generator on the basis the number of branches of computation that the generator is visiting, i.e. score the output of the generator on basis of the code coverage attained by the output of the generator.

While thinking about this idea I also realized that string input generation can become a problem where the inputs to evaluate can explode. And currently, I don’t know how I can circumvent such a problem.

I wanted to validate this research idea before I dive further into how it can be done.