GRLFuzz: A Fuzz Testing Method for Optimizing Mutation Strategies Based on Reinforcement Learning
摘要
As modern intelligent vehicles become increasingly software-driven, ensuring the security of embedded automotive systems has become a critical concern. Fuzz testing has proven to be one of the most effective techniques for vulnerability discovery. However, traditional fuzzing suffers from randomness, low efficiency, and limited coverage—especially in the context of complex automotive software stacks. To address these challenges, we propose GRLFuzz, a reinforcement learning-based fuzzing framework tailored for binary-level testing in automotive systems. GRLFuzz models mutation position selection as a reinforcement learning task and introduces a grouped relative reward mechanism to eliminate the need for a value network, significantly reducing memory and computational overhead. To further enhance stability, we integrate dual constraints—clipping and KL regularization—during policy updates to prevent drastic shifts and maintain exploration capability. Experimental results on multiple real-world binaries demonstrate that GRLFuzz improves vulnerability discovery rates and testing efficiency while maintaining a lightweight and stable design. This work aligns with automotive cybersecurity standards such as ISO/SAE 21434, and offers a promising direction for applying reinforcement learning to security-critical vehicular software.