Revealing inputs causing web API performance latency using response-time-guided genetic algorithm fuzzing

IF 0.8 Q4 ROBOTICS

Artificial Life and Robotics Pub Date : 2024-08-02 DOI:10.1007/s10015-024-00957-4

Ying-Tzu Huang, Shin-Jie Lee

{"title":"Revealing inputs causing web API performance latency using response-time-guided genetic algorithm fuzzing","authors":"Ying-Tzu Huang, Shin-Jie Lee","doi":"10.1007/s10015-024-00957-4","DOIUrl":null,"url":null,"abstract":"<div><p>Web APIs are integral to modern web development, enabling service integration and automation. Ensuring their performance and functionality is critical, yet performance testing is less explored due to the difficulty in detecting performance bugs. This paper presents a response time-guided genetic algorithm (GA) fuzzing approach to uncover web API performance latency in a black-box setting. Unlike traditional random input generation, our method uses GA to refine inputs through crossover and mutation, guided by response time-based fitness. We propose two seed generation methods: pairwise combinatorial testing using Mircosoft’s Pairwise Independent Combinatorial Testing (PICT) and randomly paired combinations. We compared our method with classic random fuzzing. Experiments on five real-world web APIs show that our approach significantly outperforms classic random fuzzing, identifying inputs with response times 1.5 to 26.3 times longer. Additionally, PICT-generated seeds demonstrated superior performance compared to randomly-paired combinations in 2 out of 5 APIs. Our findings highlight the potential of GA-based fuzzing to reveal web API performance latency, advocating for further research in this area.</p></div>","PeriodicalId":46050,"journal":{"name":"Artificial Life and Robotics","volume":null,"pages":null},"PeriodicalIF":0.8000,"publicationDate":"2024-08-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Artificial Life and Robotics","FirstCategoryId":"1085","ListUrlMain":"https://link.springer.com/article/10.1007/s10015-024-00957-4","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"ROBOTICS","Score":null,"Total":0}

引用次数: 0

Abstract

Web APIs are integral to modern web development, enabling service integration and automation. Ensuring their performance and functionality is critical, yet performance testing is less explored due to the difficulty in detecting performance bugs. This paper presents a response time-guided genetic algorithm (GA) fuzzing approach to uncover web API performance latency in a black-box setting. Unlike traditional random input generation, our method uses GA to refine inputs through crossover and mutation, guided by response time-based fitness. We propose two seed generation methods: pairwise combinatorial testing using Mircosoft’s Pairwise Independent Combinatorial Testing (PICT) and randomly paired combinations. We compared our method with classic random fuzzing. Experiments on five real-world web APIs show that our approach significantly outperforms classic random fuzzing, identifying inputs with response times 1.5 to 26.3 times longer. Additionally, PICT-generated seeds demonstrated superior performance compared to randomly-paired combinations in 2 out of 5 APIs. Our findings highlight the potential of GA-based fuzzing to reveal web API performance latency, advocating for further research in this area.

Abstract Image

查看原文本刊更多论文

利用响应时间引导遗传算法模糊法揭示导致网络应用程序接口性能延迟的输入信息

网络应用程序接口（Web API）是现代网络开发不可或缺的一部分，它实现了服务集成和自动化。确保其性能和功能至关重要，但由于性能缺陷难以检测，性能测试的探索较少。本文提出了一种响应时间引导遗传算法（GA）模糊方法，用于在黑盒设置中发现网络应用程序接口的性能延迟。与传统的随机输入生成不同，我们的方法使用遗传算法，在基于响应时间的适配性指导下，通过交叉和突变来完善输入。我们提出了两种种子生成方法：使用 Mircosoft 的配对独立组合测试 (PICT) 进行配对组合测试和随机配对组合。我们将我们的方法与经典的随机模糊法进行了比较。在五个真实世界网络应用程序接口上进行的实验表明，我们的方法明显优于传统随机模糊法，识别输入的响应时间比传统随机模糊法长 1.5 到 26.3 倍。此外，在 5 个应用程序接口中的 2 个中，PICT 生成的种子比随机配对的组合表现出更优越的性能。我们的研究结果凸显了基于 GA 的模糊测试在揭示网络 API 性能延迟方面的潜力，从而推动了这一领域的进一步研究。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Artificial Life and Robotics ROBOTICS-

CiteScore

2.00

自引率

22.20%

发文量

101

期刊介绍： Artificial Life and Robotics is an international journal publishing original technical papers and authoritative state-of-the-art reviews on the development of new technologies concerning artificial life and robotics, especially computer-based simulation and hardware for the twenty-first century. This journal covers a broad multidisciplinary field, including areas such as artificial brain research, artificial intelligence, artificial life, artificial living, artificial mind research, brain science, chaos, cognitive science, complexity, computer graphics, evolutionary computations, fuzzy control, genetic algorithms, innovative computations, intelligent control and modelling, micromachines, micro-robot world cup soccer tournament, mobile vehicles, neural networks, neurocomputers, neurocomputing technologies and applications, robotics, robus virtual engineering, and virtual reality. Hardware-oriented submissions are particularly welcome. Publishing body: International Symposium on Artificial Life and RoboticsEditor-in-Chiei: Hiroshi Tanaka Hatanaka R Apartment 101, Hatanaka 8-7A, Ooaza-Hatanaka, Oita city, Oita, Japan 870-0856 ©International Symposium on Artificial Life and Robotics