Survey on Fuzzing Techniques in Deep Learning Libraries.

The irreversible tendency to empower the industry with deep learning (DL) capabilities is rising new security challenges. A DL-based system will be vulnerable to serious attacks if the vulnerabilities of underlying DL libraries (e.g. Tensorflow, PyTorch) are exploited. It is crucial to test the DL library to bridge the gap between security requirements and deployment urgency. This paper provides a comprehensive overview of fuzzing techniques used in deep learning (DL) libraries. It elucidates the evolution of these techniques, discussing various methodologies including CARDLE, Audee, LEMON, Muffin, DocTer, FreeFuzz, DeepREL, IvySyn, and the more recent, TitanFuzz. While these methods have significantly enhanced the reliability of DL libraries, several challenges persist. Most notably, there is a need for more diverse API sequences and improved handling of sequences of chained APIs, which often induce bugs. We also discuss the potential of large language models in generating input programs for fuzzing DL libraries, while noting the need for further research to fully explore their generalizability and efficacy. The paper concludes with an emphasis on the importance of advancing fuzzing techniques to enhance the robustness of DL libraries, a critical factor in driving the next wave of advancements in artificial intelligence and deep learning.