CalvinBackup/agentic_security
1
0
Fork 0
mirror of https://github.com/msoedov/agentic_security.git synced 2026-06-26 15:19:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat(Add more docs for bayesian optimizer):

Browse Source
This commit is contained in:
Alexander Myasoedov
2025-01-26 12:29:29 +02:00
parent 83e5362501
commit 5db9676837
3 changed files with 199 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/optimizer.md
+78
View File
@@ -0,0 +1,78 @@
# Bayesian Optimization in Security Fuzzing
The fuzzer implements an optimization system using scikit-optimize (skopt) to minimize failure rates during security scans. This document explains the optimizer's implementation and behavior.
## Overview
The optimizer is used in both single-shot and many-shot scanning modes when the `optimize` parameter is True. It dynamically adjusts scan parameters to minimize failure rates while staying within budget constraints.
## Implementation Details
### Initialization
The optimizer is initialized with:
```python
Optimizer(
[Real(0, 1)], # Single parameter space (0 to 1)
base_estimator="GP", # Gaussian Process estimator
n_initial_points=25 # Initial exploration points
)
```
### Optimization Process
1. **Parameter Space**: A single real-valued parameter between 0 and 1
1. **Objective**: Minimize the failure rate (negative failure rate is maximized)
1. **Update Mechanism**:
```python
next_point = optimizer.ask()
optimizer.tell(next_point, -failure_rate)
```
1. **Early Stopping**: If best failure rate exceeds 50%:
```python
if best_failure_rate > 0.5:
yield ScanResult.status_msg(
f"High failure rate detected ({best_failure_rate:.2%}). Stopping this module..."
)
break
```
## Usage in Scanning
The optimizer is integrated into both scan types:
### Single-shot Scan
- Used in `perform_single_shot_scan()`
- Optimizes failure rates across prompt modules
- Considers token budget constraints
### Many-shot Scan
- Used in `perform_many_shot_scan()`
- Handles more complex multi-step attacks
- Maintains separate failure rate tracking
## Key Parameters
| Parameter | Description |
|-----------|-------------|
| base_estimator | Gaussian Process (GP) used for optimization |
| n_initial_points | 25 initial exploration points |
| Real(0, 1) | Single parameter space being optimized |
| failure_rate | Current failure rate being minimized |
## Optimization Flow
1. Initialize optimizer with GP estimator
1. Collect initial 25 data points
1. For each prompt:
- Calculate current failure rate
- Update optimizer with new point
- Check for early stopping conditions
1. Continue until scan completes or budget exhausted
## Error Handling
The optimizer is wrapped in try/except blocks to ensure scan failures don't crash the entire process. Any optimization errors are logged and the scan continues with default parameters.