CalvinBackup/agentic_security
1
0
Fork 0
mirror of https://github.com/msoedov/agentic_security.git synced 2026-06-24 22:29:56 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
126bf11b6384edf82886235452f4ea3bef786f90
agentic_security/docs/optimizer.md
T
Alexander Myasoedov 5db9676837 feat(Add more docs for bayesian optimizer):
2025-01-26 12:29:29 +02:00

79 lines
2.4 KiB
Markdown
Raw Blame History

# Bayesian Optimization in Security Fuzzing
The fuzzer implements an optimization system using scikit-optimize (skopt) to minimize failure rates during security scans. This document explains the optimizer's implementation and behavior.
## Overview
The optimizer is used in both single-shot and many-shot scanning modes when the `optimize` parameter is True. It dynamically adjusts scan parameters to minimize failure rates while staying within budget constraints.
## Implementation Details
### Initialization
The optimizer is initialized with:
```python
Optimizer(
[Real(0, 1)], # Single parameter space (0 to 1)
base_estimator="GP", # Gaussian Process estimator
n_initial_points=25 # Initial exploration points
)
```
### Optimization Process
1. **Parameter Space**: A single real-valued parameter between 0 and 1
1. **Objective**: Minimize the failure rate (negative failure rate is maximized)
1. **Update Mechanism**:
```python
next_point = optimizer.ask()
optimizer.tell(next_point, -failure_rate)
```
1. **Early Stopping**: If best failure rate exceeds 50%:
```python
if best_failure_rate > 0.5:
yield ScanResult.status_msg(
f"High failure rate detected ({best_failure_rate:.2%}). Stopping this module..."
)
break
```
## Usage in Scanning
The optimizer is integrated into both scan types:
### Single-shot Scan
- Used in `perform_single_shot_scan()`
- Optimizes failure rates across prompt modules
- Considers token budget constraints
### Many-shot Scan
- Used in `perform_many_shot_scan()`
- Handles more complex multi-step attacks
- Maintains separate failure rate tracking
## Key Parameters
| Parameter | Description |
|-----------|-------------|
| base_estimator | Gaussian Process (GP) used for optimization |
| n_initial_points | 25 initial exploration points |
| Real(0, 1) | Single parameter space being optimized |
| failure_rate | Current failure rate being minimized |
## Optimization Flow
1. Initialize optimizer with GP estimator
1. Collect initial 25 data points
1. For each prompt:
- Calculate current failure rate
- Update optimizer with new point
- Check for early stopping conditions
1. Continue until scan completes or budget exhausted
## Error Handling
The optimizer is wrapped in try/except blocks to ensure scan failures don't crash the entire process. Any optimization errors are logged and the scan continues with default parameters.
Reference in New Issue View Git Blame Copy Permalink