Treffer: Defect prediction guided greybox fuzz testing.

Fuzz testing is an established automated technique for detecting defects in software by generating test cases randomly or semi-randomly. The escalating complexity of software functionalities makes comprehensive testing more arduous. Research indicates that the distribution of defects in software often exhibits a clustering effect. By predicting the distribution of defects in software based on static properties of code, historical data, or other information of software, defect prediction optimizes the allocation of testing resources, particularly improving the effectiveness of fuzz testing tools by focusing on testing modules with higher defect proneness. To this end, this paper introduces a greybox fuzz testing approach named DPFuzz, which integrates the advantages of defect prediction and fuzz testing to generate test cases with increased specificity for detecting defects. As an extension plugin for fuzz testing tools, DPFuzz can seamlessly integrate with various fuzzing tools. Experiments are conducted on 12 open-source software under test, and the results demonstrate that DPFuzz effectively improves the performance of fuzz testing, which is evidenced by an increase of up to 18.6% in the number of unique crashes triggered, the study validates the correlation between defects detected by fuzz testing and defect prediction results, affirming the practical application value of defect prediction. [Display omitted] [ABSTRACT FROM AUTHOR]

Copyright of Journal of Systems & Software is the property of Elsevier B.V. and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)