Semantic mutation strategy in grey-box fuzzing

With the advancement of modern information technology, dynamic analysis is becoming an essential part of software development. Fuzz testing is one of the most efficient and widely used techniques in this field. The core idea behind this approach is to input a large amount of random data into the program under the test. Mutation-based fuzzing tools generate test data by applying modifications (mutations) to successful variants that have already been identified, thus increasing the number of detected behaviors and code coverage. A common mutation strategy is to randomly select a mutation operator with a predefined probability. This paper proposes a method to improve the effectiveness of mutation fuzzing through an adaptive mutation selection strategy. This approach was tested on commonly used Java packages and showed a statistically significant improvement in the number of errors detected and the diversity of program behaviors (execution traces).