The power of fuzz testing lies in its random, often brute-force, generation and execution of inputs to trigger unexpected behaviors and vulnerabilities in software applications. However, given the reality of infinite possible input sequences, pursuing all test combinations would not only be computationally expensive, but practically impossible. Approximate Bayesian Computation (ABC), a form of Bayesian simulation, represents a novel, probabilistic approach to addressing this problem. The parameter space for working with these types of problems is effectively infinite, and the application of these techniques is untested in relevant literature. We use a relaxed, manual implementation of two ABC methods, a Sequential Monte Carlo (SMC) simulation, and a Markov Chain Monte Carlo (MCMC) simulation. We found promising results with the SMC posterior and mixed results with MCMC posterior distributions on our white-box fuzz-test function.

翻译：模糊测试的能力在于其随机性，通常通过暴力生成并执行输入来触发软件应用中的意外行为和漏洞。然而，面对理论上无限的输入序列可能性，穷尽所有测试组合不仅计算成本高昂，而且实际上不可行。近似贝叶斯计算（ABC）作为一种贝叶斯模拟方法，为解决该问题提供了一种新颖的概率方法。处理此类问题的参数空间实际上无限大，且相关文献中尚未验证这些技术的应用。我们采用两种ABC方法的松弛手动实现：序贯蒙特卡洛（SMC）模拟与马尔可夫链蒙特卡洛（MCMC）模拟。实验表明，SMC后验分布在我方白盒模糊测试函数上表现出显著潜力，而MCMC后验分布的结果则喜忧参半。