TrojanPuzzle: Covertly Poisoning Code-Suggestion Models

Aghakhani, Hojjat; Dai, Wei; Manoel, Andre; Fernandes, Xavier; Kharkar, Anant; Kruegel, Christopher; Vigna, Giovanni; Evans, David; Zorn, Ben; Sim, Robert B.

doi:10.48550/arxiv.2301.02344

Cited by 4 publications

(5 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…T ′ is generated to cause misclassifications. In the proposed backdoor attacks, inspired by works like [17], [18], %poison of V i are poisoned and labelled as non-vulnerable, becoming V P i and modified as follows:…”

Section: E Poisoning Attacksmentioning

confidence: 99%

Software Vulnerability Detection under Poisoning Attacks using CNN-based Image Processing

González-Manzano,

Garcia-Alfaro

2024

Preprint

View full text Add to dashboard Cite

Design flows, code errors, or inadequate countermeasures may occur in software development. Some of them lead to vulnerabilities in the code, opening the door to attacks. Assorted techniques are developed to detect vulnerable code samples, making artificial intelligence techniques, such as Machine Learning (ML), a common practice. Nonetheless, the security of ML is a major concern. This includes the the case of ML-based detection whose training process is affected by data poisoning. More generally, vulnerability detection can be evaded unless poisoning attacks are properly handled. This paper tackles this problem. A novel vulnerability detection system based on ML-based image processing, using Convolutional Neural Network (CNN), is proposed. The system, hereinafter called IVul, is evaluated under the presence of backdoor attacks, a precise type of poisoning in which a pattern is introduced in the training data to alter the expected behavior of the learned models. IVul is evaluated with more than three thousand code samples associated with two representative programming languages (C# and PHP). IVul outperforms other comparable state-of-the-art vulnerability detectors in the literature, reaching 82% to 99% detection accuracy. Besides, results show that the type of attack may affect a particular language more than another, though, in general, PHP is more resilient to proposed attacks than C#.

show abstract

Section: E Poisoning Attacksmentioning

confidence: 99%

Software Vulnerability Detection under Poisoning Attacks using CNN-based Image Processing

González-Manzano,

Garcia-Alfaro

2024

Preprint

View full text Add to dashboard Cite

show abstract

“…[35], [36]. There are other attack types like including a text as a trigger and insecure code for insecure code suggestion [13] or change to ECB encryption mode in a code autocompleter system [11], which are not general but specially crafted for the attacked system. In the field of poisoning, studying attacks detectability is also demanding, being activation clustering and spectral signatures the most common techniques in this regard [12], [41].…”

Section: B Poisoning Attacks In Codementioning

confidence: 99%

“…[8]- [10]) and using a great variety of AI algorithms in the detection process, from the most classical like support vector machines to deep learning ones. In terms of code processing, some studies analyse the effect of poisoning attacks in code summarization [11], code search [12] or code suggestion [13]. Indeed, just [14] deals with some kind of poisoning attacks in the field of vulnerability detection in C programming language and without considering different vulnerability types.…”

Section: Introductionmentioning

confidence: 99%

Vulnerability detection under poisoning attacks through code and token features

González-Manzano,

Garcia-Alfaro

2024

Preprint

View full text Add to dashboard Cite

The complexity of implementations and the interconnection of assorted systems and devices facilitates the emergence of vulnerabilities. Detection systems are developed to fight against this security issue, being the use of Artificial Intelligence (AI) a common practice. However, the use of AI is not without its problems, specially those affecting the training phase. This paper tackles this issue following a two-fold approach. First, an AI-based vulnerability detection system based on code and token metrics, dubbed VulCoT, is developed. It reaches state-of-the-art performance while being suitable for C#, C/C++ and PHP. Second, the impact of poisoning attacks on VulCoT is analysed. Results show that VulCoT is specially affected beyond 20% of false data. Remarkably, detecting some of the most frequent Common Weakness Enumeration is altered even with lower poison rates. Overall, KNN and SVM are more appropriate for system protection in C# and C/C++, while MLP in PHP. Indeed, PHP is the language which is less affected by attacks, while C# and C/C++ present comparable results.

show abstract

“…Döderlein et al [13] highlight the importance of correctly tuning the temperature of a model when using it to generate code. The research led by Aghakhani et al [3] shows that poisoned models suggest insecure code more often as the temperature increases. Our results demonstrate that increasing the temperature also increases the chance of generating slow and inefficient code.…”

Section: Related Workmentioning

confidence: 99%

“…On the other hand, some LLMs are already seamlessly integrated into the developer's IDE as code assistants, like GitHub Copilot, 1 Amazon CodeWhisperer, 2 and Tabnine. 3 There has been a significant amount of work dedicated to comprehending how these LLMs perform in various situations and defining their limits. For instance, several works address the security of the code generated by such models [29,30,33] or the prevalence of bugs in the generations [20].…”

Section: Introductionmentioning

confidence: 99%

A Performance Study of LLM-Generated Code on Leetcode

Coignion,

Quinton,

Rouvoy

2024

Proceedings of the 28th International Conference on Evaluation and Assessment in Software Engineering

View full text Add to dashboard Cite

This study evaluates the efficiency of code generation by Large Language Models (LLMs) and measures their performance against human-crafted solutions using a dataset from Leetcode. We compare 18 LLMs, considering factors such as model temperature and success rate, and their impact on code performance. This research introduces a novel method for measuring and comparing the speed of LLM-generated code, revealing that LLMs produce code with comparable performance, irrespective of the adopted LLM. We also find that LLMs are capable of generating code that is, on average, more efficient than the code written by humans. The paper further discusses the use of Leetcode as a benchmarking dataset, the limitations imposed by potential data contamination, and the platform's measurement reliability. We believe that our findings contribute to a better understanding of LLM capabilities in code generation and set the stage for future optimizations in the field.

show abstract

TrojanPuzzle: Covertly Poisoning Code-Suggestion Models

Cited by 4 publications

References 35 publications

Software Vulnerability Detection under Poisoning Attacks using CNN-based Image Processing

Software Vulnerability Detection under Poisoning Attacks using CNN-based Image Processing

Vulnerability detection under poisoning attacks through code and token features

A Performance Study of LLM-Generated Code on Leetcode

Contact Info

Product

Resources

About