Iterative Generation of Adversarial Example for Deep Code Models
Deep code models are vulnerable to adversarial attacks, making it possible for semantically identical inputs to trigger different responses. Current black-box attack methods typically prioritize the impact of identifiers on the model based on custom importance scores or program context and increment...
Uložené v:
| Vydané v: | Proceedings / International Conference on Software Engineering s. 2213 - 2224 |
|---|---|
| Hlavní autori: | , , |
| Médium: | Konferenčný príspevok.. |
| Jazyk: | English |
| Vydavateľské údaje: |
IEEE
26.04.2025
|
| Predmet: | |
| ISSN: | 1558-1225 |
| On-line prístup: | Získať plný text |
| Tagy: |
Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
|
| Abstract | Deep code models are vulnerable to adversarial attacks, making it possible for semantically identical inputs to trigger different responses. Current black-box attack methods typically prioritize the impact of identifiers on the model based on custom importance scores or program context and incrementally replace identifiers to generate adversarial examples. However, these methods often fail to fully leverage feedback from failed attacks to guide subsequent attacks, resulting in problems such as local optima bias and efficiency dilemmas. In this paper, we introduce ITGen, a novel black-box adversarial example generation method that iteratively utilizes feedback from failed attacks to refine the generation process. It employs a bitvectorbased representation of code variants to mitigate local optima bias. By integrating these bit vectors with feedback from failed attacks, ITGen uses an enhanced Bayesian optimization framework to efficiently predict the most promising code variants, significantly reducing the search space and thus addressing the efficiency dilemma. We conducted experiments on a total of nine deep code models for both understanding and generation tasks, demonstrating ITGen's effectiveness and efficiency, as well as its ability to enhance model robustness through adversarial finetuning. For example, on average, ITGen improves the attack success rate by 47.98 % and 69.70 % over the state-of-the-art techniques (i.e., ALERT and BeamAttack), respectively. |
|---|---|
| AbstractList | Deep code models are vulnerable to adversarial attacks, making it possible for semantically identical inputs to trigger different responses. Current black-box attack methods typically prioritize the impact of identifiers on the model based on custom importance scores or program context and incrementally replace identifiers to generate adversarial examples. However, these methods often fail to fully leverage feedback from failed attacks to guide subsequent attacks, resulting in problems such as local optima bias and efficiency dilemmas. In this paper, we introduce ITGen, a novel black-box adversarial example generation method that iteratively utilizes feedback from failed attacks to refine the generation process. It employs a bitvectorbased representation of code variants to mitigate local optima bias. By integrating these bit vectors with feedback from failed attacks, ITGen uses an enhanced Bayesian optimization framework to efficiently predict the most promising code variants, significantly reducing the search space and thus addressing the efficiency dilemma. We conducted experiments on a total of nine deep code models for both understanding and generation tasks, demonstrating ITGen's effectiveness and efficiency, as well as its ability to enhance model robustness through adversarial finetuning. For example, on average, ITGen improves the attack success rate by 47.98 % and 69.70 % over the state-of-the-art techniques (i.e., ALERT and BeamAttack), respectively. |
| Author | Huang, Li Yan, Meng Sun, Weifeng |
| Author_xml | – sequence: 1 givenname: Li surname: Huang fullname: Huang, Li email: lee.h@cqu.edu.cn organization: School of Big Data and Software Engineering, Chongqing University,Chongqing,China – sequence: 2 givenname: Weifeng surname: Sun fullname: Sun, Weifeng email: weifeng.sun@cqu.edu.cn organization: School of Big Data and Software Engineering, Chongqing University,Chongqing,China – sequence: 3 givenname: Meng surname: Yan fullname: Yan, Meng email: mengy@cqu.edu.cn organization: School of Big Data and Software Engineering, Chongqing University,Chongqing,China |
| BookMark | eNotkM9Kw0AYxFdRsK19gx72BRL3_-a7WWJaA5UequeyyX4LkTQJm1D07Q3qZWYOw_BjluSu6zskZMNZyjmDpzI_FVpLZVPBhE4ZY5m5IWuwkEnJNdMG-C1ZcK2zhAuhH8hyHD_nmlEAC_JcThjd1FyR7rH7jX1H-0C3_opxdLFxLS2-3GVokYY-0hfEgea9R_o2Szs-kvvg2hHX_74iH7viPX9NDsd9mW8PiROGTQmH2tsgZ06cOYXxtYKqdlCpYLmqAL21lVB1xY22zjsTOHgWlA0-szUTckU2f7sNIp6H2Fxc_D7PFwjImJE_aj9Lwg |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IH CBEJK RIE RIO |
| DOI | 10.1109/ICSE55347.2025.00086 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan (POP) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP) 1998-present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 9798331505691 |
| EISSN | 1558-1225 |
| EndPage | 2224 |
| ExternalDocumentID | 11029806 |
| Genre | orig-research |
| GroupedDBID | -~X .4S .DC 29O 5VS 6IE 6IF 6IH 6IK 6IL 6IM 6IN 8US AAJGR AAWTH ABLEC ADZIZ ALMA_UNASSIGNED_HOLDINGS ARCSS AVWKF BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO EDO FEDTE I-F IEGSK IJVOP IPLJI M43 OCL RIE RIL RIO |
| ID | FETCH-LOGICAL-a260t-19cd7f3347e20226dc49bca9b4f714b9ed77b24cb1657ada6f19d0f47fd87c023 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 0 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=001538318100173&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| IngestDate | Wed Aug 27 01:40:07 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-a260t-19cd7f3347e20226dc49bca9b4f714b9ed77b24cb1657ada6f19d0f47fd87c023 |
| PageCount | 12 |
| ParticipantIDs | ieee_primary_11029806 |
| PublicationCentury | 2000 |
| PublicationDate | 2025-April-26 |
| PublicationDateYYYYMMDD | 2025-04-26 |
| PublicationDate_xml | – month: 04 year: 2025 text: 2025-April-26 day: 26 |
| PublicationDecade | 2020 |
| PublicationTitle | Proceedings / International Conference on Software Engineering |
| PublicationTitleAbbrev | ICSE |
| PublicationYear | 2025 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0006499 |
| Score | 2.2899218 |
| Snippet | Deep code models are vulnerable to adversarial attacks, making it possible for semantically identical inputs to trigger different responses. Current black-box... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 2213 |
| SubjectTerms | Adversarial Example Bayes methods Closed box Codes Context modeling Deep Code Model Iterative Generation Iterative methods Optimization Robustness Software engineering Vectors |
| Title | Iterative Generation of Adversarial Example for Deep Code Models |
| URI | https://ieeexplore.ieee.org/document/11029806 |
| WOSCitedRecordID | wos001538318100173&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV09T8MwELWgYmAqH0V8ywNraJw4_tiQSiu6VJUAqVvl-M4SEkqqpq34-dhuWlgY2KwMjnzJ-flsv_cIeVACcjSpSUwhVOLx2KeUY5BYXw2hlZznpYpmE3IyUbOZnrZk9ciFQcR4-QwfQzOe5UNt12GrrO-hKtMqCGwfSim2ZK39tCv82r3lxrFU98eD12FR5Fz6GjAL-yZpoEv_clCJADLq_vPVJ6T3Q8Wj0z3InJIDrM5Id-fFQNvUPCdP4yiP7OcuulWSDgGntaPRcbkx4T-jwy8TxICpX6jSZ8QFHdSANNihfTY98j4avg1ektYdITG-BlklTFuQLvcjRD_CTIDlurRGl9xJxkuNIGWZcVsyUUgDRjimIXVcOlDSeqi-IJ2qrvCSUOd70MrqwmGQBANlHcsBWGrBoE7hivRCROaLrQDGfBeM6z-e35DjEPRw6JKJW9JZLdd4R47sZvXRLO_jZ_sGiUuZJA |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1NSwMxEA1SBT3Vj4r1Mwevaze72U1yE2pLi7UUrNBbyWYmIEi39EP8-Sbptnrx4G3Zwy6ZZPIySd57hNzLHFLUsY50lsvI4bFLKcsgMq4aQiM4TwsZzCbEcCgnEzWqyOqBC4OI4fIZPvjHcJYPpVn7rbKWg6pESS-wvZ9xnsQbutZu4s3d6r1ix7FYtfrt106WpVy4KjDxOyexJ0z_8lAJENKt__Pnx6TxQ8ajox3MnJA9nJ2S-taNgVbJeUYe-0Eg2c1edKMl7UNOS0uD5_JS-5FGO1_aywFTt1SlT4hz2i4BqTdE-1g2yFu3M273osofIdKuCllFTBkQNnUtRNfCJAfDVWG0KrgVjBcKQYgi4aZgeSY06NwyBbHlwoIUxoH1OanNyhleEGrdF5Q0KrPoRcFAGstSABYb0KhiaJKGj8h0vpHAmG6DcfnH-zty2Bu_DKaD_vD5ihz5DvBHMEl-TWqrxRpvyIH5XL0vF7ehC78BsN6caw |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=Proceedings+%2F+International+Conference+on+Software+Engineering&rft.atitle=Iterative+Generation+of+Adversarial+Example+for+Deep+Code+Models&rft.au=Huang%2C+Li&rft.au=Sun%2C+Weifeng&rft.au=Yan%2C+Meng&rft.date=2025-04-26&rft.pub=IEEE&rft.eissn=1558-1225&rft.spage=2213&rft.epage=2224&rft_id=info:doi/10.1109%2FICSE55347.2025.00086&rft.externalDocID=11029806 |