Vulnerabilities in AI Code Generators: Exploring Targeted Data Poisoning Attacks

Add code
Aug 04, 2023
Domenico Cotroneo, Cristina Improta, Pietro Liguori, Roberto Natella
Figure 1 for Vulnerabilities in AI Code Generators: Exploring Targeted Data Poisoning Attacks
Figure 2 for Vulnerabilities in AI Code Generators: Exploring Targeted Data Poisoning Attacks
Figure 3 for Vulnerabilities in AI Code Generators: Exploring Targeted Data Poisoning Attacks
Figure 4 for Vulnerabilities in AI Code Generators: Exploring Targeted Data Poisoning Attacks

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

In this work, we assess the security of AI code generators via data poisoning, i.e., an attack that injects malicious samples into the training data to generate vulnerable code. We poison the training data by injecting increasing amounts of code containing security vulnerabilities and assess the attack's success on different state-of-the-art models for code generation. Our analysis shows that AI code generators are vulnerable to even a small amount of data poisoning. Moreover, the attack does not impact the correctness of code generated by pre-trained models, making it hard to detect.

View paper onarxiv icon

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon