Attribution-guided Adversarial Code Prompt Generation for Code Completion Models
Large language models have made significant progress in code completion, which may further remodel future software development. However, these code completion models are found to be highly risky as they may introduce vulnerabilities unintentionally, or being induced by a special input, i.e., adversarial code prompt. Prior studies mainly focus on the robustness of these models, but their security has not been fully analyzed. In this paper, we propose a novel approach ADVPRO that can automatically generate adversarial code prompts for these code completion models. ADVPRO incorporates 14 code mutation strategies at the granularity of five levels. The mutation strategies are ensured to make no modifications to code semantics, which should be insensitive to the models. Moreover, we leverage gradient attribution to localize the important code as mutation points, and speed up adversarial prompt generation. Extensive experiments are conducted on 13 state-of-the-art models belonging to 7 families. The results show that our approach can effectively generate adversarial prompts, with an increased rate of 69.6% beyond the baseline ALERT. By comparing the results of attribution-guided localization, we find that the recognition results of important tokens in input codes are almost identical among different models. This finding reduces the limitation of using open-source alternative models to guide adversarial attacks against closed-source models. The results of the ablation study on the components of ADVPRO show that CCMs focus on variable names, but other structures are equally crucial.
Thu 31 OctDisplayed time zone: Pacific Time (US & Canada) change
15:30 - 16:30 | Code completionResearch Papers / NIER Track at Compagno Chair(s): Baishakhi Ray Columbia University, New York; AWS AI Lab | ||
15:30 15mTalk | Attribution-guided Adversarial Code Prompt Generation for Code Completion Models Research Papers Xueyang Li Institute of Information Engineering, Chinese Academy of Sciences, China, Guozhu Meng Institute of Information Engineering, Chinese Academy of Sciences, Shangqing Liu Nanyang Technological University, Lu Xiang SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, China, Kun Sun Institute of Information Engineering, Chinese Academy of Sciences, Kai Chen Institute of Information Engineering at Chinese Academy of Sciences; University of Chinese Academy of Sciences, Xiapu Luo Hong Kong Polytechnic University, Yang Liu Nanyang Technological University | ||
15:45 15mTalk | DroidCoder: Enhanced Android Code Completion with Context-Enriched Retrieval-Augmented Generation Research Papers Xinran Yu Nanjing University, Chun Li Nanjing University, Minxue Pan Nanjing University, Xuandong Li Nanjing University | ||
16:00 15mTalk | GraphCoder: Enhancing Repository-Level Code Completion via Coarse-to-fine Retrieval Based on Code Context Graph Research Papers Wei Liu Nanjing University, Ailun Yu Peking University, Daoguang Zan Institute of Software, Chinese Academy of Sciences, Bo Shen Huawei Cloud Computing Technologies Co., Ltd., Wei Zhang Peking University, Haiyan Zhao Peking University, Zhi Jin Peking University, Qianxiang Wang Huawei Technologies Co., Ltd | ||
16:15 10mTalk | RepoSim: Evaluating Prompt Strategies for Code Completion via User Behavior Simulation NIER Track Chao Peng ByteDance, Qinyun Wu Bytedance Ltd., Jiangchao Liu ByteDance, Jierui Liu ByteDance, Bo Jiang Bytedance Network Technology, Mengqian Xu East China Normal University, Yinghao Wang ByteDance, Xia Liu ByteDance, Ping Yang Bytedance Network Technology | ||