DeCoMa: Detecting and Purifying Code Dataset Watermarks through Dual Channel Code Abstraction
Watermarking is a technique to help identify the source of data points, which can be used to help prevent the misuse of protected datasets. Existing methods on code watermarking, leveraging the idea from the backdoor research, embed stealthy triggers as watermarks. Despite their high resilience against dilution attacks and backdoor detections, the robustness has not been fully evaluated. To fill this gap, we propose DeCoMa, a dual-channel approach to Detect and purify Code dataset waterMarks. To overcome the high barrier created by the stealthy and hidden nature of code watermarks, DeCoMa leverages dual-channel constraints on code to generalize and map code samples into standardized templates. Subsequently, DeCoMa extracts hidden watermarks by identifying outlier associations between paired elements within the standardized templates. Finally, DeCoMa purifies the watermarked dataset by removing all samples containing the detected watermark, enabling the silent appropriation of protected code. We conduct extensive experiments to evaluate the effectiveness and efficiency of DeCoMa, covering 10 types of code watermarks and 3 representative intelligent code tasks (a total of 14 scenarios). Experimental results demonstrate that DeCoMa achieves a stable recall of 100% in 14 code watermark detection scenarios, significantly outperforming the baselines. Additionally, DeCoMa effectively attacks code watermarks with poisoning rates as low as 0.9%, while maintaining comparable model performance after training on the purified dataset. Furthermore, as DeCoMa requires no model training for detection, it achieves substantially higher efficiency than all baselines, with a speedup ranging from 31.5 to 130.9×. The results call for more advanced watermarking techniques for code models, while DeCoMa can serve as a baseline for future evaluation.
Fri 27 JunDisplayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change
14:00 - 15:30 | Gamification, Specifications, and Code ReviewsResearch Papers / Tool Demonstrations at Cosmos 3C Chair(s): Michael Pradel University of Stuttgart | ||
14:00 25mTalk | NADA: Neural Acceptance-driven Approximate Specification Mining Research Papers Weilin Luo Sun Yat-sen University, Tingchen Han Sun Yat-Sen University, Junming Qiu Sun Yat-sen University, Hai Wan Sun Yat-sen University, Jianfeng Du Guangdong University of Foreign Studies, Bo Peng Sun Yat-Sen University, Guohui Xiao Southeast University, Yanan Liu SUN YAT-SEN UNIVERSITY DOI | ||
14:25 25mTalk | Gamifying Testing in IntelliJ: A Replicability Study Research Papers Philipp Straubinger University of Passau, Tommaso Fulcini Politecnico di Torino, Giacomo Garaccione Politecnico di Torino, Luca Ardito Politecnico di Torino, Gordon Fraser University of Passau DOI | ||
14:50 25mTalk | DeCoMa: Detecting and Purifying Code Dataset Watermarks through Dual Channel Code Abstraction Research Papers Yuan Xiao Nanjing University, Yuchen Chen Nanjing University, Shiqing Ma University of Massachusetts at Amherst, Haocheng Huang Soochow University, Chunrong Fang Nanjing University, Yanwei Chen Nanjing University, Weisong Sun Nanyang Technological University, Yunfeng Zhu Nanjing University, Xiaofang Zhang Soochow University, Zhenyu Chen Nanjing University DOI Pre-print | ||
15:15 15mDemonstration | Teaching Software Testing and Debugging with the Serious Game Sojourner under Sabotage Tool Demonstrations Philipp Straubinger University of Passau, Tim Greller University of Passau, Gordon Fraser University of Passau |
Cosmos 3C is the third room in the Cosmos 3 wing.
When facing the main Cosmos Hall, access to the Cosmos 3 wing is on the left, close to the stairs. The area is accessed through a large door with the number “3”, which will stay open during the event.