Vulnerabilities in AI Code Generators: Exploring Targeted Data Poisoning Attacks
Domenico Cotroneo, Cristina Improta, Pietro Liguori, Roberto Natella
Abstract
AI-based code generators have become pivotal in assisting developers in writing software starting from natural language (NL). However, they are trained on large amounts of data, often collected from unsanitized online sources (e.g., GitHub, HuggingFace). As a consequence, AI models become an easy target for data poisoning, i.e., an attack that injects malicious samples into the training data to generate vulnerable code.
Topics & Concepts
Computer scienceCode (set theory)Computer securityProgramming languageSet (abstract data type)Advanced Malware Detection TechniquesAdversarial Robustness in Machine LearningSoftware Engineering Research