Virginia Tech® home

CodeAttack: Code-based Adversarial Attacks for Pre-Trained Programming Language Models

Akshita Jha, Chandan Reddy

Abstract

Pre-trained programming language (PL) models (such as CodeT5, CodeBERT, GraphCodeBERT, etc.,) have the potential to automate software engineering tasks involving code understanding and code generation. However, these models are not robust to changes in the input and thus, are potentially susceptible to adversarial attacks. We propose, CodeAttack, a simple yet effective black-box attack model that uses code structure to generate imperceptible, effective, and minimally perturbed adversarial code samples. We demonstrate the vulnerabilities of the state-of-the-art PL models to code-specific adversarial attacks. We evaluate the transferability of CodeAttack on several code-code (translation and repair) and code-NL (summarization) tasks across different programming languages. CodeAttack outperforms state-of-the-art adversarial NLP attack models to achieve the best overall performance while being more efficient and imperceptible.

Publication Details

Date of publication: May 30, 2022

Journal: arXiv

Page number(s):

Volume:

Issue Number:

Publication Note: Akshita Jha, Chandan K. Reddy: CodeAttack: Code-based Adversarial Attacks for Pre-Trained Programming Language Models. CoRR abs/2206.00052 (2022)