Adversarial Robustness for Code

Pavol Bielik; Martin Vechev

arXiv:2002.04694·cs.LG·August 18, 2020·33 cites

Adversarial Robustness for Code

Pavol Bielik, Martin Vechev

PDF

Open Access 1 Repo 1 Video

TL;DR

This paper investigates the vulnerability of machine learning models for code to adversarial attacks, demonstrating their susceptibility and proposing methods to enhance robustness without sacrificing accuracy.

Contribution

It introduces adversarial attack techniques tailored for code and develops strategies to improve model robustness in this domain.

Findings

01

Neural models for code are vulnerable to adversarial attacks

02

Proposed techniques improve robustness while maintaining high accuracy

03

Adversarial attacks can significantly alter model outputs in code tasks

Abstract

Machine learning and deep learning in particular has been recently used to successfully address many tasks in the domain of code such as finding and fixing bugs, code completion, decompilation, type inference and many others. However, the issue of adversarial robustness of models for code has gone largely unnoticed. In this work, we explore this issue by: (i) instantiating adversarial attacks for code (a domain with discrete and highly structured inputs), (ii) showing that, similar to other domains, neural models for code are vulnerable to adversarial attacks, and (iii) combining existing and novel techniques to improve robustness while preserving high accuracy.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Code & Models

Repositories

eth-sri/robust-code
pytorch

Videos

Adversarial Robustness for Code· slideslive

Taxonomy

TopicsAdversarial Robustness in Machine Learning · Advanced Malware Detection Techniques · Security and Verification in Computing