Fig 1.
Overview of our hybrid backdoor attack framework.
Attackers poison code samples stored in cloud repositories by employing our sophisticated hybrid trigger mechanism to manipulate the code structure. During software development, when programmers utilize web crawlers to collect code samples for training purposes, they inadvertently incorporate these poisoned examples into their datasets. Consequently, the resulting deep neural network models become compromised. These backdoored models function normally on clean inputs but automatically execute attacker-predefined behaviors when encountering the trigger patterns in downstream software engineering tasks, creating a stealthy yet powerful attack vector.
Table 1.
Comparison of different backdoor attacks on Java and Python datasets.
Table 2.
The impact of different backdoor attacks on clean data performance.
Fig 2.
Backdoor attack success rates by trigger type and poisoning rate.
Fig 3.
BLEU score performance of models with different backdoor triggers and poisoning rates.
Table 3.
Empirical overhead comparison between backdoor attack methods.
Table 4.
Effectiveness of spectral feature-based defense methods against different backdoor attacks (java dataset).