ISSTA 2024
Mon 16 - Fri 20 September 2024 Vienna, Austria
co-located with ISSTA/ECOOP 2024
ISSTA/ECOOP 2024 (series) / ISSTA 2024 (series) / Technical Papers /

FDI: Attack Neural Code Generation Systems through User Feedback Channel

Zhensu Sun, Xiaoning Du, Xiapu Luo, Fu Song, David Lo, Li Li
ISSTA 2024 Technical Papers
Fri 20 Sep 2024 15:30 - 15:50 at EI 7 - Models of Code Chair(s): Jürgen Cito

Neural code generation systems have recently attracted increasing attention to improve developer productivity and speed up software development.

Typically, these systems maintain a pre-trained neural model and make it available to general users as a service (e.g., through remote APIs) and incorporate a feedback mechanism to extensively collect and utilize the users' reaction to the generated code, i.e., user feedback.

However, the security implications of such feedback have not yet been explored.

With a systematic study of current feedback mechanisms,

we find that feedback makes these systems vulnerable to feedback data injection (FDI) attacks.

We discuss the methodology of FDI attacks and present a pre-attack profiling strategy to infer the attack constraints of a targeted system in the black-box setting.

We demonstrate two proof-of-concept examples utilizing the FDI attack surface to implement prompt injection attacks and backdoor attacks on practical neural code generation systems.

The attacker may stealthily manipulate a neural code generation system to generate code with vulnerabilities, attack payload, and malicious and spam messages.

Our findings reveal the security implications of feedback mechanisms in neural code generation systems, paving the way for increasing their security.

https://doi.org/10.1145/3650212.3680300
Zhensu Sun
Zhensu Sun
Singapore Management University
Singapore
Xiaoning Du
Xiaoning Du
Monash University
Australia
Xiapu Luo
Xiapu Luo
Hong Kong Polytechnic University
China
Fu Song
Fu Song
Institute of Software at Chinese Academy of Sciences; University of Chinese Academy of Sciences; Nanjing Institute of Software Technology
China
David Lo
David Lo
Singapore Management University
Singapore
Li Li
Li Li
Beihang University
China

Fri 20 Sep

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

15:30 - 16:30
Models of CodeTechnical Papers at EI 7
Chair(s): Jürgen Cito TU Wien
15:30
20m
Talk
FDI: Attack Neural Code Generation Systems through User Feedback Channel
Technical Papers
Zhensu Sun Singapore Management University, Xiaoning Du Monash University, Xiapu Luo Hong Kong Polytechnic University, Fu Song Institute of Software at Chinese Academy of Sciences; University of Chinese Academy of Sciences; Nanjing Institute of Software Technology, David Lo Singapore Management University, Li Li Beihang University
DOI
15:50
20m
Talk
CoderUJB: An Executable and Unified Java Benchmark for Practical Programming Scenarios
Technical Papers
Zhengran Zeng Peking University, Yidong Wang Peking University, Rui Xie Peking University, Wei Ye Peking University, Shikun Zhang Peking University
DOI
16:10
20m
Talk
CLAP: Learning Transferable Binary Code Representations with Natural Language Supervision
Technical Papers
Hao Wang Tsinghua University, Zeyu Gao Tsinghua University, Chao Zhang Tsinghua University, Zihan Sha Information Engineering University, Mingyang Sun University of Electronic Science and Technology of China, Yuchen Zhou Beijing University of Technology, Wenyu Zhu Tsinghua University, Wenju Sun Tsinghua University, Han Qiu Tsinghua University, Xi Xiao Tsinghua University
DOI

Information for Participants
Fri 20 Sep 2024 15:30 - 16:30 at EI 7 - Models of Code Chair(s): Jürgen Cito
Info for room EI 7:

Map: https://tuw-maps.tuwien.ac.at/?q=CDEG13

Room tech: https://raumkatalog.tiss.tuwien.ac.at/room/15417