Hacking LLM coders
Really interesting research: “An Easy-to-Launch Backdoor Attack Using LLM on Code Completion Models: Introducing Masked Vulnerabilities vs. Strong Detection“:
Abstract: Large Language Models (LLM) transformed the code of com-
performing tasks, providing contextual suggestions to improve developer productivity in software engineering. Because users often tune these models for specific applications, poisoning and backdoor attacks can secretly change the results of the models. To address this critical security challenge, we present CODEBREAKER, a ground-breaking backdoor attack framework using LLM on the code completion model. Unlike recent attacks that embed malicious payloads into exposed or irrelevant sections of code (e.g. comments), CODEBREAKER uses LLM (e.g. GPT-4) to complexly transform the payload (without affecting functionality), ensuring that and poisoned data for fine-tuning and generated code can avoid strong vulnerability detection. CODEBREAKER stands out for its comprehensive vulnerability coverage, making it the first to offer such a comprehensive set for assessment. Our extensive experimental evaluations and user studies highlight the high performance of the CODEBREAKER attack in a variety of settings, confirming its superiority over existing approaches. By integrating malicious payloads directly into source code with minimal transformation, CODEBREAKER challenges current security measures, highlighting the critical need for more robust code completion protections.
A clever attack and another illustration of why robust AI is essential.
Bruce Schneier sidebar photo by Joe McInnis.