微信服务号

微信订阅号

2025年4月3日 10:05 星期四
首页 > 过刊浏览>2025年第36卷第4期 >1461-1488. DOI:10.13328/j.cnki.jos.007254
PDF HTML阅读 XML下载 导出引用 引用提醒
深度代码模型安全综述
作者:
中图分类号:

TP311

基金项目:

国家自然科学基金(61932012, 62372228)


Survey on Security of Deep Code Models
Author:
  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [92]
    • |
  • 相似文献
    • | | |
  • 文章评论
    摘要:

    随着深度学习技术在计算机视觉与自然语言处理等领域取得巨大成功, 软件工程研究者开始尝试将其引入到软件工程任务求解当中. 已有研究结果显示, 深度学习技术在各种代码相关任务(例如代码检索与代码摘要)上具有传统方法与机器学习方法无法比拟的优势. 这些面向代码相关任务训练的深度学习模型统称为深度代码模型. 然而, 由于神经网络的脆弱性和不可解释性, 与自然语言处理模型与图像处理模型一样, 深度代码模型安全也面临众多挑战, 已经成为软件工程领域的焦点. 近年来, 研究者提出了众多针对深度代码模型的攻击与防御方法. 然而, 目前仍缺乏对深度代码模型安全研究的系统性综述, 不利于后续研究者对该领域进行快速的了解. 因此, 为了总结该领域研究现状、挑战及时跟进该领域的最新研究成果, 搜集32篇该领域相关论文, 并将现有的研究成果主要分为后门攻击与防御技术和对抗攻击与防御技术两类. 按照不同技术类别对所收集的论文进行系统地梳理和总结. 随后, 总结该领域中常用的实验数据集和评估指标. 最后, 分析该领域所面临的关键挑战以及未来可行的研究方向, 旨在为后续研究者进一步推动深度代码模型安全的发展提供有益指导.

    Abstract:

    With the significant success of deep learning in fields such as computer vision and natural language processing, researchers in software engineering have begun to explore its integration into solving software engineering tasks. Existing research indicates that deep learning exhibits advantages in various code-related tasks, such as code retrieval and code summarization, that traditional methods and machine learning cannot match. Deep learning models trained for code-related tasks are referred to as deep code models. However, similar to natural language processing and image processing models, the security of deep code models faces numerous challenges due to the vulnerability and inexplicability of neural networks. It has become a research focus in software engineering. In recent years, researchers have proposed numerous attack and defense methods for deep code models. Nevertheless, there is a lack of a systematic review of research on deep code model security, hindering the rapid understanding of subsequent researchers in this field. To provide a comprehensive overview of the current research, challenges, and latest findings in this field, this study collects 32 relevant papers and categorizes existing research results into two main classes: backdoor attack and defense techniques, and adversarial attack and defense techniques. This study systematically analyzes and summarizes the collected papers based on the above two categories. Subsequently, it outlines commonly used experimental datasets and evaluation metrics in this field. Finally, it analyzes key challenges in this field and suggests feasible future research directions, aiming to provide valuable guidance for further advancements in the security of deep code models.

    参考文献
    [1] Iyer S, Konstas I, Cheung A, Zettlemoyer L. Summarizing source code using a neural attention model. In: Proc. of the 54th Annual Meeting of the Association for Computational Linguistics (Vol. 1: Long Papers). Berlin: Association for Computational Linguistics, 2016. 2073–2083. [doi: 10.18653/v1/P16-1195]
    [2] Gu XD, Zhang HY, Kim S. Deep code search. In: Proc. of the 40th Int’l Conf. on Software Engineering. Gothenburg: ACM, 2018. 933–944. [doi: 10.1145/3180155.3180167]
    [3] Zhang J, Wang X, Zhang HY, Sun HL, Wang KX, Liu XD. A novel neural source code representation based on abstract syntax tree. In: Proc. of the 41st IEEE/ACM Int’l Conf. on Software Engineering. Montreal: IEEE, 2019. 783–794.
    [4] Fang CR, Liu ZX, Shi YY, Huang J, Shi QK. Functional code clone detection with syntax and semantics fusion learning. In: Proc. of the 29th ACM SIGSOFT Int’l Symp. on Software Testing and Analysis. ACM, 2020. 516–527.
    [5] Lv F, Zhang HY, Lou JG, Wang SW, Zhang DM, Zhao JJ. CodeHow: Effective code search based on API understanding and extended boolean model (E). In: Proc. of the 30th IEEE/ACM Int’l Conf. on Automated Software Engineering. Lincoln: IEEE, 2015. 260–270. [doi: 10.1109/ASE.2015.42]
    [6] Feng ZY, Guo DY, Tang DY, Duan N, Feng XC, Gong M, Shou LJ, Qin B, Liu T, Jiang DX, Zhou M. CodeBERT: A pre-trained model for programming and natural languages. In: Proc. of the 2020 Findings of the Association for Computational Linguistics. Association for Computational Linguistics, 2020. 1536–1547. [doi: 10.18653/v1/2020.findings-emnlp.139]
    [7] Chen M, Tworek J, Jun H, et al. Evaluating large language models trained on code. arXiv:2107.03374, 2021.
    [8] Schuster R, Song CZ, Tromer E, Shmatikov V. You autocomplete me: Poisoning vulnerabilities in neural code completion. In: Proc. of the 30th USENIX Security Symp. Vancouver: USENIX Association, 2021. 1559–1575.
    [9] Gao FJ, Wang Y, Wang K. Discrete adversarial attack to models of code. Proc. of the ACM on Programming Languages, 2023, 7(PLDI): 172–195.
    [10] Wan Y, Zhang SJ, Zhang HY, Sui Y, Xu GD, Yao DZ, Jin H, Sun LC. You see what I want you to see: Poisoning vulnerabilities in neural code search. In: Proc. of the 30th ACM Joint European Software Engineering Conf. and Symp. on the Foundations of Software Engineering. Singapore: ACM, 2022. 1233–1245. [doi: 10.1145/3540250.3549153]
    [11] Sun WS, Chen YC, Tao GH, Fang CR, Zhang XY, Zhang QJ, Luo B. Backdooring neural code search. In: Proc. of the 61st Annual Meeting of the Association for Computational Linguistics (Vol. 1: Long Papers). Toronto: Association for Computational Linguistics, 2023. 9692–9708. [doi: 10.18653/v1/2023.acl-long.540]
    [12] Na CW, Choi YS, Lee JH. DIP: Dead code insertion based black-box attack for programming language model. In: Proc. of the 61st Annual Meeting of the Association for Computational Linguistics (Vol. 1: Long Papers). Toronto: Association for Computational Linguistics, 2023. 7777–7791. [doi: 10.18653/v1/2023.acl-long.430]
    [13] Lin GJ, Wen S, Han QL, Zhang J, Xiang Y. Software vulnerability detection using deep neural networks: A survey. Proc. of the IEEE, 2020, 108(10): 1825–1848.
    [14] 姜佳君, 陈俊洁, 熊英飞. 软件缺陷自动修复技术综述. 软件学报, 2021, 32(9): 2665-2690. http://www.jos.org.cn/1000-9825/6274.htm
    Jiang JJ, Chen JJ, Xiong YF. Survey of automatic program repair techniques. Ruan Jian Xue Bao/Journal of Software, 2021, 32(9): 2665-2690 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/6274.htm
    [15] Yang Z, Shi JK, He JD, Lo D. Natural attack for pre-trained models of code. In: Proc. of the 44th IEEE/ACM Int’l Conf. on Software Engineering. Pittsburgh: ACM, 2022. 1482–1493. [doi: 10.1145/3510003.3510146]
    [16] Li Z, Chen GQ, Chen C, Zou YY, Xu SH. RoPGen: Towards robust code authorship attribution via automatic coding style transformation. In: Proc. of the 44th IEEE/ACM Int’l Conf. on Software Engineering. Pittsburgh: ACM, 2022. 1906–1918.
    [17] Yefet N, Alon U, Yahav E. Adversarial examples for models of code. Proc. of the ACM on Programming Languages, 2020, 4(OOPSLA): 162.
    [18] Pour MV, Li Z, Ma L, Hemmati H. A search-based testing framework for deep neural networks of source code embedding. In: Proc. of the 14th IEEE Conf. on Software Testing, Verification and Validation. Porto de Galinhas: IEEE, 2021. 36–46. [doi: 10.1109/ICST49551.2021.00016]
    [19] Henkel J, Ramakrishnan G, Wang Z, Albarghouthi A, Jha S, Reps T. Semantic robustness of models of source code. In: Proc. of the 2022 IEEE Int’l Conf. on Software Analysis, Evolution and Reengineering. Honolulu: IEEE, 2022. 526–537. [doi: 10.1109/SANER53432.2022.00070]
    [20] Zhu R, Zhang CM. How robust is a large pre-trained language model for code generation? A case on attacking GPT2. In: Proc. of the 2023 IEEE Int’l Conf. on Software Analysis, Evolution and Reengineering. Macao: IEEE, 2023. 708–712.
    [21] Zhang HZ, Fu ZY, Li G, Ma L, Zhao ZZ, Yang HA, Sun YZ, Liu Y, Jin Z. Towards robustness of deep program processing models—Detection, estimation, and enhancement. ACM Trans. on Software Engineering and Methodology, 2022, 31(3): 50.
    [22] Zhou Y, Zhang XQ, Shen JJ, Han TT, Chen TL, Gall H. Adversarial robustness of deep code comment generation. ACM Trans. on Software Engineering and Methodology, 2022, 31(4): 60.
    [23] Quiring E, Maier A, Rieck K. Misleading authorship attribution of source code using adversarial learning. In: Proc. of the 28th USENIX Conf. on Security Symp. Santa Clara: USENIX Association, 2019. 479–496.
    [24] Severi G, Meyer J, Coull S, Oprea A. Explanation-guided backdoor poisoning attacks against malware classifiers. In: Proc. of the 30th USENIX Security Symp. Vancouver: USENIX Association, 2021. 1487–1504.
    [25] Zhang Z, Tao GH, Shen GY, An SW, Xu QL, Liu YQ, Ye YP, Wu YX, Zhang XY. PELICAN: Exploiting backdoors of naturally trained deep learning models in binary code analysis. In: Proc. of the 32nd USENIX Security Symp. Anaheim: USENIX Association, 2023. 2365–2382.
    [26] He JX, Vechev M. Large language models for code: Security hardening and adversarial testing. In: Proc. of the 2023 ACM SIGSAC Conf. on Computer and Communications Security. Copenhagen: ACM, 2023. 1865–1879. [doi: 10.1145/3576915.3623175]
    [27] Srikant S, Liu SJ, Mitrovska T, Chang SY, Fan QF, Zhang GY, O’Reilly UM. Generating adversarial computer programs using optimized obfuscations. In: Proc. of the 9th Int’l Conf. on Learning Representations. OpenReview.net, 2021.
    [28] Li YZ, Liu SQ, Chen KJ, Xie XF, Zhang TW, Liu Y. Multi-target backdoor attacks for code pre-trained models. In: Proc. of the 61st Annual Meeting of the Association for Computational Linguistics (Vol. 1: Long Papers). Toronto: Association for Computational Linguistics, 2023. 7236–7254. [doi: 10.18653/v1/2023.acl-long.399]
    [29] Zhang HZ, Li Z, Li G, Ma L, Liu Y, Jin Z. Generating adversarial examples for holding robustness of source code processing models. In: Proc. of the 34th AAAI Conf. on Artificial Intelligence. New York: AAAI Press, 2020. 1169–1176.
    [30] Jha A, Reddy CK. CodeAttack: Code-based adversarial attacks for pre-trained programming language models. In: Proc. of the 37th AAAI Conf. on Artificial Intelligence. Washington: AAAI Press, 2023. 14892–14900. [doi: 10.1609/aaai.v37i12.26739]
    [31] Li YY, Wu HQ, Zhao H. Semantic-preserving adversarial code comprehension. In: Proc. of the 29th Int’l Conf. on Computational Linguistics. Gyeongju: Int’l Committee on Computational Linguistics, 2022. 3017–3028.
    [32] Yu XQ, Li Z, Huang X, Zhao SS. AdVulCode: Generating adversarial vulnerable code against deep learning-based vulnerability detectors. Electronics, 2023, 12(4): 936.
    [33] Ramakrishnan G, Albarghouthi A. Backdoors in neural models of source code. arXiv:2006.06841, 2020.
    [34] Springer JM, Reinstadler BM, O’Reilly UM. STRATA: Simple, gradient-free attacks for models of code. arXiv:2009.13562, 2021.
    [35] Li J, Li Z, Zhang HZ, Li G, Jin Z, Hu X, Xia X. Poison attack and poison detection on deep source code processing models. ACM Trans. on Software Engineering and Methodology, 2024, 33(3): 62.
    [36] Qi SY, Yang YH, Gao S, Gao CY, Xu ZL. BadCS: A backdoor attack framework for code search. arXiv:2305.05503, 2023.
    [37] Cotroneo D, Improta C, Liguori P, Natella R. Vulnerabilities in AI code generators: Exploring targeted data poisoning attacks. arXiv:2308.04451, 2024.
    [38] Yang Z, Xu BW, Zhang JM, Kang HJ, Shi JK, He JD, Lo D. Stealthy backdoor attack for code models. arXiv:2301.02496, 2023.
    [39] Nguyen TD, Zhou Y, Le XBD, Thongtanunam P, Lo D. Adversarial attacks on code models with discriminative graph patterns. arXiv:2308.11161, 2023.
    [40] Zhang J, Ma W, Hu Q, Liu SQ, Xie XF, Traon YL, Liu Y. A black-box attack on code models via representation nearest neighbor search. arXiv:2305.05896, 2023.
    [41] Improta C, Liguori P, Natella R, Cukic B, Cotroneo D. Enhancing robustness of AI offensive code generators via data augmentation. arXiv:2306.05079, 2023.
    [42] Sun WS, Fang CR, Ge YF, Hu YL, Chen YC, Zhang QJ, Ge XT, Liu Y, Chen ZY. A survey of source code search: A 3-dimensional perspective. arXiv:2311.07107, 2023.
    [43] Mikolov T, Karafiát M, Burget L, Cernocký J, Khudanpur S. Recurrent neural network based language model. In: Proc. of the 11th Annual Conf. of the Int’l Speech Communication Association. Makuhari: ISCA, 2010. 1045–1048. [doi: 10.21437/Interspeech.2010-343]
    [44] Vaswani A, Shazeer N, Parmar N, Uszkoreit J, Jones L, Gomez AN, Kaiser L, Polosukhin I. Attention is all you need. In: Proc. of the 31st Int’l Conf. on Neural Information Processing Systems. Long Beach: Curran Associates Inc., 2017. 6000–6010.
    [45] Devlin J, Chang MW, Lee K, Toutanova K. BERT: Pre-training of deep bidirectional Transformers for language understanding. In: Proc. of the 2019 Conf. of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies, Vol. 1 (Long and Short Papers). Minneapolis: Association for Computational Linguistics, 2019. 4171–4186. [doi: 10.18653/v1/N19-1423]
    [46] Husain H, Wu HH, Gazit T, Allamanis M, Brockschmidt M. CodeSearchNet challenge: Evaluating the state of semantic code search. arXiv:1909.09436, 2020.
    [47] Svajlenko J, Islam JF, Keivanloo I, Roy CK, Mia MM. Towards a big data curated benchmark of inter-project code clones. In: Proc. of the 2014 IEEE Int’l Conf. on Software Maintenance and Evolution. Victoria: IEEE, 2014. 476–480. [doi: 10.1109/ICSME.2014.77]
    [48] Zhou YQ, Liu SQ, Siow JK, Du XN, Liu Y. Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks. In: Proc. of the 33rd Int’l Conf. on Neural Information Processing Systems. Vancouver: Curran Associates Inc., 2019. 10197–10207.
    [49] Hochreiter S, Schmidhuber J. Long short-term memory. Neural Computation, 1997, 9(8): 1735–1780.
    [50] Alon U, Brody S, Levy O, Yahav E. Code2Seq: Generating sequences from structured representations of code. In: Proc. of the 7th Int’l Conf. on Learning Representations. New Orleans: OpenReview.net, 2019.
    [51] Bahdanau D, Cho K, Bengio Y. Neural machine translation by jointly learning to align and translate. arXiv:1409.0473, 2016.
    [52] Svyatkovskiy A, Zhao Y, Fu SY, Sundaresan N. Pythia: AI-assisted code completion system. In: Proc. of the 25th ACM SIGKDD Int’l Conf. on Knowledge Discovery & Data Mining. Anchorage: ACM, 2019. 2727–2735. [doi: 10.1145/3292500.3330699]
    [53] Radford A, Wu J, Child R, Luan D, Amodei D, Sutskever I. Language models are unsupervised multitask learners. OpenAI Blog, 2019, 1(8): 9.
    [54] Tran B, Li J, Madry A. Spectral signatures in backdoor attacks. In: Proc. of the 32nd Int’l Conf. on Neural Information Processing Systems. Montréal: Curran Associates Inc., 2018. 8011–8021.
    [55] Chen B, Carvalho W, Baracaldo N, Ludwig H, Edwards B, Lee T, Molloy IM, Srivastava B. Detecting backdoor attacks on deep neural networks by activation clustering. In: Proc. of the 2019 Workshop on Artificial Intelligence Safety Co-located with the 33rd AAAI Conf. on Artificial Intelligence. Honolulu: CEUR-WS.org, 2019. 2301.
    [56] Cho K, van Merriënboer B, Bahdanau D, Bengio Y. On the properties of neural machine translation: Encoder-decoder approaches. In: Proc. of the 8th Workshop on Syntax, Semantics and Structure in Statistical Translation. Doha: Association for Computational Linguistics, 2014. 103–111. [doi: 10.3115/v1/W14-4012]
    [57] Gu TY, Dolan-Gavitt B, Garg S. BadNets: Identifying vulnerabilities in the machine learning model supply chain. arXiv:1708.06733, 2019.
    [58] Kim Y. Convolutional neural networks for sentence classification. In: Proc. of the 2014 Conf. on Empirical Methods in Natural Language Processing. Doha: Association for Computational Linguistics, 2014. 1746–1751. [doi: 10.3115/v1/D14-1181]
    [59] Wang Y, Le H, Gotmare AD, Bui NDQ, Li JN, Hoi SCH. CodeT5+: Open code large language models for code understanding and generation. arXiv:2305.07922, 2023.
    [60] Anderson HS, Roth P. EMBER: An open dataset for training static PE malware machine learning models. arXiv:1804.04637, 2018.
    [61] Smutz C, Stavrou A. Malicious PDF detection using metadata and structural features. In: Proc. of the 28th Annual Computer Security Applications Conf. Orlando: ACM, 2012. 239–248. [doi: 10.1145/2420950.2420987]
    [62] Arp D, Spreitzenbarth M, Hubner M, Gascon H, Rieck K. Drebin: Effective and explainable detection of Android malware in your pocket. In: Proc. of the 21st Annual Network and Distributed System Security Symp. San Diego: The Internet Society, 2014.
    [63] Wang Y, Wang WS, Joty S, Hoi SCH. CodeT5: Identifier-aware unified pre-trained encoder-decoder models for code understanding and generation. In: Proc. of the 2021 Conf. on Empirical Methods in Natural Language Processing. Punta Cana: Association for Computational Linguistics, 2021. 8696–8708. [doi: 10.18653/v1/2021.emnlp-main.685]
    [64] Junod P, Rinaldini J, Wehrli J, Michielin J. Obfuscator-LLVM—Software protection for the masses. In: Proc. of the 1st IEEE/ACM Int’l Workshop on Software Protection. Florence: IEEE, 2015. 3–9. [doi: 10.1109/SPRO.2015.10]
    [65] Chen CS, Dai JZ. Mitigating backdoor attacks in LSTM-based text classification systems by backdoor keyword identification. Neurocomputing, 2021, 452: 253–262.
    [66] Guo DY, Ren S, Lu S, Feng ZY, Tang DY, Liu SJ, Zhou L, Duan N, Svyatkovskiy A, Fu SY, Tufano M, Deng SK, Clement C, Drain D, Sundaresan N, Yin J, Jiang DX, Zhou M. GraphCodeBERT: Pre-training code representations with data flow. In: Proc. of the 9th Int’l Conf. on Learning Representations. OpenReview.net, 2021.
    [67] Sundararajan M, Taly A, Yan QQ. Axiomatic attribution for deep networks. In: Proc. of the 34th Int’l Conf. on Machine Learning. Sydney: JMLR.org, 2017. 3319–3328.
    [68] Qi FC, Chen YY, Li MK, Yao Y, Liu ZY, Sun MS. ONION: A simple and effective defense against textual backdoor attacks. In: Proc. of the 2021 Conf. on Empirical Methods in Natural Language Processing. Punta Cana: Association for Computational Linguistics, 2021. 9558–9566. [doi: 10.18653/v1/2021.emnlp-main.752]
    [69] Du XH, Wen M, Wei ZH, Wang SW, Jin H. An extensive study on adversarial attack against pre-trained models of code. In: Proc. of the 31st ACM Joint European Software Engineering Conf. and Symp. on the Foundations of Software Engineering. San Francisco: ACM, 2023. 489–501. [doi: 10.1145/3611643.3616356]
    [70] Li YJ, Tarlow D, Brockschmidt M, Zemel R. Gated graph sequence neural networks. arXiv:1511.05493, 2017.
    [71] Alon U, Zilberstein M, Levy O, Yahav E. Code2Vec: Learning distributed representations of code. Proc. of the ACM on Programming Languages, 2019, 3(POPL): 40.
    [72] Brockschmidt M, Allamanis M, Gaunt AL, Polozov O. Generative code modeling with graphs. arXiv:1805.08490, 2019.
    [73] Huo X, Li M. Enhancing the unified features to locate buggy files by exploiting the sequential nature of source code. In: Proc. of the 26th Int’l Joint Conf. on Artificial Intelligence. Melbourne: IJCAI.org, 2017. 1909–1915.
    [74] Mou LL, Li G, Zhang L, Wang T, Jin Z. Convolutional neural networks over tree structures for programming language processing. In: Proc. of the 30th AAAI Conf. on Artificial Intelligence. Phoenix: AAAI Press, 2016. 1287–1293.
    [75] Wei HH, Li M. Supervised deep features for software functional clone detection by exploiting lexical and syntactical information in source code. In: Proc. of the 26th Int’l Joint Conf. on Artificial Intelligence. Melbourne: AAAI Press, 2017. 3034–3040.
    [76] Alzantot M, Sharma Y, Elgohary A, Ho BJ, Srivastava M, Chang KW. Generating natural language adversarial examples. In: Proc. of the 2018 Conf. on Empirical Methods in Natural Language Processing. Brussels: Association for Computational Linguistics, 2018. 2890–2896. [doi: 10.18653/v1/D18-1316]
    [77] Jin D, Jin ZJ, Zhou JT, Szolovits P. Is BERT really robust? A strong baseline for natural language attack on text classification and entailment. In: Proc. of the 34th AAAI Conf. on Artificial Intelligence. New York: AAAI Press, 2020. 8018–8025.
    [78] Li LY, Ma RT, Guo QP, Xue XY, Qiu XP. BERT-Attack: Adversarial attack against BERT using BERT. In: Proc. of the 2020 Conf. on Empirical Methods in Natural Language Processing. Association for Computational Linguistics, 2020. 6193–6202. [doi: 10.18653/v1/2020.emnlp-main.500]
    [79] Silver D, Huang A, Maddison CJ, Guez A, Sifre L, van den Driessche G, Schrittwieser J, Antonoglou I, Panneershelvam V, Lanctot M, Dieleman S, Grewe D, Nham J, Kalchbrenner N, Sutskever I, Lillicrap T, Leach M, Kavukcuoglu K, Graepel T, Hassabis D. Mastering the game of go with deep neural networks and tree search. Nature, 2016, 529(7587): 484–489.
    [80] Caliskan-Islam A, Harang R, Liu A, Narayanan A, Voss C, Yamaguchi F, Greenstadt R. De-anonymizing programmers via code stylometry. In: Proc. of the 24th USENIX Conf. on Security Symp. Washington: USENIX Association, 2015. 255–270.
    [81] Abuhamad M, AbuHmed T, Mohaisen A, Nyang D. Large-scale and language-oblivious code authorship identification. In: Proc. of the 2018 ACM SIGSAC Conf. on Computer and Communications Security. Toronto: ACM, 2018. 101–114.
    [82] Madry A, Makelov A, Schmidt L, Tsipras D, Vladu A. Towards deep learning models resistant to adversarial attacks. arXiv:1706.06083, 2019.
    [83] Lu S, Guo DY, Ren S, Huang JJ, Svyatkovskiy A, Blanco A, Clement C, Drain D, Jiang DX, Tang DY, Li G, Zhou LD, Shou LJ, Zhou L, Tufano M, Gong M, Zhou M, Duan N, Sundaresan N, Deng SK, Fu SY, Liu SJ. CodeXGLUE: A machine learning benchmark dataset for code understanding and generation. arXiv:2102.04664, 2021.
    [84] Liu CX, Wan XJ. CodeQA: A question answering dataset for source code comprehension. In: Proc. of the 2021 Findings of the Association for Computational Linguistics. Punta Cana: Association for Computational Linguistics, 2021. 2618–2632.
    [85] Hendrycks D, Basart S, Kadavath S, Mazeika M, Arora A, Guo E, Burns C, Puranik S, He H, Song D, Steinhardt J. Measuring coding challenge competence with APPS. arXiv:2105.09938, 2021.
    [86] Liguori P, Al-Hossami E, Cotroneo D, Natella R, Cukic B, Shaikh S. Shellcode_IA32: A dataset for automatic shellcode generation. arXiv:2104.13100, 2022.
    [87] Siddiq ML, Santos JCS. SecurityEval dataset: Mining vulnerability examples to evaluate machine learning-based code generation techniques. In: Proc. of the 1st Int’l Workshop on Mining Software Repositories Applications for Privacy and Security. Singapore: ACM: 2022. 29–33. [doi: 10.1145/3549035.3561184]
    [88] Tony C, Mutas M, Ferreyra NED, Scandariato R. LLMSecEval: A dataset of natural language prompts for security evaluations. In: Proc. of the 20th IEEE/ACM Int’l Conf. on Mining Software Repositories. Melbourne: IEEE, 2023. 588–592. [doi: 10.1109/MSR59073.2023.00084]
    [89] Sun ZS, Du XN, Song F, Li L. CodeMark: Imperceptible watermarking for code datasets against neural code completion models. In: Proc. of the 31st ACM Joint European Software Engineering Conf. and Symp. on the Foundations of Software Engineering. San Francisco: ACM, 2023. 1561–1572. [doi: 10.1145/3611643.3616297]
    [90] Sun WS, Fang CR, You YD, Miao Y, Liu Y, Li YK, Deng GL, Huang SH, Chen YC, Zhang QJ, Qian HW, Liu Y, Chen ZY. Automatic code summarization via ChatGPT: How far are we? arXiv:2305.12865, 2023.
    [91] Hou XY, Zhao YJ, Liu Y, Yang Z, Wang KL, Li L, Luo XP, Lo D, Grundy J, Wang HY. Large language models for software engineering: A systematic literature review. arXiv:2308.10620, 2024.
    相似文献
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

孙伟松,陈宇琛,赵梓含,陈宏,葛一飞,韩廷旭,黄胜寒,李佳讯,房春荣,陈振宇.深度代码模型安全综述.软件学报,2025,36(4):1461-1488

复制
分享
文章指标
  • 点击次数:556
  • 下载次数: 609
  • HTML阅读次数: 5
  • 引用次数: 0
历史
  • 收稿日期:2023-12-18
  • 最后修改日期:2024-02-12
  • 在线发布日期: 2024-12-09
文章二维码
友情链接:中国科学院软件研究所中国计算机学会中国科学院国家自然科学基金委员会CCF数字图书馆Int'l J of Softw Info计算机系统应用
您是第19779185位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号