Poisoning Programs by Un-Repairing Code: Security Concerns of AI-generated Code
This addresses security risks for developers using AI-generated code, but it is a position paper, so it is more conceptual than incremental.
The paper identifies a novel data poisoning attack that causes AI code generators to produce vulnerable code, and evaluates its impact on state-of-the-art models, though no specific numbers are provided.
AI-based code generators have gained a fundamental role in assisting developers in writing software starting from natural language (NL). However, since these large language models are trained on massive volumes of data collected from unreliable online sources (e.g., GitHub, Hugging Face), AI models become an easy target for data poisoning attacks, in which an attacker corrupts the training data by injecting a small amount of poison into it, i.e., astutely crafted malicious samples. In this position paper, we address the security of AI code generators by identifying a novel data poisoning attack that results in the generation of vulnerable code. Next, we devise an extensive evaluation of how these attacks impact state-of-the-art models for code generation. Lastly, we discuss potential solutions to overcome this threat.