{"id":"https://openalex.org/W4414604409","doi":"https://doi.org/10.1109/qrs65678.2025.00072","title":"Backdoor Attacks with Hybrid Triggers: A Dual-Feature Injection Approach for Code Summarization Models","display_name":"Backdoor Attacks with Hybrid Triggers: A Dual-Feature Injection Approach for Code Summarization Models","publication_year":2025,"publication_date":"2025-07-16","ids":{"openalex":"https://openalex.org/W4414604409","doi":"https://doi.org/10.1109/qrs65678.2025.00072"},"language":"en","primary_location":{"id":"doi:10.1109/qrs65678.2025.00072","is_oa":false,"landing_page_url":"https://doi.org/10.1109/qrs65678.2025.00072","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 25th International Conference on Software Quality, Reliability and Security (QRS)","raw_type":"proceedings-article"},"type":"conference-paper","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Peng Nie","orcid":null},"institutions":[{"id":"https://openalex.org/I4210163363","display_name":"PLA Army Engineering University","ror":"https://ror.org/05mgp8x93","country_code":"CN","type":"education","lineage":["https://openalex.org/I4210163363"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Peng Nie","raw_affiliation_strings":["Army Engineering University of PLA,College of Command and Control Engineering,Nanjing,Jiangsu,China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Army Engineering University of PLA,College of Command and Control Engineering,Nanjing,Jiangsu,China","institution_ids":["https://openalex.org/I4210163363"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5018385255","display_name":"Song Huang","orcid":"https://orcid.org/0000-0002-6894-3916"},"institutions":[{"id":"https://openalex.org/I4210163363","display_name":"PLA Army Engineering University","ror":"https://ror.org/05mgp8x93","country_code":"CN","type":"education","lineage":["https://openalex.org/I4210163363"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Song Huang","raw_affiliation_strings":["Army Engineering University of PLA,College of Command and Control Engineering,Nanjing,Jiangsu,China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Army Engineering University of PLA,College of Command and Control Engineering,Nanjing,Jiangsu,China","institution_ids":["https://openalex.org/I4210163363"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072426112","display_name":"Changyou Zheng","orcid":"https://orcid.org/0000-0001-8469-1889"},"institutions":[{"id":"https://openalex.org/I4210163363","display_name":"PLA Army Engineering University","ror":"https://ror.org/05mgp8x93","country_code":"CN","type":"education","lineage":["https://openalex.org/I4210163363"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Changyou Zheng","raw_affiliation_strings":["Army Engineering University of PLA,College of Command and Control Engineering,Nanjing,Jiangsu,China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Army Engineering University of PLA,College of Command and Control Engineering,Nanjing,Jiangsu,China","institution_ids":["https://openalex.org/I4210163363"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5109469585","display_name":"Min Gu","orcid":null},"institutions":[{"id":"https://openalex.org/I4210163363","display_name":"PLA Army Engineering University","ror":"https://ror.org/05mgp8x93","country_code":"CN","type":"education","lineage":["https://openalex.org/I4210163363"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Min Gu","raw_affiliation_strings":["Army Engineering University of PLA,College of Command and Control Engineering,Nanjing,Jiangsu,China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Army Engineering University of PLA,College of Command and Control Engineering,Nanjing,Jiangsu,China","institution_ids":["https://openalex.org/I4210163363"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I4210163363"],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"679","last_page":"690"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9961000084877014,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9961000084877014,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9896000027656555,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9790999889373779,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.9699000120162964},{"id":"https://openalex.org/keywords/evasion","display_name":"Evasion (ethics)","score":0.5788999795913696},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5063999891281128},{"id":"https://openalex.org/keywords/signature","display_name":"Signature (topology)","score":0.45980000495910645},{"id":"https://openalex.org/keywords/automatic-summarization","display_name":"Automatic summarization","score":0.4219000041484833},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.3982999920845032},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.35659998655319214}],"concepts":[{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.9699000120162964},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7365999817848206},{"id":"https://openalex.org/C2781251061","wikidata":"https://www.wikidata.org/wiki/Q5416089","display_name":"Evasion (ethics)","level":3,"score":0.5788999795913696},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5063999891281128},{"id":"https://openalex.org/C2779696439","wikidata":"https://www.wikidata.org/wiki/Q7512811","display_name":"Signature (topology)","level":2,"score":0.45980000495910645},{"id":"https://openalex.org/C170858558","wikidata":"https://www.wikidata.org/wiki/Q1394144","display_name":"Automatic summarization","level":2,"score":0.4219000041484833},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.3982999920845032},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.35659998655319214},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.3287999927997589},{"id":"https://openalex.org/C14036430","wikidata":"https://www.wikidata.org/wiki/Q3736076","display_name":"Function (biology)","level":2,"score":0.3156999945640564},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3156999945640564},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.30660000443458557},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2815000116825104},{"id":"https://openalex.org/C34736171","wikidata":"https://www.wikidata.org/wiki/Q918333","display_name":"Preprocessor","level":2,"score":0.27790001034736633},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.27570000290870667},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.27559998631477356},{"id":"https://openalex.org/C95922358","wikidata":"https://www.wikidata.org/wiki/Q5432725","display_name":"False positive rate","level":2,"score":0.27390000224113464},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.2718999981880188},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.26510000228881836},{"id":"https://openalex.org/C174333608","wikidata":"https://www.wikidata.org/wiki/Q19635","display_name":"Trojan","level":2,"score":0.2603999972343445},{"id":"https://openalex.org/C89611455","wikidata":"https://www.wikidata.org/wiki/Q6804646","display_name":"Mechanism (biology)","level":2,"score":0.257099986076355}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/qrs65678.2025.00072","is_oa":false,"landing_page_url":"https://doi.org/10.1109/qrs65678.2025.00072","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 25th International Conference on Software Quality, Reliability and Security (QRS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":19,"referenced_works":["https://openalex.org/W2801076109","https://openalex.org/W3098605233","https://openalex.org/W3131641316","https://openalex.org/W3166095789","https://openalex.org/W3169891698","https://openalex.org/W4214548153","https://openalex.org/W4221015471","https://openalex.org/W4293204514","https://openalex.org/W4311887664","https://openalex.org/W4312044266","https://openalex.org/W4383215759","https://openalex.org/W4385187421","https://openalex.org/W4385562549","https://openalex.org/W4386982649","https://openalex.org/W4389727902","https://openalex.org/W4391307510","https://openalex.org/W4391696889","https://openalex.org/W4401450595","https://openalex.org/W4406882309"],"related_works":[],"abstract_inverted_index":{"Existing":[0],"backdoor":[1,50],"attack":[2,65,76],"methods":[3],"predominantly":[4],"rely":[5],"on":[6,82],"single":[7],"static":[8,36],"code":[9,37,166],"features":[10],"as":[11,135],"triggers,":[12],"rendering":[13],"them":[14],"easily":[15],"detectable":[16],"and":[17,42,169],"achieving":[18,63,109,146],"limited":[19],"efficacy.":[20],"To":[21],"address":[22],"this":[23],"critical":[24,162],"vulnerability,":[25],"we":[26],"propose":[27],"a":[28,86,139,147],"novel":[29],"hybrid":[30,71,96,121],"trigger":[31],"mechanism":[32,97],"that":[33,56,178],"synergistically":[34],"integrates":[35],"structures,":[38],"dynamic":[39,101],"execution":[40],"characteristics,":[41],"function":[43],"signature":[44,70,95],"patterns,":[45],"coupled":[46],"with":[47,130],"an":[48,74],"adaptive":[49,182],"injection":[51],"algorithm.":[52],"Experimental":[53],"evaluations":[54],"demonstrate":[55],"our":[57],"approach":[58],"maintains":[59],"model":[60],"functionality":[61],"while":[62,145],"exceptional":[64],"performance.":[66],"Specifically,":[67],"the":[68,93,119],"static-function":[69,94],"configuration":[72,122],"attains":[73],"average":[75],"success":[77,143],"rate":[78,144],"of":[79,114],"99.0":[80],"%":[81,141,149],"CodeBert":[83],"models,":[84,108],"representing":[85],"13-percentagepoint":[87],"improvement":[88],"over":[89],"dynamic-only":[90],"baselines.":[91,158],"Furthermore,":[92],"consistently":[98],"outperforms":[99],"conventional":[100],"triggers":[102],"across":[103],"parameter":[104],"configurations":[105],"in":[106,152,165],"GraphCodeBert":[107],"Attack":[110],"Success":[111],"Rate":[112],"gains":[113],"12-12.7":[115],"percentage":[116],"points.":[117],"Crucially,":[118],"static-dynamic":[120],"exhibits":[123],"robust":[124],"defense":[125,176],"evasion":[126,142],"capabilities":[127],"when":[128],"confronted":[129],"advanced":[131],"detection":[132,153],"systems":[133,168],"such":[134],"Spectral":[136],"Signatures,":[137],"attaining":[138],"94":[140],"40":[148],"relative":[150],"reduction":[151],"likelihood":[154],"compared":[155],"to":[156,181],"static-only":[157],"Our":[159],"study":[160],"reveals":[161],"security":[163],"risks":[164],"intelligence":[167],"provides":[170],"essential":[171],"insights":[172],"for":[173],"designing":[174],"next-generation":[175],"frameworks":[177],"are":[179],"resilient":[180],"adversarial":[183],"threats.":[184]},"counts_by_year":[],"updated_date":"2026-07-14T23:27:15.235271","created_date":"2025-10-10T00:00:00"}
