{"id":"https://openalex.org/W4391696889","doi":"https://doi.org/10.1109/tse.2024.3361661","title":"Stealthy Backdoor Attack for Code Models","display_name":"Stealthy Backdoor Attack for Code Models","publication_year":2024,"publication_date":"2024-02-09","ids":{"openalex":"https://openalex.org/W4391696889","doi":"https://doi.org/10.1109/tse.2024.3361661"},"language":"en","primary_location":{"id":"doi:10.1109/tse.2024.3361661","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tse.2024.3361661","pdf_url":null,"source":{"id":"https://openalex.org/S8351582","display_name":"IEEE Transactions on Software Engineering","issn_l":"0098-5589","issn":["0098-5589","1939-3520","2326-3881"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Software Engineering","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5008695791","display_name":"Zhou Yang","orcid":"https://orcid.org/0000-0001-5938-1918"},"institutions":[{"id":"https://openalex.org/I79891267","display_name":"Singapore Management University","ror":"https://ror.org/050qmg959","country_code":"SG","type":"education","lineage":["https://openalex.org/I79891267"]}],"countries":["SG"],"is_corresponding":true,"raw_author_name":"Zhou Yang","raw_affiliation_strings":["School of Computing and Information Systems, Singapore Management University, Singapore, Singapore"],"raw_orcid":"https://orcid.org/0000-0001-5938-1918","affiliations":[{"raw_affiliation_string":"School of Computing and Information Systems, Singapore Management University, Singapore, Singapore","institution_ids":["https://openalex.org/I79891267"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5008013136","display_name":"Bowen Xu","orcid":"https://orcid.org/0000-0002-1006-8493"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Bowen Xu","raw_affiliation_strings":["North Carolina State University, Raleigh, NC, USA"],"raw_orcid":"https://orcid.org/0000-0002-1006-8493","affiliations":[{"raw_affiliation_string":"North Carolina State University, Raleigh, NC, USA","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088708850","display_name":"Jie M. Zhang","orcid":"https://orcid.org/0000-0003-0481-7264"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Jie M. Zhang","raw_affiliation_strings":["King&#x2019;s College London, London, U.K"],"raw_orcid":"https://orcid.org/0000-0003-0481-7264","affiliations":[{"raw_affiliation_string":"King&#x2019;s College London, London, U.K","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5027335548","display_name":"Hong Jin Kang","orcid":"https://orcid.org/0000-0001-7335-7295"},"institutions":[{"id":"https://openalex.org/I161318765","display_name":"University of California, Los Angeles","ror":"https://ror.org/046rm7j60","country_code":"US","type":"education","lineage":["https://openalex.org/I161318765"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hong Jin Kang","raw_affiliation_strings":["University of California, Los Angeles, CA, USA"],"raw_orcid":"https://orcid.org/0000-0001-7335-7295","affiliations":[{"raw_affiliation_string":"University of California, Los Angeles, CA, USA","institution_ids":["https://openalex.org/I161318765"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5002667771","display_name":"Jieke Shi","orcid":"https://orcid.org/0000-0002-0799-5018"},"institutions":[{"id":"https://openalex.org/I79891267","display_name":"Singapore Management University","ror":"https://ror.org/050qmg959","country_code":"SG","type":"education","lineage":["https://openalex.org/I79891267"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Jieke Shi","raw_affiliation_strings":["School of Computing and Information Systems, Singapore Management University, Singapore, Singapore"],"raw_orcid":"https://orcid.org/0000-0002-0799-5018","affiliations":[{"raw_affiliation_string":"School of Computing and Information Systems, Singapore Management University, Singapore, Singapore","institution_ids":["https://openalex.org/I79891267"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103075577","display_name":"Junda He","orcid":"https://orcid.org/0000-0003-3370-8585"},"institutions":[{"id":"https://openalex.org/I79891267","display_name":"Singapore Management University","ror":"https://ror.org/050qmg959","country_code":"SG","type":"education","lineage":["https://openalex.org/I79891267"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Junda He","raw_affiliation_strings":["School of Computing and Information Systems, Singapore Management University, Singapore, Singapore"],"raw_orcid":"https://orcid.org/0000-0003-3370-8585","affiliations":[{"raw_affiliation_string":"School of Computing and Information Systems, Singapore Management University, Singapore, Singapore","institution_ids":["https://openalex.org/I79891267"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5081036622","display_name":"David Lo","orcid":"https://orcid.org/0000-0002-4367-7201"},"institutions":[{"id":"https://openalex.org/I79891267","display_name":"Singapore Management University","ror":"https://ror.org/050qmg959","country_code":"SG","type":"education","lineage":["https://openalex.org/I79891267"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"David Lo","raw_affiliation_strings":["School of Computing and Information Systems, Singapore Management University, Singapore, Singapore"],"raw_orcid":"https://orcid.org/0000-0002-4367-7201","affiliations":[{"raw_affiliation_string":"School of Computing and Information Systems, Singapore Management University, Singapore, Singapore","institution_ids":["https://openalex.org/I79891267"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5008695791"],"corresponding_institution_ids":["https://openalex.org/I79891267"],"apc_list":null,"apc_paid":null,"fwci":36.5541,"has_fulltext":false,"cited_by_count":52,"citation_normalized_percentile":{"value":0.99799831,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":100},"biblio":{"volume":"50","issue":"4","first_page":"721","last_page":"741"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.996399998664856,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9959999918937683,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.9046453833580017},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.6374961733818054},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6289292573928833},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.43753716349601746},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.3907337188720703},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3375491499900818},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.16445502638816833},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.08631518483161926}],"concepts":[{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.9046453833580017},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.6374961733818054},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6289292573928833},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.43753716349601746},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.3907337188720703},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3375491499900818},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.16445502638816833},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.08631518483161926}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/tse.2024.3361661","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tse.2024.3361661","pdf_url":null,"source":{"id":"https://openalex.org/S8351582","display_name":"IEEE Transactions on Software Engineering","issn_l":"0098-5589","issn":["0098-5589","1939-3520","2326-3881"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Software Engineering","raw_type":"journal-article"},{"id":"pmh:oai:kclpure.kcl.ac.uk:publications/028158d9-f337-4da7-8498-d8c46a2683f9","is_oa":false,"landing_page_url":"https://kclpure.kcl.ac.uk/portal/en/publications/028158d9-f337-4da7-8498-d8c46a2683f9","pdf_url":null,"source":{"id":"https://openalex.org/S4306400216","display_name":"Research Portal (King's College London)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I183935753","host_organization_name":"King's College London","host_organization_lineage":["https://openalex.org/I183935753"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Yang, Z, Xu, B, Zhang, J M, Kang, H J, Shi, J, He, J & Lo, D 2024, 'Stealthy Backdoor Attack for Code Models', IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, vol. 50, no. 4, pp. 721-741. https://doi.org/10.1109/TSE.2024.3361661","raw_type":"info:eu-repo/semantics/publishedVersion"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G7169835300","display_name":null,"funder_award_id":"NRF-NRFI08-2022-0002","funder_id":"https://openalex.org/F4320320709","funder_display_name":"National Research Foundation Singapore"}],"funders":[{"id":"https://openalex.org/F4320320709","display_name":"National Research Foundation Singapore","ror":"https://ror.org/03cpyc314"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":90,"referenced_works":["https://openalex.org/W1945616565","https://openalex.org/W2142112143","https://openalex.org/W2187089797","https://openalex.org/W2741705590","https://openalex.org/W2753783305","https://openalex.org/W2774423163","https://openalex.org/W2896457183","https://openalex.org/W2934843808","https://openalex.org/W2942091739","https://openalex.org/W2957905354","https://openalex.org/W2964150020","https://openalex.org/W2965373594","https://openalex.org/W2973217491","https://openalex.org/W2987246247","https://openalex.org/W2997451752","https://openalex.org/W3004658838","https://openalex.org/W3007157104","https://openalex.org/W3012113073","https://openalex.org/W3035367371","https://openalex.org/W3036685832","https://openalex.org/W3048759177","https://openalex.org/W3091441586","https://openalex.org/W3107793421","https://openalex.org/W3109409894","https://openalex.org/W3109966548","https://openalex.org/W3111184121","https://openalex.org/W3128630643","https://openalex.org/W3131641316","https://openalex.org/W3152758407","https://openalex.org/W3167002899","https://openalex.org/W3167948855","https://openalex.org/W3170092793","https://openalex.org/W3173784240","https://openalex.org/W3175052694","https://openalex.org/W3178326529","https://openalex.org/W3194896290","https://openalex.org/W3195391869","https://openalex.org/W3198685994","https://openalex.org/W3199249334","https://openalex.org/W3204619801","https://openalex.org/W3205696278","https://openalex.org/W3210860486","https://openalex.org/W3212213895","https://openalex.org/W3212648813","https://openalex.org/W3217463290","https://openalex.org/W3217530062","https://openalex.org/W4206238894","https://openalex.org/W4206334468","https://openalex.org/W4214564822","https://openalex.org/W4214680449","https://openalex.org/W4220722393","https://openalex.org/W4221159558","https://openalex.org/W4226004737","https://openalex.org/W4226216828","https://openalex.org/W4252684946","https://openalex.org/W4285490489","https://openalex.org/W4285821122","https://openalex.org/W4286530321","https://openalex.org/W4288077072","https://openalex.org/W4289300166","https://openalex.org/W4308627220","https://openalex.org/W4311165731","https://openalex.org/W4312044266","https://openalex.org/W4312329299","https://openalex.org/W4312354494","https://openalex.org/W4312458120","https://openalex.org/W4382317573","https://openalex.org/W4388574628","https://openalex.org/W4394638297","https://openalex.org/W6640425456","https://openalex.org/W6679436768","https://openalex.org/W6692071231","https://openalex.org/W6739868092","https://openalex.org/W6746897123","https://openalex.org/W6751531854","https://openalex.org/W6754601402","https://openalex.org/W6756074407","https://openalex.org/W6756103864","https://openalex.org/W6756333562","https://openalex.org/W6766336336","https://openalex.org/W6766673545","https://openalex.org/W6768003788","https://openalex.org/W6773936880","https://openalex.org/W6776469819","https://openalex.org/W6780120029","https://openalex.org/W6783227185","https://openalex.org/W6787959460","https://openalex.org/W6789235688","https://openalex.org/W6790588633","https://openalex.org/W6803329705"],"related_works":["https://openalex.org/W4320031223","https://openalex.org/W4200629851","https://openalex.org/W4281902577","https://openalex.org/W4309417370","https://openalex.org/W4292107232","https://openalex.org/W3009072493","https://openalex.org/W4386080799","https://openalex.org/W3140988292","https://openalex.org/W4317672133","https://openalex.org/W3081644756"],"abstract_inverted_index":{"Code":[0],"models,":[1],"such":[2],"as":[3,110,197],"CodeBERT":[4],"and":[5,12,73,151,153,159,170,243,288,311],"CodeT5,":[6],"offer":[7],"general-purpose":[8],"representations":[9],"of":[10,83,201,222,261,269],"code":[11,26,37,69,84,147,282,309],"play":[13],"a":[14,253],"vital":[15],"role":[16],"in":[17,204,212,281,304],"supporting":[18],"downstream":[19,155],"automated":[20],"software":[21],"engineering":[22],"tasks.":[23],"Most":[24],"recently,":[25],"models":[27,70,85,148,283,310],"were":[28],"revealed":[29],"to":[30,33,79,130,143,180,308],"be":[31,181],"vulnerable":[32],"backdoor":[34,66,90,286],"attacks.":[35,91],"A":[36,97,120,139,173,205,239,270],"model":[38],"that":[39,61,172,290],"is":[40,177,235,255],"backdoor-attacked":[41],"can":[42],"behave":[43],"normally":[44],"on":[45,54,68],"clean":[46],"examples":[47,55],"but":[48],"will":[49],"produce":[50],"pre-defined":[51],"malicious":[52],"outputs":[53],"injected":[56],"with":[57,86],"<italic":[58,87,102,106,111,116],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[59,88,99,103,107,112,117,122,141,175,207,241,272],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">triggers</i>":[60],"activate":[62],"the":[63,81,184,210,213,223,229,232,257,266],"backdoors.":[64],"Existing":[65],"attacks":[67,287],"use":[71],"unstealthy":[72],"easy-to-detect":[74],"triggers.":[75],"This":[76],"paper":[77],"aims":[78],"investigate":[80],"vulnerability":[82],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">stealthy</i>":[89],"To":[92],"this":[93],"end,":[94],"we":[95],"propose":[96],"<sc":[98,121,140,174,206,240,271],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">fraidoor</small>":[100,123,142,176,208,242,273],"(":[101],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">A</i>":[104,113],"dversarial":[105],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">F</i>":[108],"eature":[109],"daptive":[114],"Back":[115],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">door</i>":[118],").":[119],"achieves":[124],"stealthiness":[125],"by":[126,183,188],"leveraging":[127],"adversarial":[128],"perturbations":[129],"inject":[131],"adaptive":[132,202],"triggers":[133,203,224],"into":[134],"different":[135],"inputs.":[136],"We":[137,163,298],"apply":[138],"three":[144,165],"widely":[145,166],"adopted":[146],"(CodeBERT,":[149],"PLBART,":[150],"CodeT5)":[152],"two":[154],"tasks":[156],"(code":[157],"summarization":[158],"method":[160,234],"name":[161],"prediction).":[162],"evaluate":[164],"used":[167],"defense":[168,185,214,233,254,292],"methods":[169,186,293],"find":[171],"more":[178,301,313],"unlikely":[179],"detected":[182],"than":[187,220],"baseline":[189],"methods.":[190],"More":[191],"specifically,":[192],"when":[193],"using":[194],"spectral":[195],"signature":[196],"defense,":[198],"around":[199],"85%":[200],"bypass":[209,228],"detection":[211],"process.":[215],"By":[216],"contrast,":[217],"only":[218],"less":[219],"12%":[221],"from":[225],"previous":[226],"work":[227],"defense.":[230],"When":[231],"not":[236],"applied,":[237,256],"both":[238],"baselines":[244,262],"have":[245],"almost":[246],"perfect":[247],"attack":[248,258],"success":[249,259,267],"rates.":[250],"However,":[251],"once":[252],"rates":[260],"decrease":[263],"dramatically,":[264],"while":[265],"rate":[268],"remains":[274],"high.":[275],"Our":[276],"finding":[277],"exposes":[278],"security":[279,306],"weaknesses":[280],"under":[284],"stealthy":[285],"shows":[289],"state-of-the-art":[291],"cannot":[294],"provide":[295],"sufficient":[296],"protection.":[297],"call":[299],"for":[300],"research":[302],"efforts":[303],"understanding":[305],"threats":[307],"developing":[312],"effective":[314],"countermeasures.":[315]},"counts_by_year":[{"year":2026,"cited_by_count":7},{"year":2025,"cited_by_count":26},{"year":2024,"cited_by_count":16},{"year":2023,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}