{"id":"https://openalex.org/W4403761251","doi":"https://doi.org/10.1109/tse.2024.3482719","title":"Gotcha! This Model Uses My Code! Evaluating Membership Leakage Risks in Code Models","display_name":"Gotcha! This Model Uses My Code! Evaluating Membership Leakage Risks in Code Models","publication_year":2024,"publication_date":"2024-10-25","ids":{"openalex":"https://openalex.org/W4403761251","doi":"https://doi.org/10.1109/tse.2024.3482719"},"language":"en","primary_location":{"id":"doi:10.1109/tse.2024.3482719","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tse.2024.3482719","pdf_url":null,"source":{"id":"https://openalex.org/S8351582","display_name":"IEEE Transactions on Software Engineering","issn_l":"0098-5589","issn":["0098-5589","1939-3520","2326-3881"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Software Engineering","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://ink.library.smu.edu.sg/sis_research/9889","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5008695791","display_name":"Zhou Yang","orcid":"https://orcid.org/0000-0001-5938-1918"},"institutions":[{"id":"https://openalex.org/I79891267","display_name":"Singapore Management University","ror":"https://ror.org/050qmg959","country_code":"SG","type":"education","lineage":["https://openalex.org/I79891267"]}],"countries":["SG"],"is_corresponding":true,"raw_author_name":"Zhou Yang","raw_affiliation_strings":["School of Computing and Information Systems, Singapore Management University, Singapore"],"raw_orcid":"https://orcid.org/0000-0001-5938-1918","affiliations":[{"raw_affiliation_string":"School of Computing and Information Systems, Singapore Management University, Singapore","institution_ids":["https://openalex.org/I79891267"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100675629","display_name":"Zhipeng Zhao","orcid":"https://orcid.org/0000-0002-1701-0286"},"institutions":[{"id":"https://openalex.org/I124055696","display_name":"University of Copenhagen","ror":"https://ror.org/035b05819","country_code":"DK","type":"education","lineage":["https://openalex.org/I124055696"]}],"countries":["DK"],"is_corresponding":false,"raw_author_name":"Zhipeng Zhao","raw_affiliation_strings":["University of Copenhagen, Copenhagen, Denmark"],"raw_orcid":"https://orcid.org/0000-0002-1701-0286","affiliations":[{"raw_affiliation_string":"University of Copenhagen, Copenhagen, Denmark","institution_ids":["https://openalex.org/I124055696"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052920267","display_name":"Chenyu Wang","orcid":"https://orcid.org/0009-0003-2436-5899"},"institutions":[{"id":"https://openalex.org/I79891267","display_name":"Singapore Management University","ror":"https://ror.org/050qmg959","country_code":"SG","type":"education","lineage":["https://openalex.org/I79891267"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Chenyu Wang","raw_affiliation_strings":["School of Computing and Information Systems, Singapore Management University, Singapore"],"raw_orcid":"https://orcid.org/0009-0003-2436-5899","affiliations":[{"raw_affiliation_string":"School of Computing and Information Systems, Singapore Management University, Singapore","institution_ids":["https://openalex.org/I79891267"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5002667771","display_name":"Jieke Shi","orcid":"https://orcid.org/0000-0002-0799-5018"},"institutions":[{"id":"https://openalex.org/I79891267","display_name":"Singapore Management University","ror":"https://ror.org/050qmg959","country_code":"SG","type":"education","lineage":["https://openalex.org/I79891267"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Jieke Shi","raw_affiliation_strings":["School of Computing and Information Systems, Singapore Management University, Singapore"],"raw_orcid":"https://orcid.org/0000-0002-0799-5018","affiliations":[{"raw_affiliation_string":"School of Computing and Information Systems, Singapore Management University, Singapore","institution_ids":["https://openalex.org/I79891267"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5067772621","display_name":"Dongsun Kim","orcid":"https://orcid.org/0000-0003-0272-6860"},"institutions":[{"id":"https://openalex.org/I197347611","display_name":"Korea University","ror":"https://ror.org/047dqcg40","country_code":"KR","type":"education","lineage":["https://openalex.org/I197347611"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Dongsun Kim","raw_affiliation_strings":["Korea University, Seoul, South Korea"],"raw_orcid":"https://orcid.org/0000-0003-0272-6860","affiliations":[{"raw_affiliation_string":"Korea University, Seoul, South Korea","institution_ids":["https://openalex.org/I197347611"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054365831","display_name":"DongGyun Han","orcid":"https://orcid.org/0000-0002-8599-2197"},"institutions":[{"id":"https://openalex.org/I184558857","display_name":"Royal Holloway University of London","ror":"https://ror.org/04g2vpn86","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I184558857"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"DongGyun Han","raw_affiliation_strings":["Royal Holloway, University of London, Egham, U.K"],"raw_orcid":"https://orcid.org/0000-0002-8599-2197","affiliations":[{"raw_affiliation_string":"Royal Holloway, University of London, Egham, U.K","institution_ids":["https://openalex.org/I184558857"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5081036622","display_name":"David Lo","orcid":"https://orcid.org/0000-0002-4367-7201"},"institutions":[{"id":"https://openalex.org/I79891267","display_name":"Singapore Management University","ror":"https://ror.org/050qmg959","country_code":"SG","type":"education","lineage":["https://openalex.org/I79891267"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"David Lo","raw_affiliation_strings":["School of Computing and Information Systems, Singapore Management University, Singapore"],"raw_orcid":"https://orcid.org/0000-0002-4367-7201","affiliations":[{"raw_affiliation_string":"School of Computing and Information Systems, Singapore Management University, Singapore","institution_ids":["https://openalex.org/I79891267"]}]}],"institutions":[],"countries_distinct_count":4,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5008695791"],"corresponding_institution_ids":["https://openalex.org/I79891267"],"apc_list":null,"apc_paid":null,"fwci":4.3048,"has_fulltext":true,"cited_by_count":13,"citation_normalized_percentile":{"value":0.95007067,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":"50","issue":"12","first_page":"3290","last_page":"3306"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9926000237464905,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9926000237464905,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9876999855041504,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9824000000953674,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8303424119949341},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5774418115615845},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.4496503472328186},{"id":"https://openalex.org/keywords/leakage","display_name":"Leakage (economics)","score":0.4362737238407135},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.4139821529388428},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.3416575789451599}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8303424119949341},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5774418115615845},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.4496503472328186},{"id":"https://openalex.org/C2777042071","wikidata":"https://www.wikidata.org/wiki/Q6509304","display_name":"Leakage (economics)","level":2,"score":0.4362737238407135},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.4139821529388428},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3416575789451599},{"id":"https://openalex.org/C139719470","wikidata":"https://www.wikidata.org/wiki/Q39680","display_name":"Macroeconomics","level":1,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/tse.2024.3482719","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tse.2024.3482719","pdf_url":null,"source":{"id":"https://openalex.org/S8351582","display_name":"IEEE Transactions on Software Engineering","issn_l":"0098-5589","issn":["0098-5589","1939-3520","2326-3881"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Software Engineering","raw_type":"journal-article"},{"id":"pmh:oai:ink.library.smu.edu.sg:sis_research-10889","is_oa":true,"landing_page_url":"https://ink.library.smu.edu.sg/sis_research/9889","pdf_url":null,"source":{"id":"https://openalex.org/S4306401925","display_name":"Singapore Management University Institutional Knowledge (InK) (Singapore Management University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I79891267","host_organization_name":"Singapore Management University","host_organization_lineage":["https://openalex.org/I79891267"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"https://doi.org/10.1109/TSE.2024.3482719","raw_type":"Journal Article"},{"id":"pmh:oai:pure.atira.dk:openaire_cris_publications/2c981428-84e3-4b99-8b96-3298f4a99ba4","is_oa":true,"landing_page_url":"https://researchprofiles.ku.dk/da/publications/2c981428-84e3-4b99-8b96-3298f4a99ba4","pdf_url":null,"source":{"id":"https://openalex.org/S4306401983","display_name":"Research at the University of Copenhagen (University of Copenhagen)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I124055696","host_organization_name":"University of Copenhagen","host_organization_lineage":["https://openalex.org/I124055696"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Yang , Z , Zhao , Z , Wang , C , Shi , J , Kim , D , Han , D G & Lo , D 2024 , ' Gotcha! This Model Uses My Code! Evaluating Membership Leakage Risks in Code Models ' , IEEE Transactions on Software Engineering , vol. 14 , no. 8 , pp. 3290-3306 . https://doi.org/10.1109/TSE.2024.3482719","raw_type":"article"}],"best_oa_location":{"id":"pmh:oai:ink.library.smu.edu.sg:sis_research-10889","is_oa":true,"landing_page_url":"https://ink.library.smu.edu.sg/sis_research/9889","pdf_url":null,"source":{"id":"https://openalex.org/S4306401925","display_name":"Singapore Management University Institutional Knowledge (InK) (Singapore Management University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I79891267","host_organization_name":"Singapore Management University","host_organization_lineage":["https://openalex.org/I79891267"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"https://doi.org/10.1109/TSE.2024.3482719","raw_type":"Journal Article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G5332036567","display_name":null,"funder_award_id":"NRF-NRFI08-2022-0002","funder_id":"https://openalex.org/F4320320671","funder_display_name":"National Research Foundation"},{"id":"https://openalex.org/G7169835300","display_name":null,"funder_award_id":"NRF-NRFI08-2022-0002","funder_id":"https://openalex.org/F4320320709","funder_display_name":"National Research Foundation Singapore"},{"id":"https://openalex.org/G875168909","display_name":null,"funder_award_id":"NRF-NRFI08-2022","funder_id":"https://openalex.org/F4320320709","funder_display_name":"National Research Foundation Singapore"}],"funders":[{"id":"https://openalex.org/F4320320671","display_name":"National Research Foundation","ror":"https://ror.org/05s0g1g46"},{"id":"https://openalex.org/F4320320709","display_name":"National Research Foundation Singapore","ror":"https://ror.org/03cpyc314"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":96,"referenced_works":["https://openalex.org/W1995423294","https://openalex.org/W2108325777","https://openalex.org/W2148190602","https://openalex.org/W2353267094","https://openalex.org/W2473418344","https://openalex.org/W2533695286","https://openalex.org/W2535690855","https://openalex.org/W2587741066","https://openalex.org/W2591882872","https://openalex.org/W2735994454","https://openalex.org/W2795435272","https://openalex.org/W2884943453","https://openalex.org/W2912023992","https://openalex.org/W2930926105","https://openalex.org/W2965373594","https://openalex.org/W2981828710","https://openalex.org/W2997451752","https://openalex.org/W3004658838","https://openalex.org/W3071470454","https://openalex.org/W3092232764","https://openalex.org/W3098605233","https://openalex.org/W3102516861","https://openalex.org/W3103245149","https://openalex.org/W3105249702","https://openalex.org/W3106873467","https://openalex.org/W3109966548","https://openalex.org/W3120545963","https://openalex.org/W3120740533","https://openalex.org/W3126675481","https://openalex.org/W3131641316","https://openalex.org/W3160155705","https://openalex.org/W3164878287","https://openalex.org/W3167948855","https://openalex.org/W3170092793","https://openalex.org/W3177413187","https://openalex.org/W3177813494","https://openalex.org/W3198685994","https://openalex.org/W3199249334","https://openalex.org/W3210860486","https://openalex.org/W3212496002","https://openalex.org/W3217001695","https://openalex.org/W4206334468","https://openalex.org/W4220672926","https://openalex.org/W4220722393","https://openalex.org/W4221159558","https://openalex.org/W4226468133","https://openalex.org/W4240402692","https://openalex.org/W4243526333","https://openalex.org/W4245204018","https://openalex.org/W4281763794","https://openalex.org/W4285490465","https://openalex.org/W4286530321","https://openalex.org/W4287117507","https://openalex.org/W4288057765","https://openalex.org/W4307932649","https://openalex.org/W4308627220","https://openalex.org/W4312044266","https://openalex.org/W4313563661","https://openalex.org/W4315815628","https://openalex.org/W4379615696","https://openalex.org/W4382317573","https://openalex.org/W4384009645","https://openalex.org/W4384009685","https://openalex.org/W4384026634","https://openalex.org/W4386114028","https://openalex.org/W4389438812","https://openalex.org/W4391696889","https://openalex.org/W4394638297","https://openalex.org/W4394745382","https://openalex.org/W4402665833","https://openalex.org/W4405185384","https://openalex.org/W6621543089","https://openalex.org/W6639213037","https://openalex.org/W6640425456","https://openalex.org/W6674504384","https://openalex.org/W6739868092","https://openalex.org/W6755207826","https://openalex.org/W6766673545","https://openalex.org/W6768003788","https://openalex.org/W6769627184","https://openalex.org/W6770088130","https://openalex.org/W6780120029","https://openalex.org/W6783227185","https://openalex.org/W6785803531","https://openalex.org/W6786295192","https://openalex.org/W6787335730","https://openalex.org/W6789235688","https://openalex.org/W6790588633","https://openalex.org/W6798182279","https://openalex.org/W6802444496","https://openalex.org/W6803958908","https://openalex.org/W6809994879","https://openalex.org/W6810874553","https://openalex.org/W6846030361","https://openalex.org/W6855197718","https://openalex.org/W6855789160"],"related_works":["https://openalex.org/W3156288925","https://openalex.org/W2965236686","https://openalex.org/W2385771124","https://openalex.org/W1519912902","https://openalex.org/W4231937131","https://openalex.org/W2357840701","https://openalex.org/W2364814511","https://openalex.org/W2383951343","https://openalex.org/W2373563857","https://openalex.org/W3081644756"],"abstract_inverted_index":{"Leveraging":[0],"large-scale":[1],"datasets":[2],"from":[3,38,51],"open-source":[4,43],"projects":[5,44],"and":[6,29,47,115,134,195,217,248],"advances":[7],"in":[8,75],"large":[9],"language":[10],"models,":[11,114],"recent":[12],"progress":[13],"has":[14],"led":[15],"to":[16,81,179,239],"sophisticated":[17],"code":[18,30,50,76,113,246],"models":[19,33,247],"for":[20,112],"key":[21,128],"software":[22],"engineering":[23],"tasks,":[24],"such":[25],"as":[26],"program":[27],"repair":[28],"completion.":[31],"These":[32],"are":[34],"trained":[35],"on":[36,119],"data":[37,92],"various":[39],"sources,":[40],"including":[41],"public":[42],"like":[45],"GitHub":[46],"private,":[48],"confidential":[49],"companies,":[52],"raising":[53],"significant":[54],"privacy":[55,243],"concerns.":[56],"This":[57,233],"paper":[58],"investigates":[59],"a":[60,90,105,162,189,196],"crucial":[61],"but":[62],"unexplored":[63],"question:":[64],"<italic":[65],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[66,103,123,166,183],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">What":[67],"is":[68,170],"the":[69,82,97,207,211,236,242],"risk":[70,169],"of":[71,96,193,201,210,245],"membership":[72,107,230],"information":[73],"leakage":[74,79,168,231],"models?</i>":[77],"Membership":[78],"refers":[80],"vulnerability":[83],"where":[84],"an":[85],"attacker":[86],"can":[87,227],"infer":[88],"whether":[89],"specific":[91],"point":[93],"was":[94],"part":[95],"training":[98],"dataset.":[99],"We":[100,203],"present":[101],"<sc":[102,122,182],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">Gotcha</small>,":[104],"novel":[106],"inference":[108],"attack":[109,146,157,221],"method":[110],"designed":[111],"evaluate":[116],"its":[117],"effectiveness":[118],"Java-based":[120],"datasets.":[121],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">Gotcha</small>":[124,184],"simultaneously":[125],"considers":[126],"three":[127],"factors:":[129],"model":[130,132,213,215],"input,":[131],"output,":[133],"ground":[135],"truth.":[136],"Our":[137,148,159],"ablation":[138,149],"study":[139,150],"confirms":[140,151],"that":[141,152,206],"each":[142,153],"factor":[143,154],"significantly":[144,155,171],"enhances":[145,156],"performance.":[147,158],"investigation":[160],"reveals":[161],"troubling":[163],"finding:":[164],"<bold":[165],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">membership":[167],"elevated</b>.":[172],"While":[173],"previous":[174],"methods":[175],"had":[176],"accuracy":[177],"close":[178],"random":[180],"guessing,":[181],"achieves":[185],"high":[186],"precision,":[187],"with":[188],"true":[190],"positive":[191,199],"rate":[192,200],"0.95":[194],"low":[197],"false":[198],"0.10.":[202],"also":[204],"demonstrate":[205],"attacker's":[208],"knowledge":[209],"victim":[212],"(e.g.,":[214],"architecture":[216],"pre-training":[218],"data)":[219],"affects":[220],"success.":[222],"Additionally,":[223],"modifying":[224],"decoding":[225],"strategies":[226],"help":[228],"reduce":[229],"risks.":[232],"research":[234],"highlights":[235],"urgent":[237],"need":[238],"better":[240],"understand":[241],"vulnerabilities":[244],"develop":[249],"strong":[250],"countermeasures":[251],"against":[252],"these":[253],"threats.":[254]},"counts_by_year":[{"year":2025,"cited_by_count":11},{"year":2024,"cited_by_count":2}],"updated_date":"2025-12-22T23:10:17.713674","created_date":"2025-10-10T00:00:00"}