A review of backdoor attacks and defenses in code large language models: Implications for security measures
IF 3.8
2区 计算机科学
Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS
引用次数: 0
Abstract
Context:
Large Language Models (LLMS) have revolutionized software engineering by bridging human language understanding and complex problem solving. However, resource constraints often lead users to rely on open-source models or third-party platforms for training and prompt engineering, introducing significant security vulnerabilities.
Objective:
This study provides a comprehensive analysis of backdoor attacks targeting LLMS in software engineering, with a particular focus on fine-tuning methods. Our work addresses a critical gap in existing literature by proposing a novel three-category framework for backdoor attacks: full-parameter fine-tuning, parameter-efficient fine-tuning, and no-tuning attacks.
Methods:
We systematically reviewed existing studies and analyzed attack success rates across different methods. Full-parameter fine-tuning generally achieves high success rates but requires significant computational resources. Parameter-efficient fine-tuning offers comparable success rates with lower resource demands, while no-tuning attacks exhibit variable success rates depending on prompt design, posing unique challenges due to their minimal resource requirements.
Results:
Our findings underscore the evolving landscape of backdoor attacks, highlighting the shift towards more resource-efficient and stealthy methods. These trends emphasize the need for advanced detection mechanisms and robust defense strategies.
Conclusion:
By focusing on code-specific threats, this study provides unique insights into securing LLMS in software engineering. Our work lays the foundation for future research on developing sophisticated defense mechanisms and understanding stealthy backdoor attacks.
回顾代码大型语言模型中的后门攻击和防御:安全措施的含义
背景:大型语言模型(LLMS)通过连接人类语言理解和复杂问题解决,彻底改变了软件工程。然而,资源限制经常导致用户依赖开源模型或第三方平台进行培训和提示工程,从而引入重大的安全漏洞。目的:本研究提供了针对软件工程LLMS的后门攻击的全面分析,特别关注微调方法。我们的工作解决了现有文献中的一个关键空白,提出了一个新的三类后门攻击框架:全参数微调、参数高效微调和无调优攻击。方法:我们系统地回顾了现有的研究,并分析了不同方法的攻击成功率。全参数微调通常具有较高的成功率,但需要大量的计算资源。参数有效的微调在较低的资源需求下提供了相当的成功率,而无调优攻击的成功率取决于提示设计,由于其最小的资源需求,带来了独特的挑战。结果:我们的研究结果强调了后门攻击的发展趋势,强调了向资源效率更高和更隐蔽的方法的转变。这些趋势强调需要先进的检测机制和强大的防御策略。结论:通过关注特定于代码的威胁,本研究为软件工程中的LLMS安全提供了独特的见解。我们的工作为未来研究开发复杂的防御机制和理解隐形后门攻击奠定了基础。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文
求助全文
来源期刊
Information and Software Technology
工程技术-计算机:软件工程
CiteScore
9.10
自引率
7.70%
发文量
164
审稿时长
9.6 weeks
期刊介绍:
Information and Software Technology is the international archival journal focusing on research and experience that contributes to the improvement of software development practices. The journal''s scope includes methods and techniques to better engineer software and manage its development. Articles submitted for review should have a clear component of software engineering or address ways to improve the engineering and management of software development. Areas covered by the journal include:
• Software management, quality and metrics,
• Software processes,
• Software architecture, modelling, specification, design and programming
• Functional and non-functional software requirements
• Software testing and verification & validation
• Empirical studies of all aspects of engineering and managing software development
Short Communications is a new section dedicated to short papers addressing new ideas, controversial opinions, "Negative" results and much more. Read the Guide for authors for more information.
The journal encourages and welcomes submissions of systematic literature studies (reviews and maps) within the scope of the journal. Information and Software Technology is the premiere outlet for systematic literature studies in software engineering.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
