Improving Co-Decoding Based Security Hardening of Code LLMs Leveraging Knowledge Distillation

IF 5.6 1区计算机科学 Q1 COMPUTER SCIENCE, SOFTWARE ENGINEERING

IEEE Transactions on Software Engineering Pub Date : 2025-08-01 DOI:10.1109/TSE.2025.3591791

Dong Li;Shanfu Shu;Meng Yan;Zhongxin Liu;Chao Liu;Xiaohong Zhang;David Lo

{"title":"Improving Co-Decoding Based Security Hardening of Code LLMs Leveraging Knowledge Distillation","authors":"Dong Li;Shanfu Shu;Meng Yan;Zhongxin Liu;Chao Liu;Xiaohong Zhang;David Lo","doi":"10.1109/TSE.2025.3591791","DOIUrl":null,"url":null,"abstract":"Large Language Models (LLMs) have been widely adopted by developers in software development. However, the massive pretraining code data is not rigorously filtered, allowing LLMs to learn unsafe coding patterns. Several prior studies have demonstrated that code LLMs tend to generate code with potential vulnerabilities. The widespread adoption of intelligent programming assistants poses a significant threat to the software development process. Existing approaches to mitigating this risk primarily involve constructing secure data that are free of vulnerabilities and then retraining or fine-tuning the models. However, such an effort is resource intensive and requires significant manual supervision. When the model parameters are too large (e.g., more than 1 billion) or multiple models with the same parameter scale have the same optimization needs (e.g., to avoid outputting vulnerable code), the above work will become unaffordable. To address this challenge, in previous work, we proposed CoSec, an approach to improve the security of code LLMs with different parameters by utilizing an independent and very small parametric security model as a decoding navigator. Despite CoSec’s excellent performance, we found that there is still room for improving: 1) its ability to maintain the functional correctness of hardened targets, and 2) the security of the generated code. To address the above issues, we propose CoSec+, a hardening framework consisting of three phases: 1) Functional Correctness Alignment, which improves the functional correctness of the security base with knowledge disstillation; 2) Security Training, which yields an independent, but much smaller security model; and 3) Co-decoding, where the security model iteratively reasons about the next token along with the target model. Due to the higher confidence that a well-trained security model places in secure and correct tokens, it guides the target base model to generate more secure code, even as it improves the functional correctness of the target base model. We have conducted extensive experiments in several code LLMs (i.e., CodeGen, StarCoderBase, DeepSeekCoder and Qwen2.5-Coder), and the results show that our approach is effective in improving the functional correctness and security of the models. The evaluation results show that CoSec+ can deliver a 0.8% to 37.7% improvement in security across models of various parameter sizes and families; moreover, it preserves the functional correctness of the target base models—achieving functional-correctness gains of 0.7% to 51.1% for most of those models.","PeriodicalId":13324,"journal":{"name":"IEEE Transactions on Software Engineering","volume":"51 9","pages":"2634-2650"},"PeriodicalIF":5.6000,"publicationDate":"2025-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Software Engineering","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/11106920/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

Abstract

Large Language Models (LLMs) have been widely adopted by developers in software development. However, the massive pretraining code data is not rigorously filtered, allowing LLMs to learn unsafe coding patterns. Several prior studies have demonstrated that code LLMs tend to generate code with potential vulnerabilities. The widespread adoption of intelligent programming assistants poses a significant threat to the software development process. Existing approaches to mitigating this risk primarily involve constructing secure data that are free of vulnerabilities and then retraining or fine-tuning the models. However, such an effort is resource intensive and requires significant manual supervision. When the model parameters are too large (e.g., more than 1 billion) or multiple models with the same parameter scale have the same optimization needs (e.g., to avoid outputting vulnerable code), the above work will become unaffordable. To address this challenge, in previous work, we proposed CoSec, an approach to improve the security of code LLMs with different parameters by utilizing an independent and very small parametric security model as a decoding navigator. Despite CoSec’s excellent performance, we found that there is still room for improving: 1) its ability to maintain the functional correctness of hardened targets, and 2) the security of the generated code. To address the above issues, we propose CoSec+, a hardening framework consisting of three phases: 1) Functional Correctness Alignment, which improves the functional correctness of the security base with knowledge disstillation; 2) Security Training, which yields an independent, but much smaller security model; and 3) Co-decoding, where the security model iteratively reasons about the next token along with the target model. Due to the higher confidence that a well-trained security model places in secure and correct tokens, it guides the target base model to generate more secure code, even as it improves the functional correctness of the target base model. We have conducted extensive experiments in several code LLMs (i.e., CodeGen, StarCoderBase, DeepSeekCoder and Qwen2.5-Coder), and the results show that our approach is effective in improving the functional correctness and security of the models. The evaluation results show that CoSec+ can deliver a 0.8% to 37.7% improvement in security across models of various parameter sizes and families; moreover, it preserves the functional correctness of the target base models—achieving functional-correctness gains of 0.7% to 51.1% for most of those models.

查看原文本刊更多论文

利用知识蒸馏改进基于协解码的代码llm安全加固

大型语言模型（llm）在软件开发中被开发人员广泛采用。然而，大量的预训练代码数据没有经过严格的过滤，允许llm学习不安全的编码模式。先前的一些研究表明，代码法学硕士倾向于生成具有潜在漏洞的代码。智能编程助手的广泛采用对软件开发过程构成了重大威胁。减轻这种风险的现有方法主要涉及构建没有漏洞的安全数据，然后对模型进行再培训或微调。然而，这样的工作是资源密集型的，并且需要大量的人工监督。当模型参数太大（如超过10亿）或多个具有相同参数规模的模型具有相同的优化需求（如避免输出易受攻击的代码）时，上述工作将变得难以承受。为了应对这一挑战，在之前的工作中，我们提出了CoSec，这是一种利用独立且非常小的参数安全模型作为解码导航器来提高具有不同参数的代码llm安全性的方法。尽管CoSec性能优异，但我们发现仍有改进的空间：1)维护强化目标功能正确性的能力，以及2)生成代码的安全性。为了解决上述问题，我们提出了CoSec+，这是一个由三个阶段组成的强化框架：1)功能正确性校准，通过知识升华来提高安全库的功能正确性；2)安全培训，它产生一个独立的，但小得多的安全模型；3)协同解码，其中安全模型与目标模型一起迭代地推断下一个令牌。由于训练有素的安全模型对安全和正确的令牌具有更高的置信度，因此它指导目标基本模型生成更安全的代码，即使它改进了目标基本模型的功能正确性。我们在几个代码法学硕士（即CodeGen， StarCoderBase， DeepSeekCoder和Qwen2.5-Coder）中进行了大量实验，结果表明我们的方法在提高模型的功能正确性和安全性方面是有效的。评估结果表明，CoSec+可以在不同参数大小和类型的模型中提供0.8%至37.7%的安全性改进；此外，它保留了目标基本模型的功能正确性——对于大多数模型，实现了0.7%到51.1%的功能正确性增益。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Software Engineering 工程技术-工程：电子与电气

CiteScore

9.70

自引率

10.80%

发文量

724

审稿时长

6 months

期刊介绍： IEEE Transactions on Software Engineering seeks contributions comprising well-defined theoretical results and empirical studies with potential impacts on software construction, analysis, or management. The scope of this Transactions extends from fundamental mechanisms to the development of principles and their application in specific environments. Specific topic areas include: a) Development and maintenance methods and models: Techniques and principles for specifying, designing, and implementing software systems, encompassing notations and process models. b) Assessment methods: Software tests, validation, reliability models, test and diagnosis procedures, software redundancy, design for error control, and measurements and evaluation of process and product aspects. c) Software project management: Productivity factors, cost models, schedule and organizational issues, and standards. d) Tools and environments: Specific tools, integrated tool environments, associated architectures, databases, and parallel and distributed processing issues. e) System issues: Hardware-software trade-offs. f) State-of-the-art surveys: Syntheses and comprehensive reviews of the historical development within specific areas of interest.