Measuring Impacts of Poisoning on Model Parameters and Embeddings for Large Language Models of Code (AIware 2024 - Main Track)

Who

Aftab Hussain, Md Rafiqul Islam Rabin, Amin Alipour

Track

AIware 2024 Main Track

Time Zone

The program is currently displayed in (GMT-03:00) Brasilia, Distrito Federal, Brazil.

Use conference time zone: (GMT-03:00) Brasilia, Distrito Federal, BrazilSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Mon 15 Jul 2024 16:05 - 16:10 at Mandacaru - Security and Safety + Round Table + Day1 Closing Chair(s): Thomas Zimmermann, Ahmed E. Hassan

Abstract

Large language models (LLMs) have revolutionized software development practices, yet concerns about their safety have arisen, particularly regarding hidden backdoors, \textit{aka} trojans. Backdoor attacks involve the insertion of triggers into training data, allowing attackers to manipulate the behavior of the model maliciously. In this paper, we focus on analyzing the model parameters to detect potential backdoor signals in code models. Specifically, we examine attention weights and biases, and context embeddings of the clean and poisoned CodeBERT and CodeT5 models. Our results suggest noticeable patterns in context embeddings of poisoned samples for both the poisoned models; however, attention weights and biases do not show any significant differences. This work contributes to ongoing efforts in white-box detection of backdoor signals in LLMs of code through the analysis of parameters and embeddings.

DOI

https://doi.org/10.1145/3664646.3664764

Aftab Hussain

University of Houston

United States

Md Rafiqul Islam Rabin

University of Houston

United States

Amin Alipour

University of Houston

United States

Time Zone

The program is currently displayed in (GMT-03:00) Brasilia, Distrito Federal, Brazil.

Use conference time zone: (GMT-03:00) Brasilia, Distrito Federal, BrazilSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Mon 15 Jul
Displayed time zone: Brasilia, Distrito Federal, Brazil change

16:00 - 18:00	Security and Safety + Round Table + Day1 ClosingMain Track / Late Breaking Arxiv Track at Mandacaru Chair(s): Thomas Zimmermann Microsoft Research, Ahmed E. Hassan Queen’s University

16:00 5m Paper		An AI System Evaluation Framework for Advancing AI Safety: Terminology, Taxonomy, Lifecycle Mapping Main Track Boming Xia CSIRO's Data61 & University of New South Wales, Qinghua Lu Data61, CSIRO, Liming Zhu CSIRO’s Data61, Zhenchang Xing CSIRO's Data61 DOI
16:05 5m Paper		Measuring Impacts of Poisoning on Model Parameters and Embeddings for Large Language Models of Code Main Track Aftab Hussain University of Houston, Md Rafiqul Islam Rabin University of Houston, Amin Alipour University of Houston DOI
16:10 10m Paper		A Case Study of LLM for Automated Vulnerability Repair: Assessing Impact of Reasoning and Patch Validation Feedback Main Track Ummay Kulsum North Carolina State University, Haotian Zhu Singapore Management University, Bowen Xu North Carolina State University, Marcelo d'Amorim North Carolina State University DOI
16:20 5m Paper		Trojans in Large Language Models of Code: A Critical Review through a Trigger-Based Taxonomy Late Breaking Arxiv Track Aftab Hussain University of Houston, Md Rafiqul Islam Rabin University of Houston, Toufique Ahmed University of California at Davis, Bowen Xu North Carolina State University, Premkumar Devanbu UC Davis, Amin Alipour University of Houston Pre-print
16:25 25m Live Q&A		Session Q&A and topic discussions Main Track
16:50 60m Panel		Round Table Main Track
17:50 10m Day closing		Day 1 summary and closing Main Track