Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Enhancing Robustness of AI Offensive Code Generators via Data Augmentation

Cristina Improta, Pietro Liguori, Roberto Natella, Bojan Cukic, Domenico Cotroneo

TL;DR

This work presents a method to add perturbations to the code descriptions to create new inputs in natural language (NL) from well-intentioned developers that diverge from the original ones due to the use of new words or because they miss part of them and assesses the robustness of three state-of-the-art code generators against the newly perturbed inputs.

Abstract

Since manually writing software exploits for offensive security is time-consuming and requires expert knowledge, AI-base code generators are an attractive solution to enhance security analysts' productivity by automatically crafting exploits for security testing. However, the variability in the natural language and technical skills used to describe offensive code poses unique challenges to their robustness and applicability. In this work, we present a method to add perturbations to the code descriptions to create new inputs in natural language (NL) from well-intentioned developers that diverge from the original ones due to the use of new words or because they miss part of them. The goal is to analyze how and to what extent perturbations affect the performance of AI code generators in the context of offensive code. First, we show that perturbed descriptions preserve the semantics of the original, non-perturbed ones. Then, we use the method to assess the robustness of three state-of-the-art code generators against the newly perturbed inputs, showing that the performance of these AI-based solutions is highly affected by perturbations in the NL descriptions. To enhance their robustness, we use the method to perform data augmentation, i.e., to increase the variability and diversity of the NL descriptions in the training data, proving its effectiveness against both perturbed and non-perturbed code descriptions.

Enhancing Robustness of AI Offensive Code Generators via Data Augmentation

TL;DR

This work presents a method to add perturbations to the code descriptions to create new inputs in natural language (NL) from well-intentioned developers that diverge from the original ones due to the use of new words or because they miss part of them and assesses the robustness of three state-of-the-art code generators against the newly perturbed inputs.

Abstract

Since manually writing software exploits for offensive security is time-consuming and requires expert knowledge, AI-base code generators are an attractive solution to enhance security analysts' productivity by automatically crafting exploits for security testing. However, the variability in the natural language and technical skills used to describe offensive code poses unique challenges to their robustness and applicability. In this work, we present a method to add perturbations to the code descriptions to create new inputs in natural language (NL) from well-intentioned developers that diverge from the original ones due to the use of new words or because they miss part of them. The goal is to analyze how and to what extent perturbations affect the performance of AI code generators in the context of offensive code. First, we show that perturbed descriptions preserve the semantics of the original, non-perturbed ones. Then, we use the method to assess the robustness of three state-of-the-art code generators against the newly perturbed inputs, showing that the performance of these AI-based solutions is highly affected by perturbations in the NL descriptions. To enhance their robustness, we use the method to perform data augmentation, i.e., to increase the variability and diversity of the NL descriptions in the training data, proving its effectiveness against both perturbed and non-perturbed code descriptions.
Paper Structure (22 sections, 1 equation, 10 figures, 9 tables)

This paper contains 22 sections, 1 equation, 10 figures, 9 tables.

Table of Contents

  1. Introduction
  2. Related Work
  3. Method
  4. Word Substitution
  5. Word Omission
  6. Code Generation Task
  7. Case Study
  8. AI Code Generators
  9. Dataset
  10. Implementation of Perturbations
  11. Metrics
  12. Semantics Evaluation
  13. Robustness Evaluation
  14. Robustness Evaluation On Perturbed Code Descriptions
  15. Data Augmentation Against Perturbed Code Descriptions
  16. ...and 7 more sections

Figures (10)

  • Figure 1: Overview of the proposed method.
  • Figure 2: Example of NL description for assembly code. Equivalent intents can be expressed with different words (word substitution) or by omitting some words (word omission).
  • Figure 3: Violin plots showing the cosine similarity between the original and the perturbed NL descriptions in the whole dataset.
  • Figure 4: Human scores of perturbations with cosine similarity higher or lower than the threshold.
  • Figure 5: Comparison between the models' performance on single-line code snippets vs. multi-line code snippets in terms of syntactic (SYN) and semantic (SEM) accuracy.
  • ...and 5 more figures