Based on the tremendous success of pre-trained language models (PrLMs) for source code comprehension tasks, current literature studies either ways to further improve the performance (generalization) of PrLMs, or their robustness against adversarial attacks. However, they have to compromise on the trade-off between the two aspects and none of them consider improving both sides in an effective and practical way. To fill this gap, we propose Semantic-Preserving Adversarial Code Embeddings (SPACE) to find the worst-case semantic-preserving attacks while forcing the model to predict the correct labels under these worst cases. Experiments and analysis demonstrate that SPACE can stay robust against state-of-the-art attacks while boosting the performance of PrLMs for code.
翻译:根据经过培训的源代码理解任务语言模型(PrLM)的巨大成功,目前的文献研究要么是进一步改进普尔LM的性能(普及性),要么是针对对抗性攻击的稳健性,然而,它们必须就两个方面的权衡妥协,而其中没有一个考虑以有效和实际的方式改进双方。为了填补这一空白,我们提议Sermantic-Preserve Aversarial Code隐含物(SPACE)寻找最糟糕的语义保留攻击,同时迫使该模型预测这些最坏情况下的正确标签。实验和分析表明,空间可以在提高普尔LMS的代码性能的同时,对最先进的攻击保持稳健。
相关内容
微信扫码咨询专知VIP会员