Researchers have developed a novel data poisoning attack called Poison-with-Style (PwS) that targets code large language models (CLLMs). This attack subtly embeds trigger code styles within developers' prompts, causing the CLLMs to generate vulnerable code without explicit trigger words. PwS demonstrates robustness against existing defenses and achieves high success rates in generating specific vulnerabilities, such as CWE-20, while minimally impacting performance on standard code completion benchmarks. AI
IMPACT This research highlights a new vulnerability in code LLMs, potentially impacting the security of AI-assisted software development.
RANK_REASON The cluster contains a research paper detailing a novel attack method against code LLMs. [lever_c_demoted from research: ic=1 ai=1.0]
AI-generated summary · Google Gemini · from 1 sources. How we write summaries →
