{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,29]],"date-time":"2026-05-29T12:19:34Z","timestamp":1780057174164,"version":"3.54.0"},"publisher-location":"New York, NY, USA","reference-count":41,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,7,10]],"date-time":"2024-07-10T00:00:00Z","timestamp":1720569600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Intelligence Advanced Research Projects Agency (IARPA)","award":["W911NF20C0038"],"award-info":[{"award-number":["W911NF20C0038"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,7,10]]},"DOI":"10.1145\/3664646.3664764","type":"proceedings-article","created":{"date-parts":[[2024,7,10]],"date-time":"2024-07-10T19:39:56Z","timestamp":1720640396000},"page":"59-64","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Measuring Impacts of Poisoning on Model Parameters and Embeddings for Large Language Models of Code"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0001-7415-9650","authenticated-orcid":false,"given":"Aftab","family":"Hussain","sequence":"first","affiliation":[{"name":"University of Houston, Houston, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5575-0528","authenticated-orcid":false,"given":"Md Rafiqul Islam","family":"Rabin","sequence":"additional","affiliation":[{"name":"University of Houston, Houston, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6479-7202","authenticated-orcid":false,"given":"Mohammad Amin","family":"Alipour","sequence":"additional","affiliation":[{"name":"University of Houston, Houston, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2024,7,10]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/3359591.3359735"},{"key":"e_1_3_2_1_2_1","volume-title":"International Conference on Machine Learning. 896\u2013907","author":"Bielik Pavol","year":"2020","unstructured":"Pavol Bielik and Martin Vechev. 2020. Adversarial robustness for code. In International Conference on Machine Learning. 896\u2013907."},{"key":"e_1_3_2_1_3_1","first-page":"22285","article-title":"One-shot neural backdoor erasing via adversarial weight masking","volume":"35","author":"Chai Shuwen","year":"2022","unstructured":"Shuwen Chai and Jinghui Chen. 2022. One-shot neural backdoor erasing via adversarial weight masking. Advances in Neural Information Processing Systems, 35 (2022), 22285\u201322299.","journal-title":"Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_1_4_1","unstructured":"Bryant Chen Wilka Carvalho Nathalie Baracaldo Heiko Ludwig Benjamin Edwards Taesung Lee Ian Molloy and Biplav Srivastava. 2018. Detecting backdoor attacks on deep neural networks by activation clustering. arXiv preprint arXiv:1811.03728."},{"key":"e_1_3_2_1_5_1","volume-title":"Jared Kaplan, Harri Edwards, Yuri Burda, Nicholas Joseph, and Greg Brockman.","author":"Chen Mark","year":"2021","unstructured":"Mark Chen, Jerry Tworek, Heewoo Jun, Qiming Yuan, Henrique Ponde de Oliveira Pinto, Jared Kaplan, Harri Edwards, Yuri Burda, Nicholas Joseph, and Greg Brockman. 2021. Evaluating Large Language Models Trained on Code. arXiv preprint arXiv:2107.03374."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1"},{"key":"e_1_3_2_1_7_1","volume-title":"Proceedings of the IEEE\/CVF International Conference on Computer Vision. 12\u201320","author":"Fields Greg","year":"2021","unstructured":"Greg Fields, Mohammad Samragh, Mojan Javaheripi, Farinaz Koushanfar, and Tara Javidi. 2021. Trojan signatures in DNN weights. In Proceedings of the IEEE\/CVF International Conference on Computer Vision. 12\u201320."},{"key":"e_1_3_2_1_8_1","volume-title":"InCoder: A Generative Model for Code Infilling and Synthesis. In The Eleventh International Conference on Learning Representations. https:\/\/openreview.net\/forum?id=hQwb-lbM6EL","author":"Fried Daniel","year":"2023","unstructured":"Daniel Fried, Armen Aghajanyan, Jessy Lin, Sida Wang, Eric Wallace, Freda Shi, Ruiqi Zhong, Scott Yih, Luke Zettlemoyer, and Mike Lewis. 2023. InCoder: A Generative Model for Code Infilling and Synthesis. In The Eleventh International Conference on Learning Representations. https:\/\/openreview.net\/forum?id=hQwb-lbM6EL"},{"key":"e_1_3_2_1_9_1","volume-title":"Proceedings of the 29th ACM International Conference on Information & Knowledge Management. 2029\u20132032","author":"Garg Siddhant","year":"2020","unstructured":"Siddhant Garg, Adarsh Kumar, Vibhor Goel, and Yingyu Liang. 2020. Can adversarial weight perturbations inject neural backdoors. In Proceedings of the 29th ACM International Conference on Information & Knowledge Management. 2029\u20132032."},{"key":"e_1_3_2_1_10_1","volume-title":"Toufique Ahmed, Mohammad Amin Alipour, and Bowen Xu.","author":"Hussain Aftab","year":"2023","unstructured":"Aftab Hussain, Md Rafiqul Islam Rabin, Toufique Ahmed, Mohammad Amin Alipour, and Bowen Xu. 2023. Occlusion-based Detection of Trojan-triggering Inputs in Large Language Models of Code. arXiv preprint arXiv:2312.04004."},{"key":"e_1_3_2_1_11_1","volume-title":"Toufique Ahmed, Bowen Xu, Prem Devanbu, and Mohammad Amin Alipour.","author":"Hussain Aftab","year":"2023","unstructured":"Aftab Hussain, Md Rafiqul Islam Rabin, Toufique Ahmed, Bowen Xu, Prem Devanbu, and Mohammad Amin Alipour. 2023. A Survey of Trojans in Neural Models of Source Code: Taxonomy and Techniques. arXiv preprint arXiv:2305.03803."},{"key":"e_1_3_2_1_12_1","volume-title":"Md Rafiqul Islam Rabin, and Mohammad Amin Alipour","author":"Hussain Aftab","year":"2023","unstructured":"Aftab Hussain, Md Rafiqul Islam Rabin, and Mohammad Amin Alipour. 2023. TrojanedCM: A Repository for Poisoned Neural Models of Source Code. arXiv preprint arXiv:2311.14850."},{"key":"e_1_3_2_1_13_1","volume-title":"Md Rafiqul Islam Rabin, and Mohammad Amin Alipour","author":"Hussain Aftab","year":"2024","unstructured":"Aftab Hussain, Md Rafiqul Islam Rabin, and Mohammad Amin Alipour. 2024. On Trojan Signatures in Large Language Models of Code. arXiv preprint arXiv:2402.16896."},{"key":"e_1_3_2_1_14_1","volume-title":"Navid Ayoobi, and Mohammad Amin Alipour.","author":"Hussain Aftab","year":"2024","unstructured":"Aftab Hussain, Md Rafiqul Islam Rabin, Navid Ayoobi, and Mohammad Amin Alipour. 2024. Measuring Impacts of Poisoning on Model Parameters and Neuron Activations: A Case Study of Poisoning CodeBERT. arXiv preprint arXiv:2402.12936."},{"key":"e_1_3_2_1_15_1","volume-title":"Sudharshan Subramaniam Janakiraman, and Wael AbdAlmageed","author":"Hussein Mohamed E","year":"2023","unstructured":"Mohamed E Hussein, Sudharshan Subramaniam Janakiraman, and Wael AbdAlmageed. 2023. Trojan Model Detection Using Activation Optimization. arXiv preprint arXiv:2306.04877."},{"key":"e_1_3_2_1_16_1","volume-title":"Proceedings of the AAAI Conference on Artificial Intelligence. 37","author":"Jha Akshita","year":"2023","unstructured":"Akshita Jha and Chandan K Reddy. 2023. Codeattack: Code-based adversarial attacks for pre-trained programming language models. In Proceedings of the AAAI Conference on Artificial Intelligence. 37, 14892\u201314900."},{"key":"e_1_3_2_1_17_1","volume-title":"International conference on machine learning. 5110\u20135121","author":"Kanade Aditya","year":"2020","unstructured":"Aditya Kanade, Petros Maniatis, Gogul Balakrishnan, and Kensen Shi. 2020. Learning and evaluating contextual embedding of source code. In International conference on machine learning. 5110\u20135121."},{"key":"e_1_3_2_1_18_1","volume-title":"Machel Reid, Yutaka Matsuo, and Yusuke Iwasawa.","author":"Kojima Takeshi","year":"2022","unstructured":"Takeshi Kojima, Shixiang Shane Gu, Machel Reid, Yutaka Matsuo, and Yusuke Iwasawa. 2022. Large language models are zero-shot reasoners. Advances in neural information processing systems, 35 (2022), 22199\u201322213."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","unstructured":"Jia Li Zhuo Li HuangZhao Zhang Ge Li Zhi Jin Xing Hu and Xin Xia. 2023. Poison Attack and Poison Detection on Deep Source Code Processing Models. ACM Transactions on Software Engineering and Methodology issn:1049-331X https:\/\/doi.org\/10.1145\/3630008 10.1145\/3630008","DOI":"10.1145\/3630008"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1"},{"key":"e_1_3_2_1_21_1","volume-title":"CodeXGLUE: A Machine Learning Benchmark Dataset for Code Understanding and Generation. In Thirty-fifth Conference on Neural Information Processing Systems Datasets and Benchmarks Track (Round 1).","author":"Lu Shuai","year":"2021","unstructured":"Shuai Lu, Daya Guo, Shuo Ren, Junjie Huang, Alexey Svyatkovskiy, Ambrosio Blanco, Colin Clement, Dawn Drain, Daxin Jiang, Duyu Tang, Ge Li, Lidong Zhou, Linjun Shou, Long Zhou, Michele Tufano, MING GONG, Ming Zhou, Nan Duan, Neel Sundaresan, Shao Kun Deng, Shengyu Fu, and Shujie LIU. 2021. CodeXGLUE: A Machine Learning Benchmark Dataset for Code Understanding and Generation. In Thirty-fifth Conference on Neural Information Processing Systems Datasets and Benchmarks Track (Round 1)."},{"key":"e_1_3_2_1_22_1","volume-title":"CodeGen: An Open Large Language Model for Code with Multi-Turn Program Synthesis. In The Eleventh International Conference on Learning Representations. https:\/\/openreview.net\/forum?id=iaYcJKpY2B_","author":"Nijkamp Erik","year":"2023","unstructured":"Erik Nijkamp, Bo Pang, Hiroaki Hayashi, Lifu Tu, Huan Wang, Yingbo Zhou, Silvio Savarese, and Caiming Xiong. 2023. CodeGen: An Open Large Language Model for Code with Multi-Turn Program Synthesis. In The Eleventh International Conference on Learning Representations. https:\/\/openreview.net\/forum?id=iaYcJKpY2B_"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1214\/aoms\/1177704472"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.5555\/1953048.2078195"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1"},{"key":"e_1_3_2_1_26_1","volume-title":"On the Generalizability of Neural Program Models with Respect to Semantic-Preserving Program Transformations. Information and Software Technology (IST), 135(106552)","author":"Islam Rabin Md Rafiqul","year":"2021","unstructured":"Md Rafiqul Islam Rabin, Nghi D.Q. Bui, Ke Wang, Yijun Yu, Lingxiao Jiang, and Mohammad Amin Alipour. 2021. On the Generalizability of Neural Program Models with Respect to Semantic-Preserving Program Transformations. Information and Software Technology (IST), 135(106552) (2021), 1\u201313."},{"key":"e_1_3_2_1_27_1","volume-title":"Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC\/FSE). 441\u2013452","author":"Islam Rabin Md Rafiqul","year":"2021","unstructured":"Md Rafiqul Islam Rabin, Vincent J. Hellendoorn, and Mohammad Amin Alipour. 2021. Understanding Neural Code Intelligence through Program Simplification. In Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC\/FSE). 441\u2013452."},{"key":"e_1_3_2_1_28_1","volume-title":"Mohammad Amin Alipour, and Vincent J. Hellendoorn","author":"Islam Rabin Md Rafiqul","year":"2023","unstructured":"Md Rafiqul Islam Rabin, Aftab Hussain, Mohammad Amin Alipour, and Vincent J. Hellendoorn. 2023. Memorization and Generalization in Neural Code Intelligence Models. Information and Software Technology (IST), 153(107066) (2023), 1\u201320."},{"key":"e_1_3_2_1_29_1","unstructured":"Arezoo Rajabi Bhaskar Ramasubramanian and Radha Poovendran. 2022. Trojan Horse Training for Breaking Defenses against Backdoor Attacks in Deep Learning. arXiv preprint arXiv:2203.15506."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICPR56361.2022.9956690"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/3411763.3451760"},{"key":"e_1_3_2_1_32_1","volume-title":"You Autocomplete Me: Poisoning Vulnerabilities in Neural Code Completion. In 30th USENIX Security Symposium (USENIX Security 21)","author":"Schuster Roei","year":"2021","unstructured":"Roei Schuster, Congzheng Song, Eran Tromer, and Vitaly Shmatikov. 2021. You Autocomplete Me: Poisoning Vulnerabilities in Neural Code Completion. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 1559\u20131575. isbn:978-1-939133-24-3"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3485447.3512225"},{"key":"e_1_3_2_1_34_1","volume-title":"Spectral signatures in backdoor attacks. Advances in neural information processing systems (NeurIPS), 31","author":"Tran Brandon","year":"2018","unstructured":"Brandon Tran, Jerry Li, and Aleksander Madry. 2018. Spectral signatures in backdoor attacks. Advances in neural information processing systems (NeurIPS), 31 (2018)."},{"key":"e_1_3_2_1_35_1","article-title":"Visualizing data using t-SNE","volume":"9","author":"der Maaten Laurens Van","year":"2008","unstructured":"Laurens Van der Maaten and Geoffrey Hinton. 2008. Visualizing data using t-SNE.. Journal of machine learning research, 9, 11 (2008).","journal-title":"Journal of machine learning research"},{"key":"e_1_3_2_1_36_1","volume-title":"Proceedings of the 31st International Conference on Neural Information Processing Systems, Part of Advances in Neural Information Processing Systems","volume":"30","author":"Vaswani Ashish","year":"2017","unstructured":"Ashish Vaswani, Noam Shazeer, Niki Parmar, Jakob Uszkoreit, Llion Jones, Aidan N Gomez, \u0141 ukasz Kaiser, and Illia Polosukhin. 2017. Attention is All you Need. In Proceedings of the 31st International Conference on Neural Information Processing Systems, Part of Advances in Neural Information Processing Systems, Volume 30 (NIPS 2017). Curran Associates Inc., Red Hook, NY, USA. 5998\u20136008."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/3540250.3549153"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1"},{"key":"e_1_3_2_1_39_1","volume-title":"2021 IEEE Symposium on Security and Privacy (SP). 103\u2013120","author":"Xu Xiaojun","year":"2021","unstructured":"Xiaojun Xu, Qi Wang, Huichen Li, Nikita Borisov, Carl A Gunter, and Bo Li. 2021. Detecting AI trojans using meta neural analysis. In 2021 IEEE Symposium on Security and Privacy (SP). 103\u2013120."},{"key":"e_1_3_2_1_40_1","unstructured":"Zhou Yang Zhipeng Zhao Chenyu Wang Jieke Shi Dongsun Kim DongGyun Han and David Lo. 2023. What do code models memorize? an empirical study on large language models of code. arXiv preprint arXiv:2308.09932."},{"key":"e_1_3_2_1_41_1","volume-title":"Devign: Effective Vulnerability Identification by Learning Comprehensive Program Semantics via Graph Neural Networks","author":"Zhou Yaqin","year":"2019","unstructured":"Yaqin Zhou, Shangqing Liu, Jingkai Siow, Xiaoning Du, and Yang Liu. 2019. Devign: Effective Vulnerability Identification by Learning Comprehensive Program Semantics via Graph Neural Networks. Curran Associates Inc., Red Hook, NY, USA."}],"event":{"name":"AIware '24: 1st ACM International Conference on AI-Powered Software","location":"Porto de Galinhas Brazil","acronym":"AIware '24","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering"]},"container-title":["Proceedings of the 1st ACM International Conference on AI-Powered Software"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3664646.3664764","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3664646.3664764","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T00:03:45Z","timestamp":1750291425000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3664646.3664764"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,7,10]]},"references-count":41,"alternative-id":["10.1145\/3664646.3664764","10.1145\/3664646"],"URL":"https:\/\/doi.org\/10.1145\/3664646.3664764","relation":{},"subject":[],"published":{"date-parts":[[2024,7,10]]},"assertion":[{"value":"2024-07-10","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}