{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,3]],"date-time":"2026-03-03T02:19:23Z","timestamp":1772504363840,"version":"3.50.1"},"reference-count":27,"publisher":"MDPI AG","issue":"10","license":[{"start":{"date-parts":[[2023,10,12]],"date-time":"2023-10-12T00:00:00Z","timestamp":1697068800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Algorithms"],"abstract":"<jats:p>As the prevalence and sophistication of cyber threats continue to increase, the development of robust vulnerability detection techniques becomes paramount in ensuring the security of computer systems. Neural models have demonstrated significant potential in identifying vulnerabilities; however, they are not immune to adversarial attacks. This paper presents a set of evolutionary techniques for generating adversarial instances to enhance the resilience of neural models used for vulnerability detection. The proposed approaches leverage an evolution strategy (ES) algorithm that utilizes as the fitness function the output of the neural network to deceive. By starting from existing instances, the algorithm evolves individuals, represented by source code snippets, by applying semantic-preserving transformations, while utilizing the fitness to invert their original classification. This iterative process facilitates the generation of adversarial instances that can mislead the vulnerability detection models while maintaining the original behavior of the source code. The significance of this research lies in its contribution to the field of cybersecurity by addressing the need for enhanced resilience against adversarial attacks in vulnerability detection models. The evolutionary approach provides a systematic framework for generating adversarial instances, allowing for the identification and mitigation of weaknesses in AI classifiers.<\/jats:p>","DOI":"10.3390\/a16100478","type":"journal-article","created":{"date-parts":[[2023,10,12]],"date-time":"2023-10-12T12:46:13Z","timestamp":1697114773000},"page":"478","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Evolutionary Approaches for Adversarial Attacks on Neural Source Code Classifiers"],"prefix":"10.3390","volume":"16","author":[{"ORCID":"https:\/\/orcid.org\/0009-0006-5966-8381","authenticated-orcid":false,"given":"Valeria","family":"Mercuri","sequence":"first","affiliation":[{"name":"Department of Informatics, Systems and Communication, University of Milano-Bicocca, 20126 Milano, Italy"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7250-8987","authenticated-orcid":false,"given":"Martina","family":"Saletta","sequence":"additional","affiliation":[{"name":"Department of Informatics, Systems and Communication, University of Milano-Bicocca, 20126 Milano, Italy"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9582-5045","authenticated-orcid":false,"given":"Claudio","family":"Ferretti","sequence":"additional","affiliation":[{"name":"Department of Informatics, Systems and Communication, University of Milano-Bicocca, 20126 Milano, Italy"}]}],"member":"1968","published-online":{"date-parts":[[2023,10,12]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"14410","DOI":"10.1109\/ACCESS.2018.2807385","article-title":"Threat of Adversarial Attacks on Deep Learning in Computer Vision: A Survey","volume":"6","author":"Akhtar","year":"2018","journal-title":"IEEE Access"},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Ferretti, C., and Saletta, M. (2023, January 15\u201316). Naturalness in Source Code Summarization. How Significant is it?. Proceedings of the 31st IEEE\/ACM International Conference on Program Comprehension, ICPC 2023, Melbourne, Australia.","DOI":"10.1109\/ICPC58990.2023.00027"},{"key":"ref_3","first-page":"81:1","article-title":"A Survey of Machine Learning for Big Code and Naturalness","volume":"51","author":"Allamanis","year":"2018","journal-title":"ACM Comput. Surv."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"62:1","DOI":"10.1145\/3383458","article-title":"Deep Learning for Source Code Modeling and Generation: Models, Applications, and Challenges","volume":"53","author":"Le","year":"2021","journal-title":"ACM Comput. Surv."},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Del Carpio, A.F., and Angarita, L.B. (2020, January 26\u201328). Trends in Software Engineering Processes using Deep Learning: A Systematic Literature Review. Proceedings of the 46th Euromicro Conference on Software Engineering and Advanced Applications (SEAA), Portoroz, Slovenia.","DOI":"10.1109\/SEAA51224.2020.00077"},{"key":"ref_6","first-page":"32","article-title":"A survey of malware detection techniques","volume":"48","author":"Idika","year":"2007","journal-title":"Purdue Univ."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Liu, B., Shi, L., Cai, Z., and Li, M. (2012, January 2\u20134). Software vulnerability discovery techniques: A survey. Proceedings of the 2012 Fourth International Conference on MULTIMEDIA Information Networking and Security, Nanjing, China.","DOI":"10.1109\/MINES.2012.202"},{"key":"ref_8","unstructured":"Yamaguchi, F., Lindner, F.F., and Rieck, K. (2011, January 8). Vulnerability Extrapolation: Assisted Discovery of Vulnerabilities Using Machine Learning. Proceedings of the 5th USENIX Workshop on Offensive Technologies, WOOT\u201911, San Francisco, CA, USA."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Fang, Y., Han, S., Huang, C., and Wu, R. (2019). TAP: A static analysis model for PHP vulnerabilities based on token and deep learning technology. PLoS ONE, 14.","DOI":"10.1371\/journal.pone.0225196"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Li, Z., Zou, D., Xu, S., Ou, X., Jin, H., Wang, S., Deng, Z., and Zhong, Y. (2019, January 24\u201327). VulDeePecker: A Deep Learning-Based System for Vulnerability Detection. Proceedings of the 25th Annual Network and Distributed System Security Symposium, NDSS, San Diego, CA, USA.","DOI":"10.14722\/ndss.2018.23158"},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"2244","DOI":"10.1109\/TDSC.2021.3051525","article-title":"SySeVR: A Framework for Using Deep Learning to Detect Software Vulnerabilities","volume":"19","author":"Li","year":"2022","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"3280","DOI":"10.1109\/TSE.2021.3087402","article-title":"Deep Learning Based Vulnerability Detection: Are We There Yet?","volume":"48","author":"Chakraborty","year":"2022","journal-title":"IEEE Trans. Softw. Eng."},{"key":"ref_13","first-page":"3","article-title":"Supervised Machine Learning: A Review of Classification Techniques","volume":"Volume 160","author":"Kotsiantis","year":"2007","journal-title":"Emerging Artificial Intelligence Applications in Computer Engineering\u2014Real Word AI Systems with Applications in eHealth, HCI, Information Retrieval and Pervasive Technologies"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Karimi, H., and Derr, T. (2022, January 12\u201314). Decision Boundaries of Deep Neural Networks. Proceedings of the 21st IEEE International Conference on Machine Learning and Applications ICMLA, Paradise Island, The Bahamas.","DOI":"10.1109\/ICMLA55696.2022.00179"},{"key":"ref_15","unstructured":"He, W., Li, B., and Song, D. (May, January 30). Decision Boundary Analysis of Adversarial Examples. Proceedings of the 6th International Conference on Learning Representations, ICLR, Vancouver, BC, Canada."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"828","DOI":"10.1109\/TEVC.2019.2890858","article-title":"One Pixel Attack for Fooling Deep Neural Networks","volume":"23","author":"Su","year":"2019","journal-title":"IEEE Trans. Evol. Comput."},{"key":"ref_17","unstructured":"Goodfellow, I.J., Shlens, J., and Szegedy, C. (2015, January 7\u20139). Explaining and Harnessing Adversarial Examples. Proceedings of the 3rd International Conference on Learning Representations, ICLR, San Diego, CA, USA."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"162:1","DOI":"10.1145\/3428230","article-title":"Adversarial examples for models of code","volume":"4","author":"Yefet","year":"2020","journal-title":"Proc. ACM Program. Lang."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Zhang, H., Li, Z., Li, G., Ma, L., Liu, Y., and Jin, Z. (2020, January 7\u201312). Generating Adversarial Examples for Holding Robustness of Source Code Processing Models. Proceedings of the 34th AAAI Conference on Artificial Intelligence, AAAI, New York, NY, USA.","DOI":"10.1609\/aaai.v34i01.5469"},{"key":"ref_20","unstructured":"Quiring, E., Maier, A., and Rieck, K. (2019, January 14\u201316). Misleading Authorship Attribution of Source Code using Adversarial Learning. Proceedings of the 28th USENIX Security Symposium, Santa Clara, CA, USA."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Ferretti, C., and Saletta, M. (2021, January 10\u201314). Deceiving neural source code classifiers: Finding adversarial examples with grammatical evolution. Proceedings of the GECCO \u201921: Genetic and Evolutionary Computation Conference, Lille, France.","DOI":"10.1145\/3449726.3463222"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Saletta, M., and Ferretti, C. (2022, January 18\u201323). A Grammar-based Evolutionary Approach for Assessing Deep Neural Source Code Classifiers. Proceedings of the IEEE Congress on Evolutionary Computation, CEC, Padua, Italy.","DOI":"10.1109\/CEC55065.2022.9870317"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Saletta, M., and Ferretti, C. (2022, January 9\u201313). Towards the evolutionary assessment of neural transformers trained on source code. Proceedings of the GECCO \u201922: Genetic and Evolutionary Computation Conference, Boston, MA, USA.","DOI":"10.1145\/3520304.3534044"},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Ferretti, C., and Saletta, M. (2022). Do Neural Transformers Learn Human-Defined Concepts? An Extensive Study in Source Code Processing Domain. Algorithms, 15.","DOI":"10.3390\/a15120449"},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P., Sinha, A., and Wellman, M.P. (2018, January 24\u201326). SoK: Security and Privacy in Machine Learning. Proceedings of the IEEE European Symposium on Security and Privacy (EuroS&P), London, UK.","DOI":"10.1109\/EuroSP.2018.00035"},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Russell, R., Kim, L., Hamilton, L., Lazovich, T., Harer, J., Ozdemir, O., Ellingwood, P., and McConley, M. (2018, January 17\u201320). Automated vulnerability detection in source code using deep representation learning. Proceedings of the 17th IEEE International Conference on Machine Learning and Applications (ICMLA), Orlando, FL, USA.","DOI":"10.1109\/ICMLA.2018.00120"},{"key":"ref_27","unstructured":"Luke, S. (2013). Essentials of Metaheuristics, Lulu. [2nd ed.]. Available online: http:\/\/cs.gmu.edu\/~sean\/book\/metaheuristics\/."}],"container-title":["Algorithms"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1999-4893\/16\/10\/478\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T21:05:55Z","timestamp":1760130355000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1999-4893\/16\/10\/478"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,12]]},"references-count":27,"journal-issue":{"issue":"10","published-online":{"date-parts":[[2023,10]]}},"alternative-id":["a16100478"],"URL":"https:\/\/doi.org\/10.3390\/a16100478","relation":{},"ISSN":["1999-4893"],"issn-type":[{"value":"1999-4893","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,10,12]]}}}