recognizing and imitating programmer style adversaries in
play

Recognizing and Imitating Programmer Style: Adversaries in Program - PowerPoint PPT Presentation

Nov 14, 2023 •45 likes •565 views

Recognizing and Imitating Programmer Style: Adversaries in Program Authorship Attribution Lucy Simko , Luke Zettlemoyer, Tadayoshi Kohno simkol@cs.washington.edu homes.cs.washington.edu/~simkol sim Source Code Attribution B int main() { A

  1. Recognizing and Imitating Programmer Style: Adversaries in Program Authorship Attribution Lucy Simko , Luke Zettlemoyer, Tadayoshi Kohno simkol@cs.washington.edu homes.cs.washington.edu/~simkol sim

  2. Source Code Attribution B int main() { A F int i, j, k, l, m, n, st; ? char in[10000]; int fg[5000], chk[128]; int size, count = 0, res; E scanf ("%d%d%d", &len, &n, &size); D rep (i, n) scanf ("%s", dic[i]); C while (size--) { scanf ("%s", in); st = 0; rep (k, n) fg[k] = 1; ... � 2

  3. State of the Art: Source Code Attribution Caliskan-Islam et al. “ De-anonymizing programmers via code stylometry .” 24th USENIX Security Symposium (USENIX Security), Washington, DC . 2015. ● 98% accuracy over 250 programmers ● Extract syntactic, lexical, and layout features from C/C++ code ● Random Forest classifier ● Data set: Google Code Jam ○ Programming competition ○ Lots of examples of people solving the same problem in different ways ● Open source � 3

  4. Source Code Attribution B int main() 98% accuracy! { A F int i, j, k, l, m, n, st; char in[10000]; ? int fg[5000], chk[128]; int size, count = 0, res; E scanf ("%d%d%d", &len, &n, &size); D rep (i, n) scanf ("%s", dic[i]); C while (size--) { scanf ("%s", in); st = 0; rep (k, n) fg[k] = 1; ... � 4

  5. Source Code Attribution B int main() 98% accuracy! { A F int i, j, k, l, m, n, st; char in[10000]; ? int fg[5000], chk[128]; int size, count = 0, res; E scanf ("%d%d%d", &len, &n, &size); D rep (i, n) scanf ("%s", dic[i]); C while (size--) { scanf ("%s", in); st = 0; rep (k, n) fg[k] = 1; ... � 5

  6. Source Code Attribution B D int main() E 98% accuracy! R { O A F int i, j, k, l, m, n, st; S N char in[10000]; E ? C int fg[5000], chk[128]; C E int size, count = 0, res; N E scanf ("%d%d%d", &len, &n, &size); D S O rep (i, n) scanf ("%s", dic[i]); C R E D while (size--) { scanf ("%s", in); st = 0; rep (k, n) fg[k] = 1; ... � 6

  7. Research Question Can we fool source code attribution classifiers? Yes! Methodology: Lab study* with C programmers *Approved by University of Washington’s Human Subjects Division (IRB) � 7

  8. Outline ● Motivation and Research Question ● Source Code Attribution: Overview and Background ● Evading Source Code Attribution: Definitions and Goals ● Methodology ● Results: Conservative Estimate of Adversarial Success ● Results: How to Create Forgeries � 8

  9. Source Code Attribution B int main() { A F int i, j, k, l, m, n, st; ? char in[10000]; int fg[5000], chk[128]; int size, count = 0, res; E scanf ("%d%d%d", &len, &n, &size); D rep (i, n) scanf ("%s", dic[i]); C while (size--) { scanf ("%s", in); st = 0; rep (k, n) fg[k] = 1; ... � 9

  10. Source Code Attribution B A F int main() { int i, j, k, l, m, n, st; char in[10000]; E int fg[5000], chk[128]; D int size, count = 0, res; Classifier scanf ("%d%d%d", &len, &n, C &size); rep (i, n) scanf ("%s", dic[i]); while (size--) { scanf ("%s", in); st = 0; rep (k, n) fg[k] = 1; ... � 10

  11. Source Code Attribution B A F int main() { int i, j, k, l, m, n, st; P c char in[10000]; E int fg[5000], chk[128]; D int size, count = 0, res; Classifier scanf ("%d%d%d", &len, &n, C &size); rep (i, n) scanf ("%s", dic[i]); while (size--) { scanf ("%s", in); st = 0; rep (k, n) fg[k] = 1; ... � 11

  12. Source Code Attribution P c Classifier C {A, B, C, D, E} � 12

  13. Source Code Attribution Who the classifier thinks wrote this code. C ✓ P c Classifier {A, B, C, D, E} � 13

  14. Outline ● Motivation and Research Question ● Source Code Attribution: Overview and Background ● Evading Source Code Attribution: Definitions and Goals ● Methodology ● Results: Conservative Estimate of Adversarial Success ● Results: How to Create Forgeries � 14

  15. Evading Source Code Attribution 1. Train: Given code from original and target authors, learn styles 2. Modify original code to imitate target author ( forgery ) ● Or just hide the original author’s style ( masking ) manipulation P c ’ Adversarial P c Code originally by C, but modified by an adversary. � 15

  16. Evading Source Code Attribution 1. Train: Given code from original and target authors, learn styles 2. Modify original code to imitate target author ( forgery ) ● Or just hide the original author’s style ( masking ) Forgery manipulation P c ’ Adversarial P c A Classifier {A, B, C, D, E} � 16

  17. Outline ● Motivation and Research Question ● Source Code Attribution: Overview and Background ● Evading Source Code Attribution: Definitions and Goals ● Methodology ● Results: Conservative Estimate of Adversarial Success ● Results: How to Create Forgeries � 17

  18. Lab Study: Dataset ● C code ● We used a linter 1 to eliminate many typographic style differences ● ~4000 authors: avg 2.2 files each ● 5 authors with the most files: avg ~42.8 files ○ Authors: A, B, C, D, E 1 http://astyle.sourceforge.net/

  19. Lab Study: Create Forgeries Precision: 100% C 5 Recall: 100% (10-fold XV) {A, B, C, D, E}

  20. Lab Study: Create Forgeries Precision: 87.6% C 20 Recall: 88.2% (10-fold XV) {A, B, C, D, E, ... + 15}

  21. Lab Study: Create Forgeries Precision: 82.3% C 50 Recall: 84.5% (10-fold XV) {A, B, C, D, E, ... + 45}

  22. Lab Study: Create Forgeries 28 C programmers (participants): 1. Train: Given code from original and target author, learn styles 2. Modify original code to imitate target author’s style (forgery) Forgery P x ’ P x Y Participant modifies P x Classifier X, Y ∈ {A, B, C, D, E} � 22

  23. Lab Study: Create Forgeries 28 C programmers (participants): 1. Train: Given code from original and target author, learn styles 2. Modify original code to imitate target author’s style (forgery) 3. Check forgery success against oracle classifiers C 5 X P x ’ P x Participant modifies P x Y C 20 C 50 Y X, Y ∈ {A, B, C, D, E} � 23

  24. Outline ● Motivation and Research Question ● Source Code Attribution: Overview and Background ● Evading Source Code Attribution: Definitions and Goals ● Methodology ● Results: Conservative Estimate of Adversarial Success ● Results: How to Create Forgeries � 24

  25. Results: Estimate of Adversarial Success Versions of the state-of-the-art machine classifier. The subscript indicates the number of authors in the training set. C 5 C 20 C 50 Forgery 66.6% 70.0% 73.0% Masking 76.6% 76.6% 86.6% Percent of final forgery attempts that were successful attacks � 25

  26. Results: Estimate of Adversarial Success Forgery : adversary is pretending to be a specific target author . Masking : adversary is obscuring the original author. C 5 C 20 C 50 Forgery 66.6% 70.0% 73.0% Masking 76.6% 76.6% 86.6% Percent of final forgery attempts that were successful attacks � 26

  27. Results: Estimate of Adversarial Success A successful forgery attack means the classifier output the target author instead of the original author of the code. 66.6% of forgery attacks against the C 5 classifier were successful. C 5 C 20 C 50 Forgery 66.6% 70.0% 73.0% Masking 76.6% 76.6% 86.6% Percent of final forgery attempts that were successful attacks � 27

  28. Results: Estimate of Adversarial Success C50 attributed forgeries correctly only 13.4% of the time. C 5 C 20 C 50 Forgery 66.6% 70.0% 73.0% Masking 76.6% 76.6% 86.6% Percent of final forgery attempts that produced a misclassification � 28

  29. Results: Estimate of Adversarial Success Lesson: Non-experts can successfully attack this state-of-the-art classifier, suggesting other authorship classifiers may be vulnerable to the same type of attacks. C 5 C 20 C 50 Forgery 66.6% 70.0% 73.0% Masking 76.6% 76.6% 86.6% Percent of final forgery attempts that produced a misclassification � 29

  30. Outline ● Motivation and Research Question ● Source Code Attribution: Overview and Background ● Evading Source Code Attribution: Definitions and Goals ● Methodology ● Results: Conservative Estimate of Adversarial Success ● Results: How to Create Forgeries � 30

  31. Results: Methods of Forgery Creation Lesson: Forgers did not know the features the classifier was using for attribution. This suggests that forgeries in the wild might contain the same types of modifications . � 31

  32. Example: Two Programs by Author C // libraries imported // libraries imported #define REP(i,a,b) for(i=a;i<b;i++) #define REP(i,a,b) for(i=a;i<b;i++) #define rep(i,n) REP(i,0,n) #define rep(i,n) REP(i,0,n) // variables defined // variables defined int main() int main() { { int i, j, k, l, m, n, t, ok; int i, j, k, l, m, n, st; int a, b, c; char in[10000]; int size, count = 0; int fg[5000], chk[128]; scanf ("%d", &size); int size, count = 0, res; scanf ("%d%d%d", &len, &n, &size); while (size--) rep (i, n) scanf ("%s", dic[i]); { scanf ("%d%d", &n, &m); while (size--) rep (i, m) { { scanf ("%s", in); scanf ("%d", s + i); st = 0; rep (k, n) fg[k] = 1;

Recommend

Blasien: programmer-friendly XML in C++11 Jos van den Oever Blasien: programmer-friendly XML

Blasien: programmer-friendly XML in C++11 Jos van den Oever Blasien: programmer-friendly XML

Blasien: programmer-friendly XML in C++11 Jos van den Oever Blasien: programmer-friendly XML in C++11 Prevention is better than cure Jos van den Oever ODF is XML &lt;number:date-style style:name=&quot;minimum_year&quot;&gt;

312 views • 16 slides
Advanced Technology M 3 L T EX workshop A Write like a programmer! Martin Klein Schaarsberg

Advanced Technology M 3 L T EX workshop A Write like a programmer! Martin Klein Schaarsberg

Advanced Technology M 3 L T EX workshop A Write like a programmer! Martin Klein Schaarsberg University of T wente September 11 and 12, 2014 Write like a programmer? Why? Consistency and clarity by separation of content and style

1.18k views • 69 slides
style#1 grace style#2 freya style#3 iona style#4 skye style#5 cora style#6 maisie style#7 isla

style#1 grace style#2 freya style#3 iona style#4 skye style#5 cora style#6 maisie style#7 isla

style#1 grace style#2 freya style#3 iona style#4 skye style#5 cora style#6 maisie style#7 isla style#8 flora Add-on products Cashmere bed socks 3 colours Lace bralette 3 colours Necklaces 2 styles Labelling Packaging Website HOME

829 views • 13 slides
DCP250 Controller Programmer Presentation DCP250 Overview Controller and Programmer with

DCP250 Controller Programmer Presentation DCP250 Overview Controller and Programmer with

DCP250 Controller Programmer Presentation DCP250 Overview Controller and Programmer with Graphic Display 1/4 DIN (96x96mm) size One or two control loops Programmer (255 segments shared in up to 64 programs) Data logger with real

717 views • 33 slides
Overview of the Recognizing Inference in TExt (RITE-2) at Recognizing Inference in

Overview of the Recognizing Inference in TExt (RITE-2) at Recognizing Inference in

RITE-2 Overview of the Recognizing Inference in TExt (RITE-2) at Recognizing Inference in TExt@NTCIR10 NTCIR-10 Yotaro Yusuke Junta Tomohide Hiroshi Cheng- Watanabe Miyao Mizuno Shibata Kanayama Wei Lee Tohoku NII

406 views • 39 slides
Recognizing objects and actions in Finding boundaries images and video Recognizing

Recognizing objects and actions in Finding boundaries images and video Recognizing

Outline Recognizing objects and actions in Finding boundaries images and video Recognizing objects Jitendra Malik Recognizing actions U.C. Berkeley University of California University of California Computer Vision Group

318 views • 7 slides
Synchrony Weakened by Message Adversaries vs Asynchrony Restricted by Failure Detectors Michel R

Synchrony Weakened by Message Adversaries vs Asynchrony Restricted by Failure Detectors Michel R

Synchrony Weakened by Message Adversaries vs Asynchrony Restricted by Failure Detectors Michel R AYNAL , Julien S TAINER Institut Universitaire de France IRISA, Universit de Rennes, France Message adversaries vs failure

467 views • 43 slides
IT350: Web &amp; Internet Programming Set 4: CSS No Style Style! How do we get from here to

IT350: Web &amp; Internet Programming Set 4: CSS No Style Style! How do we get from here to

IT350: Web &amp; Internet Programming Set 4: CSS No Style Style! How do we get from here to there? 1 Cascading Style Sheets (CSS) example Key Questions Where can we specify style? How to select what parts of a page the style

692 views • 9 slides
Imitating Latent Policies from Observation Ashley D. Edwards, Himanshu Sahni, Yannick Schroecker,

Imitating Latent Policies from Observation Ashley D. Edwards, Himanshu Sahni, Yannick Schroecker,

Imitating Latent Policies from Observation Ashley D. Edwards, Himanshu Sahni, Yannick Schroecker, Charles L. Isbell Georgia Institute of Technology Introduction Imitation from Observation enables learning from state sequences Typical

553 views • 10 slides
On Optimal and Reasonable Control in the Presence of Adversaries Oded Maler CNRS-VERIMAG

On Optimal and Reasonable Control in the Presence of Adversaries Oded Maler CNRS-VERIMAG

On Optimal and Reasonable Control in the Presence of Adversaries Oded Maler CNRS-VERIMAG Grenoble, France August 2005 Optimal Control with Adversaries Oded Maler What Not New results and theorems Description of application or

896 views • 44 slides
Imitating Reality A Moulage Experience Laerdal SUN Conference October 2018 Orlando, FL About

Imitating Reality A Moulage Experience Laerdal SUN Conference October 2018 Orlando, FL About

Imitating Reality A Moulage Experience Laerdal SUN Conference October 2018 Orlando, FL About SIMETRI SIMETRI designs and develops creative technologies and capabilities for medical training. We are a woman- owned, minority-owned small

349 views • 31 slides
WARNING FAILURE TO INSTALL RIVER RUN PRODUCTS SO THAT THE ENTRY SECTION SUPPORT FRAME IS

WARNING FAILURE TO INSTALL RIVER RUN PRODUCTS SO THAT THE ENTRY SECTION SUPPORT FRAME IS

RIVER RUN SLIDE Assembly &amp; Installation Instructions Style 19A Style 24A Style 19B Style 24B Visit inter-fab.com to view our installation help video. Style 23A (Video does NOT replace Style 29A installation instructions.)

688 views • 20 slides
Virtual Memory Programmer can assume he/she has infinite amount of physical memory

Virtual Memory Programmer can assume he/she has infinite amount of physical memory

4/27/17 Virtual Memory Idea: Give the programmer the illusion of a large address space while having a small physical memory So that the programmer does not worry about managing physical memory Virtual Memory Programmer can assume

817 views • 12 slides
A Rapidly Progressive Hydatid Disease Imitating Metastatic Malignancy: An Unusual Multi-Organ

A Rapidly Progressive Hydatid Disease Imitating Metastatic Malignancy: An Unusual Multi-Organ

Open Access SAJ Case Reports Case Report ISSN: 2375-7043 A Rapidly Progressive Hydatid Disease Imitating Metastatic Malignancy: An Unusual Multi-Organ Presentation. Report of a Case and Review of Literature Qays A. Hassan Al-Timimy * Section

338 views • 4 slides
Animation-Driven Locomotion For Smoother Navigation Bobby Anguelov AI Programmer, IO Interactive

Animation-Driven Locomotion For Smoother Navigation Bobby Anguelov AI Programmer, IO Interactive

Animation-Driven Locomotion For Smoother Navigation Bobby Anguelov AI Programmer, IO Interactive Gabriel Leblanc AI Programmer, Eidos-Montral Shawn Harris Senior Programmer, Big Huge Games Format Introduction to Animation-Driven

1.58k views • 87 slides
FPGA Altera Programmer Ladislav Beran Department of Electrical Engineering 28.11. 2013

FPGA Altera Programmer Ladislav Beran Department of Electrical Engineering 28.11. 2013

FPGA Altera Programmer Ladislav Beran Department of Electrical Engineering 28.11. 2013 INTRODUCTION The primary goal of this project is to create programmer of FPGA. This programmer was created and developped for the application

220 views • 9 slides
Recognizing object instances 3. Recognizing object instances Kristen Grauman UT-Austin Image

Recognizing object instances 3. Recognizing object instances Kristen Grauman UT-Austin Image

2/2/2016 Plan for today 1. Basics in feature extraction: filtering 2. Invariant local features Recognizing object instances 3. Recognizing object instances Kristen Grauman UT-Austin Image Formation Basics in feature extraction

1.02k views • 37 slides
IT350: Web &amp; Internet Programming Fall 2015 Set 4: CSS No Style Style! How do we get from

IT350: Web &amp; Internet Programming Fall 2015 Set 4: CSS No Style Style! How do we get from

IT350: Web &amp; Internet Programming Fall 2015 Set 4: CSS No Style Style! How do we get from here to there? Cascading Style Sheets (CSS) example Key Questions Where can we specify style? How to select what parts of a page the

654 views • 17 slides
Dr. Jeff McNeil January 29, 2015 Adversaries already present in our networks Lack of

Dr. Jeff McNeil January 29, 2015 Adversaries already present in our networks Lack of

Dr. Jeff McNeil January 29, 2015 Adversaries already present in our networks Lack of information sharing and coordination with partners Cyber response capability and authority The role of third parties to exploit political

153 views • 14 slides
Compilers Recognizing Handles Alex Aiken Recognizing Handles Bad News There are no known

Compilers Recognizing Handles Alex Aiken Recognizing Handles Bad News There are no known

Compilers Recognizing Handles Alex Aiken Recognizing Handles Bad News There are no known efficient algorithms to recognize handles Good News There are good heuristics for guessing handles On some CFGs, the heuristics always

479 views • 15 slides
WORDPRESS Lesson 06.01 Cascading Style Sheets (CSS) Cascading Style Sheets Cascading Style

WORDPRESS Lesson 06.01 Cascading Style Sheets (CSS) Cascading Style Sheets Cascading Style

WORDPRESS Lesson 06.01 Cascading Style Sheets (CSS) Cascading Style Sheets Cascading Style Sheets, or CSS for short, allow us to specify the visual formatting rules for our HTML tags. Everything from font sizes, colors, dimensions of blocks

369 views • 18 slides
Scheme-Style Macros: Patterns and Lexical Scope Matthew Flatt University of Utah 1 Why Macros?

Scheme-Style Macros: Patterns and Lexical Scope Matthew Flatt University of Utah 1 Why Macros?

Scheme-Style Macros: Patterns and Lexical Scope Matthew Flatt University of Utah 1 Why Macros? Language designers have to stop somewhere (544 pages) No language can provide every possible useful construct Macros let a programmer fill in gaps

1.05k views • 70 slides
Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS Hanno Bck, Aaron

Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS Hanno Bck, Aaron

Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS Hanno Bck, Aaron Zauner, Sean Devlin, Juraj Somorovsky, Philipp Jovanovic 1 TLS Encryption 1. Asymmetric key exchange RSA, DHE, ECDHE 2. Symmetric encryption 2

956 views • 28 slides
More Efficient Oblivious Transfer Extensions with Security for Malicious Adversaries Gilad

More Efficient Oblivious Transfer Extensions with Security for Malicious Adversaries Gilad

More Efficient Oblivious Transfer Extensions with Security for Malicious Adversaries Gilad Asharov Hebrew University Yehuda Lindell Bar-Ilan University Thomas Schneider Darmstadt Michael Zohner Darmstadt EUROCRYPT 2015 From Theory to

498 views • 37 slides

More recommend