Restricted Research - Award List, Note/Discussion Page
Fiscal Year: 2023
1171 University of Houston (143059)
Principal Investigator: Alipour,Mohammad Amin
Total Amount of Contract, Award, or Gift (Annual before 2011): $ 880,084
Exceeds $250,000 (Is it flagged?): Yes
Start and End Dates: 2/15/23 - 10/31/24
Restricted Research: YES
Academic Discipline: Computer Science
Department, Center, School, or Institute: Computer Science
Title of Contract, Award, or Gift: TROJAJ-DETECTING TROJANS IN DEEP NEURAL PROGRAM SYNTHESIZERS
Name of Granting or Contracting Agency/Entity:
SRI International
CFDA Link: DOD
12.431
Program Title:
n/a
CFDA Linked: Basic Scientific Research
Note:
We develop Trojan detection methods for program synthesis tasks. The goal is to evaluate attack vectors for large language models trained on software programs, based on existing attacks to other models of code (incl. attacks triggered by identifiers) and to other generic large language models. We will create methods for detecting these Trojans based on mutation testing based on semantics-preserving transformations and other textual attribution methods. We first create a collection of trained models of code, some with backdoors, and a vocabulary of attacks. We then simultaneously explore offline defense for entire models, primarily leveraging mutation-driven search at UH, and online defense at inference time, primarily based on attribution methods at CMU. SAMs 1.1.1
Discussion: No discussion notes