Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You or Your Team.

Learn More →

Recognizing and Imitating Programmer Style: Adversaries in Program Authorship Attribution

Recognizing and Imitating Programmer Style: Adversaries in Program Authorship Attribution AbstractSource code attribution classifiers have recently become powerful. We consider the possibility that an adversary could craft code with the intention of causing a misclassification, i.e., creating a forgery of another author’s programming style in order to hide the forger’s own identity or blame the other author. We find that it is possible for a non-expert adversary to defeat such a system. In order to inform the design of adversarially resistant source code attribution classifiers, we conduct two studies with C/C++ programmers to explore the potential tactics and capabilities both of such adversaries and, conversely, of human analysts doing source code authorship attribution. Through the quantitative and qualitative analysis of these studies, we (1) evaluate a state-of-the-art machine classifier against forgeries, (2) evaluate programmers as human analysts/forgery detectors, and (3) compile a set of modifications made to create forgeries. Based on our analyses, we then suggest features that future source code attribution systems might incorporate in order to be adversarially resistant. http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png Proceedings on Privacy Enhancing Technologies de Gruyter

Recognizing and Imitating Programmer Style: Adversaries in Program Authorship Attribution

Download PDF
18 pages

Loading next page...
 
/lp/de-gruyter/recognizing-and-imitating-programmer-style-adversaries-in-program-yAq8aGg8Rk
Publisher
de Gruyter
Copyright
© 2018 Lucy Simko et al., published by De Gruyter Open
ISSN
2299-0984
eISSN
2299-0984
DOI
10.1515/popets-2018-0007
Publisher site
See Article on Publisher Site

Abstract

AbstractSource code attribution classifiers have recently become powerful. We consider the possibility that an adversary could craft code with the intention of causing a misclassification, i.e., creating a forgery of another author’s programming style in order to hide the forger’s own identity or blame the other author. We find that it is possible for a non-expert adversary to defeat such a system. In order to inform the design of adversarially resistant source code attribution classifiers, we conduct two studies with C/C++ programmers to explore the potential tactics and capabilities both of such adversaries and, conversely, of human analysts doing source code authorship attribution. Through the quantitative and qualitative analysis of these studies, we (1) evaluate a state-of-the-art machine classifier against forgeries, (2) evaluate programmers as human analysts/forgery detectors, and (3) compile a set of modifications made to create forgeries. Based on our analyses, we then suggest features that future source code attribution systems might incorporate in order to be adversarially resistant.

Journal

Proceedings on Privacy Enhancing Technologiesde Gruyter

Published: Jan 1, 2018

References

  • Schleimer Winnowing local algorithms for document fingerprinting Proceedings of the international conference on Management of data
    Saul
  • Practical evasion of a learning - based classifier case study on Privacy
    Laskov
  • Hints on test data selection : Help for the practic ing programmer
    DeMillo
  • astyle sourceforge net
  • astyle sourceforge net
  • Detecting hoaxes frauds and deception in writing style online on Privacy
    Afroz
  • When coding style survives compilation anonymizing programmers from executable binaries arXiv preprint arXiv
    Caliskan
  • Anti - analysis techniques to weaken author classification accuracy in compiled executables
    Muir
  • Benno Author obfuscation : attacking the state of the art in authorship verification Working Notes Papers of the CLEF
    Potthast
  • Obfuscating document stylometry to preserve author anonymity Association for
    Kacmarcik
  • Software forensics : Extending authorship analysis techniques to computer programs
    Gray
  • survey of modern authorship attribution of the for information and
    Stamatatos
  • Years Later Malekpour Is Still In An Iranian Prison Simply For Writing Open Source Software Techdirt Accessed https www techdirt com articles years later saeed malekpour is still iranian prison simplywriting open source software shtml
    Saeed
  • Anti - analysis techniques to weaken author classification accuracy in compiled executables
    Muir
  • survey of modern authorship attribution of the for information and
    Stamatatos
  • Hints on test data selection : Help for the practic ing programmer
    DeMillo
  • Jeff Recognizing authors : an examination of the consistent programmer hypothesis Software Testing Reliability
    Hayes
  • Who wrote this code ? identifying the authors of program binaries European Symposium on Research in
    Rosenblum
  • Detecting stylistic deception Proceedings of the Workshop on Computational Approaches to Deception Detection Association for
    Juola
  • taxonomy for programming style Proceedings of the annual conference on Cooperation
    Oman
  • taxonomy for programming style Proceedings of the annual conference on Cooperation
    Oman
  • - anonymizing programmers via code stylometry th
    Caliskan
  • https github com calaylin CodeStylometry
  • Schleimer Winnowing local algorithms for document fingerprinting Proceedings of the international conference on Management of data
    Saul
  • Software forensics : Can we track code to its authors Computers
    Spafford
  • https github com calaylin CodeStylometry
  • Adversarial stylometry : Circumventing authorship recognition to preserve privacy and anonymity on Information and System
    Brennan
  • https code google com codejam
  • https code google com codejam
  • Who wrote this code ? identifying the authors of program binaries European Symposium on Research in
    Rosenblum
  • When coding style survives compilation anonymizing programmers from executable binaries arXiv preprint arXiv
    Caliskan
  • Benno Author obfuscation : attacking the state of the art in authorship verification Working Notes Papers of the CLEF
    Potthast
  • Using classification techniques to determine source code authorship Paper Department of University of Wisconsin
    Pellin
  • Software forensics : Can we track code to its authors Computers
    Spafford
  • Practical evasion of a learning - based classifier case study on Privacy
    Laskov
  • Jeff Recognizing authors : an examination of the consistent programmer hypothesis Software Testing Reliability
    Hayes
  • probabilistic approach to source code authorship identification Technology Fourth International Conference on
    Kothari
  • - anonymizing programmers via code stylometry th
    Caliskan
  • Software forensics : Extending authorship analysis techniques to computer programs
    Gray
  • Adversarial stylometry : Circumventing authorship recognition to preserve privacy and anonymity on Information and System
    Brennan
  • Detecting stylistic deception Proceedings of the Workshop on Computational Approaches to Deception Detection Association for
    Juola
  • Obfuscating document stylometry to preserve author anonymity Association for
    Kacmarcik
  • Detecting hoaxes frauds and deception in writing style online on Privacy
    Afroz
  • Using classification techniques to determine source code authorship Paper Department of University of Wisconsin
    Pellin
  • Years Later Malekpour Is Still In An Iranian Prison Simply For Writing Open Source Software Techdirt Accessed https www techdirt com articles years later saeed malekpour is still iranian prison simplywriting open source software shtml
    Saeed
  • probabilistic approach to source code authorship identification Technology Fourth International Conference on
    Kothari