English

MOCHA: Are Code Language Models Robust Against Multi-Turn Malicious Coding Prompts?

Computation and Language 2025-07-29 v1 Artificial Intelligence Cryptography and Security Machine Learning

Abstract

Recent advancements in Large Language Models (LLMs) have significantly enhanced their code generation capabilities. However, their robustness against adversarial misuse, particularly through multi-turn malicious coding prompts, remains underexplored. In this work, we introduce code decomposition attacks, where a malicious coding task is broken down into a series of seemingly benign subtasks across multiple conversational turns to evade safety filters. To facilitate systematic evaluation, we introduce \benchmarkname{}, a large-scale benchmark designed to evaluate the robustness of code LLMs against both single-turn and multi-turn malicious prompts. Empirical results across open- and closed-source models reveal persistent vulnerabilities, especially under multi-turn scenarios. Fine-tuning on MOCHA improves rejection rates while preserving coding ability, and importantly, enhances robustness on external adversarial datasets with up to 32.4% increase in rejection rates without any additional supervision.

Keywords

Cite

@article{arxiv.2507.19598,
  title  = {MOCHA: Are Code Language Models Robust Against Multi-Turn Malicious Coding Prompts?},
  author = {Muntasir Wahed and Xiaona Zhou and Kiet A. Nguyen and Tianjiao Yu and Nirav Diwan and Gang Wang and Dilek Hakkani-Tür and Ismini Lourentzou},
  journal= {arXiv preprint arXiv:2507.19598},
  year   = {2025}
}

Comments

Winner Defender Team at Amazon Nova AI Challenge 2025

R2 v1 2026-07-01T04:19:30.702Z