Recently, many people have been using GenAI such as ChatGPT. Although these AI tools are very helpful, they often produce insecure code. If you use this code without any filtering, it will be a big problem. However, it is not easy to find out whether the code generated by ChatGPT is insecure. We want to solve these problems through this project.
Analyze the Insecurity of ChatGPT-Generated Code
- Find a pattern of insecurities, and categorize each vulnerability if possible
- Advice for a possible solution.
- Tool:
- LLMSecEval: A Dataset of Natural Language Prompts for Security Evaluations by Catherine Tony, Markus Mutas, Nicolás E. Díaz Ferreyra, Riccardo Scandariato
- https://arxiv.org/abs/2303.09384
- Dataset for Code Prompts:
- Score Metric:
- Asleep at the Keyboard? Assessing the Security of GitHub Copilot's Code Contributions by Hammond Pearce, Baleegh Ahmad, Benjamin Tan, Brendan Dolan-Gavitt, Ramesh Karri
- https://doi.org/10.1109/SP46214.2022.9833571
- Seoyoung (Amy) An (san5)
- Jihun Kim (jkim172)
- Jonathan Skeen (jskeen6)