🚀 Exciting News! Paper Accepted for Publication!

Thrilled to announce that our paper, "An Investigation into Misuse of Java Security APIs by Large Language Models" authored by Zahra Mousavi, Chadni Islam [@Chadni] (https://twitter.com/Chadni), Kristen Moore, Alsharif Abuadbba, Ali Babar @alibabar has been accepted in AsiaCCS 2024 (Core A)!

🛡️ The surge in using Large Language Models (LLMs) for code generation has sparked crucial discussions about code trustworthiness. Our research delves into this topic by focusing on the integration of security APIs. APIs are fundamental for software security, yet their effective integration poses significant challenges, often resulting in inadvertent misuse and vulnerabilities.

🎯 To address this, we investigated ChatGPT's capabilities in generating secure code for security API use cases in Java. Through a comprehensive evaluation involving 48 programming tasks and 5 widely used security APIs, we employed automated and manual approaches to detect security API misuse in ChatGPT-generated code.

🌐💡 Our findings reveal a concerning trend: Approximately 70% of instances contain security API misuse, a clear indication of the potential for security vulnerabilities in LLM-generated code.

#AI #CodeGeneration #SoftwareSecurity #APIs #ChatGPT #Trustworthiness #Java #AsiaCCS2024