Litcius/Paper detail

How Secure is Code Generated by ChatGPT?

Raphaël Khoury, Anderson R. Avila, Jacob Brunelle, Baba Mamadou Camara

2023115 citationsDOI

Abstract

In recent years, large language models have been responsible for great advances in the field of artificial intelligence (AI). ChatGPT in particular, an AI chatbot developed and recently released by OpenAI, has taken the field to the next level. The conversational model is able not only to process human-like text, but also to translate natural language into code. However, the safety of programs generated by ChatGPT should not be overlooked. In this paper, we perform an experiment to address this issue. Specifically, we ask ChatGPT to generate a number of computer programs in order to evaluate the security of the resulting source code. We further investigate whether ChatGPT can be prodded to improve code security by appropriate prompts, and discuss the ethical aspects of using AI to generate code. Results suggest that ChatGPT is aware of potential vulnerabilities, but nonetheless often generates source code that are not robust to certain attacks.

Topics & Concepts

Computer scienceCode (set theory)Source codeChatbotField (mathematics)Process (computing)Natural languageCode reviewArtificial intelligenceProgramming languageComputer securityStatic program analysisSoftwareSoftware developmentMathematicsSet (abstract data type)Pure mathematicsArtificial Intelligence in Healthcare and EducationAdversarial Robustness in Machine LearningEthics and Social Impacts of AI
How Secure is Code Generated by ChatGPT? | Litcius