all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Security Weaknesses of Copilot Generated Code in GitHub

Add to bookmarks
April 5, 2024, 4:11 a.m. | Yujia Fu, Peng Liang, Amjed Tahir, Zengyang Li, Mojtaba Shahin, Jiaxin Yu, Jinfu Chen

cs.CR updates on arXiv.org arxiv.org

arXiv:2310.02059v2 Announce Type: replace-cross
Abstract: Modern code generation tools, utilizing AI models like Large Language Models (LLMs), have gained popularity for producing functional code. However, their usage presents security challenges, often resulting in insecure code merging into the code base. Evaluating the quality of generated code, especially its security, is crucial. While prior research explored various aspects of code generation, the focus on security has been limited, mostly examining code produced in controlled environments rather than real-world scenarios. To address …

ai models arxiv base challenges code code base copilot cs.cr cs.se generated github insecure language language models large llms producing quality security security challenges tools weaknesses

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Dihedral Quantum Codes 2 days, 1 hour ago | arxiv.org
arxiv block class code +9
A Privacy Preserving System for Movie Recommendations Using Federated Learning 2 days, 1 hour ago | arxiv.org
arxiv businesses cs.cr cs.ir +20
VulLibGen: Identifying Vulnerable Third-Party Libraries via Generative Pre-Trained Model 2 days, 1 hour ago | arxiv.org
accelerate advisory arxiv cs.cr +24
Simultaneous Haar Indistinguishability with Applications to Unclonable Cryptography 2 days, 1 hour ago | arxiv.org
applications arxiv build cloning +11
SoK: Prudent Evaluation Practices for Fuzzing 2 days, 1 hour ago | arxiv.org
afl arxiv bugs concept +13
The Effect of Quantization in Federated Learning: A R\'enyi Differential Privacy Perspective 2 days, 1 hour ago | arxiv.org
arxiv can cs.cr cs.dc +15
Unveiling the Potential: Harnessing Deep Metric Learning to Circumvent Video Streaming Encryption 2 days, 1 hour ago | arxiv.org
arxiv attacks body cs.ai +16
SecureLLM: Using Compositionality to Build Provably Secure Language Models for Private, Sensitive, and Secret Data 2 days, 1 hour ago | arxiv.org
access arxiv back build +15
IBD-PSC: Input-level Backdoor Detection via Parameter-oriented Scaling Consistency 2 days, 1 hour ago | arxiv.org
adversaries arxiv attacks backdoor +22

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Sr. Staff Firmware Engineer – Networking & Firewall

@ Axiado | Bengaluru, India
View on infosec-jobs.com

Compliance Architect / Product Security Sr. Engineer/Expert (f/m/d)

@ SAP | Walldorf, DE, 69190
View on infosec-jobs.com

SAP Security Administrator

@ FARO Technologies | EMEA-Portugal
View on infosec-jobs.com