An Investigation into Misuse of Java Security APIs by Large Language Models

arXiv:2404.03823v1 Announce Type: new
Abstract: The increasing trend of using Large Language Models (LLMs) for code generation raises the question of their capability to generate trustworthy code. While many researchers are exploring the utility of code generation for uncovering software vulnerabilities, one crucial but often overlooked aspect is the security Application Programming Interfaces (APIs). APIs play an integral role in upholding software security, yet effectively integrating security APIs presents substantial challenges. This leads to inadvertent misuse by developers, thereby exposing …

apis arxiv aspect code cs.cl cs.cr cs.cy investigation java language language models large llms question researchers security security apis software software vulnerabilities trend utility vulnerabilities