Loading…
How Secure is Code Generated by ChatGPT?
In recent years, large language models have been responsible for great advances in the field of artificial intelligence (AI). ChatGPT in particular, an AI chatbot developed and recently released by OpenAI, has taken the field to the next level. The conversational model is able not only to process hu...
Saved in:
| Published in: | arXiv.org 2023-04 |
|---|---|
| Main Authors: | , , , |
| Format: | Article |
| Language: | English |
| Subjects: | |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | |
|---|---|
| cites | |
| container_end_page | |
| container_issue | |
| container_start_page | |
| container_title | arXiv.org |
| container_volume | |
| creator | Khoury, Raphaël Avila, Anderson R Brunelle, Jacob Baba, Mamadou Camara |
| description | In recent years, large language models have been responsible for great advances in the field of artificial intelligence (AI). ChatGPT in particular, an AI chatbot developed and recently released by OpenAI, has taken the field to the next level. The conversational model is able not only to process human-like text, but also to translate natural language into code. However, the safety of programs generated by ChatGPT should not be overlooked. In this paper, we perform an experiment to address this issue. Specifically, we ask ChatGPT to generate a number of program and evaluate the security of the resulting source code. We further investigate whether ChatGPT can be prodded to improve the security by appropriate prompts, and discuss the ethical aspects of using AI to generate code. Results suggest that ChatGPT is aware of potential vulnerabilities, but nonetheless often generates source code that are not robust to certain attacks. |
| format | article |
| fullrecord | <record><control><sourceid>proquest</sourceid><recordid>TN_cdi_proquest_journals_2803672273</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2803672273</sourcerecordid><originalsourceid>FETCH-proquest_journals_28036722733</originalsourceid><addsrcrecordid>eNpjYuA0MjY21LUwMTLiYOAtLs4yMDAwMjM3MjU15mTQ8MgvVwhOTS4tSlXILFZwzk9JVXBPzUstSixJTVFIqlRwzkgscQ8IsedhYE1LzClO5YXS3AzKbq4hzh66BUX5haWpxSXxWfmlRXlAqXgjCwNjoPlG5sbGxKkCABEVLr0</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2803672273</pqid></control><display><type>article</type><title>How Secure is Code Generated by ChatGPT?</title><source>Publicly Available Content Database</source><creator>Khoury, Raphaël ; Avila, Anderson R ; Brunelle, Jacob ; Baba, Mamadou Camara</creator><creatorcontrib>Khoury, Raphaël ; Avila, Anderson R ; Brunelle, Jacob ; Baba, Mamadou Camara</creatorcontrib><description>In recent years, large language models have been responsible for great advances in the field of artificial intelligence (AI). ChatGPT in particular, an AI chatbot developed and recently released by OpenAI, has taken the field to the next level. The conversational model is able not only to process human-like text, but also to translate natural language into code. However, the safety of programs generated by ChatGPT should not be overlooked. In this paper, we perform an experiment to address this issue. Specifically, we ask ChatGPT to generate a number of program and evaluate the security of the resulting source code. We further investigate whether ChatGPT can be prodded to improve the security by appropriate prompts, and discuss the ethical aspects of using AI to generate code. Results suggest that ChatGPT is aware of potential vulnerabilities, but nonetheless often generates source code that are not robust to certain attacks.</description><identifier>EISSN: 2331-8422</identifier><language>eng</language><publisher>Ithaca: Cornell University Library, arXiv.org</publisher><subject>Artificial intelligence ; Chatbots ; Natural language processing ; Security ; Source code</subject><ispartof>arXiv.org, 2023-04</ispartof><rights>2023. This work is published under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://www.proquest.com/docview/2803672273?pq-origsite=primo$$EHTML$$P50$$Gproquest$$Hfree_for_read</linktohtml><link.rule.ids>776,780,25731,36989,44566</link.rule.ids></links><search><creatorcontrib>Khoury, Raphaël</creatorcontrib><creatorcontrib>Avila, Anderson R</creatorcontrib><creatorcontrib>Brunelle, Jacob</creatorcontrib><creatorcontrib>Baba, Mamadou Camara</creatorcontrib><title>How Secure is Code Generated by ChatGPT?</title><title>arXiv.org</title><description>In recent years, large language models have been responsible for great advances in the field of artificial intelligence (AI). ChatGPT in particular, an AI chatbot developed and recently released by OpenAI, has taken the field to the next level. The conversational model is able not only to process human-like text, but also to translate natural language into code. However, the safety of programs generated by ChatGPT should not be overlooked. In this paper, we perform an experiment to address this issue. Specifically, we ask ChatGPT to generate a number of program and evaluate the security of the resulting source code. We further investigate whether ChatGPT can be prodded to improve the security by appropriate prompts, and discuss the ethical aspects of using AI to generate code. Results suggest that ChatGPT is aware of potential vulnerabilities, but nonetheless often generates source code that are not robust to certain attacks.</description><subject>Artificial intelligence</subject><subject>Chatbots</subject><subject>Natural language processing</subject><subject>Security</subject><subject>Source code</subject><issn>2331-8422</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2023</creationdate><recordtype>article</recordtype><sourceid>PIMPY</sourceid><recordid>eNpjYuA0MjY21LUwMTLiYOAtLs4yMDAwMjM3MjU15mTQ8MgvVwhOTS4tSlXILFZwzk9JVXBPzUstSixJTVFIqlRwzkgscQ8IsedhYE1LzClO5YXS3AzKbq4hzh66BUX5haWpxSXxWfmlRXlAqXgjCwNjoPlG5sbGxKkCABEVLr0</recordid><startdate>20230419</startdate><enddate>20230419</enddate><creator>Khoury, Raphaël</creator><creator>Avila, Anderson R</creator><creator>Brunelle, Jacob</creator><creator>Baba, Mamadou Camara</creator><general>Cornell University Library, arXiv.org</general><scope>8FE</scope><scope>8FG</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>HCIFZ</scope><scope>L6V</scope><scope>M7S</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope></search><sort><creationdate>20230419</creationdate><title>How Secure is Code Generated by ChatGPT?</title><author>Khoury, Raphaël ; Avila, Anderson R ; Brunelle, Jacob ; Baba, Mamadou Camara</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-proquest_journals_28036722733</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Artificial intelligence</topic><topic>Chatbots</topic><topic>Natural language processing</topic><topic>Security</topic><topic>Source code</topic><toplevel>online_resources</toplevel><creatorcontrib>Khoury, Raphaël</creatorcontrib><creatorcontrib>Avila, Anderson R</creatorcontrib><creatorcontrib>Brunelle, Jacob</creatorcontrib><creatorcontrib>Baba, Mamadou Camara</creatorcontrib><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Materials Science & Engineering Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>ProQuest Central Essentials</collection><collection>AUTh Library subscriptions: ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Engineering Collection</collection><collection>ProQuest Engineering Database</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering Collection</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Khoury, Raphaël</au><au>Avila, Anderson R</au><au>Brunelle, Jacob</au><au>Baba, Mamadou Camara</au><format>book</format><genre>document</genre><ristype>GEN</ristype><atitle>How Secure is Code Generated by ChatGPT?</atitle><jtitle>arXiv.org</jtitle><date>2023-04-19</date><risdate>2023</risdate><eissn>2331-8422</eissn><abstract>In recent years, large language models have been responsible for great advances in the field of artificial intelligence (AI). ChatGPT in particular, an AI chatbot developed and recently released by OpenAI, has taken the field to the next level. The conversational model is able not only to process human-like text, but also to translate natural language into code. However, the safety of programs generated by ChatGPT should not be overlooked. In this paper, we perform an experiment to address this issue. Specifically, we ask ChatGPT to generate a number of program and evaluate the security of the resulting source code. We further investigate whether ChatGPT can be prodded to improve the security by appropriate prompts, and discuss the ethical aspects of using AI to generate code. Results suggest that ChatGPT is aware of potential vulnerabilities, but nonetheless often generates source code that are not robust to certain attacks.</abstract><cop>Ithaca</cop><pub>Cornell University Library, arXiv.org</pub><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | EISSN: 2331-8422 |
| ispartof | arXiv.org, 2023-04 |
| issn | 2331-8422 |
| language | eng |
| recordid | cdi_proquest_journals_2803672273 |
| source | Publicly Available Content Database |
| subjects | Artificial intelligence Chatbots Natural language processing Security Source code |
| title | How Secure is Code Generated by ChatGPT? |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-08T03%3A24%3A29IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=document&rft.atitle=How%20Secure%20is%20Code%20Generated%20by%20ChatGPT?&rft.jtitle=arXiv.org&rft.au=Khoury,%20Rapha%C3%ABl&rft.date=2023-04-19&rft.eissn=2331-8422&rft_id=info:doi/&rft_dat=%3Cproquest%3E2803672273%3C/proquest%3E%3Cgrp_id%3Ecdi_FETCH-proquest_journals_28036722733%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2803672273&rft_id=info:pmid/&rfr_iscdi=true |