English
Related papers

Related papers: Can Developers rely on LLMs for Secure IaC Develop…

200 papers

Security code review is a time-consuming and labor-intensive process typically requiring integration with automated security defect detection tools. However, existing security analysis tools struggle with poor generalization, high false…

Software Engineering · Computer Science 2026-05-12 Jiaxin Yu , Peng Liang , Yujia Fu , Amjed Tahir , Mojtaba Shahin , Chong Wang , Yangxiao Cai

This empirical study evaluates the effectiveness of Large Language Models (LLMs) in predicting fixes for configuration bugs in smart home systems. The research analyzes three prominent LLMs - GPT-4, GPT-4o (GPT-4 Turbo), and Claude 3.5…

Software Engineering · Computer Science 2025-02-18 Sheikh Moonwara Anjum Monisha , Atul Bharadwaj

Command injection vulnerabilities are a significant security threat in dynamic languages like Python, particularly in widely used open-source projects where security issues can have extensive impact. With the proven effectiveness of Large…

Software Engineering · Computer Science 2025-05-22 Yuxuan Wang , Jingshu Chen , Qingyang Wang

In this study, we propose a homotopy-inspired prompt obfuscation framework to enhance understanding of security and safety vulnerabilities in Large Language Models (LLMs). By systematically applying carefully engineered prompts, we…

Cryptography and Security · Computer Science 2026-01-22 Luis Lazo , Hamed Jelodar , Roozbeh Razavi-Far

Large Language Models (LLMs) such as ChatGPT and GitHub Copilot have revolutionized automated code generation in software engineering. However, as these models are increasingly utilized for software development, concerns have arisen…

Cryptography and Security · Computer Science 2024-12-03 Ahmad Mohsin , Helge Janicke , Adrian Wood , Iqbal H. Sarker , Leandros Maglaras , Naeem Janjua

Nowadays, modern applications are developed using components written in different programming languages. These systems introduce several advantages. However, as the number of languages increases, so does the challenges related to the…

Software Engineering · Computer Science 2021-01-18 Mouna Abidi , Md Saidur Rahman , Moses Openja , Foutse Khomh

With the rapid advancements in Natural Language Processing (NLP), large language models (LLMs) like GPT-4 have gained significant traction in diverse applications, including security vulnerability scanning. This paper investigates the…

Cryptography and Security · Computer Science 2025-06-19 Madjid G. Tehrani , Eldar Sultanow , William J. Buchanan , Mahkame Houmani , Christel H. Djaha Fodja

As large language models (LLMs) advance, ensuring AI safety and alignment is paramount. One popular approach is prompt guards, lightweight mechanisms designed to filter malicious queries while being easy to implement and update. In this…

Machine Learning · Computer Science 2025-10-08 Jaiden Fairoze , Sanjam Garg , Keewoo Lee , Mingyuan Wang

Automated deployment and management of Cloud applications relies on descriptions of their deployment topologies, often referred to as Infrastructure Code. As the complexity of applications and their deployment models increases, developers…

While the widespread deployment of Large Language Models (LLMs) holds great potential for society, their vulnerabilities to adversarial manipulation and exploitation can pose serious safety, security, and ethical risks. As new threats…

Cryptography and Security · Computer Science 2025-09-29 Charankumar Akiri , Harrison Simpson , Kshitiz Aryal , Aarav Khanna , Maanak Gupta

Code-generating Large Language Models (LLMs) significantly accelerate software development. However, their frequent generation of insecure code presents serious risks. We present a comprehensive evaluation of seven parameter-efficient…

Cryptography and Security · Computer Science 2025-09-17 Kiho Lee , Jungkon Kim , Doowon Kim , Hyoungshick Kim

Infrastructure-as-Code (IaC) generation holds significant promise for automating cloud infrastructure provisioning. Recent advances in Large Language Models (LLMs) present a promising opportunity to democratize IaC development by generating…

Software Engineering · Computer Science 2026-01-13 Tianyi Zhang , Shidong Pan , Zejun Zhang , Zhenchang Xing , Xiaoyu Sun

Large language models (LLMs) have been widely adopted in modern software development lifecycles, where they are increasingly used to automate and assist code generation, significantly improving developer productivity and reducing…

Cryptography and Security · Computer Science 2026-02-05 Hoang Long Do , Nasrin Sohrabi , Muneeb Ul Hassan

Large language models (LLM) are perceived to offer promising potentials for automating security tasks, such as those found in security operation centers (SOCs). As a first step towards evaluating this perceived potential, we investigate the…

Cryptography and Security · Computer Science 2024-02-01 Kumar Shashwat , Francis Hahn , Xinming Ou , Dmitry Goldgof , Lawrence Hall , Jay Ligatti , S. Raj Rajgopalan , Armin Ziaie Tabari

Continuous Integration and Deployment (CI/CD) facilitate rapid software delivery, making fast feedback and minimal downtime essential. While caching has been shown to be an effective technique for tackling pipeline performance and…

Software Engineering · Computer Science 2026-04-21 Francesco Urdih , Theodoros Theodoropoulos , Uwe Zdun

Large Language Models (LLMs) are one of the most promising developments in the field of artificial intelligence, and the software engineering community has readily noticed their potential role in the software development life-cycle.…

Software Engineering · Computer Science 2026-03-16 Greta Dolcetti , Vincenzo Arceri , Eleonora Iotti , Sergio Maffeis , Agostino Cortesi , Enea Zaffanella

Large Language Models (LLMs) like ChatGPT, Copilot, Gemini, and DeepSeek are transforming software engineering by automating key tasks, including code generation, testing, and debugging. As these models become integral to development…

Software Engineering · Computer Science 2025-08-07 Everton Guimaraes , Nathalia Nascimento , Chandan Shivalingaiah , Asish Nelapati

AI coding assistants are now used to generate production code in security-sensitive domains, yet the exploitability of their outputs remains unquantified. We address this gap with Broken by Default: a formal verification study of 3,500 code…

Cryptography and Security · Computer Science 2026-04-09 Dominik Blain , Maxime Noiseux

This study investigates the use of prompt engineering to enhance large language models (LLMs), specifically GPT-4o-mini and gemini-1.5-flash, in sentiment analysis tasks. It evaluates advanced prompting techniques like few-shot learning,…

Computation and Language · Computer Science 2026-01-14 Marvin Schmitt , Anne Schwerk , Sebastian Lempert

The Large Language Models (LLMs) have demonstrated great potential in code-related tasks. However, most research focuses on improving the output quality of LLMs (e.g., correctness), and less attention has been paid to the LLM input (e.g.,…

Software Engineering · Computer Science 2025-08-19 Zhipeng Xue , Xiaoting Zhang , Zhipeng Gao , Xing Hu , Shan Gao , Xin Xia , Shanping Li