English
Related papers

Related papers: Broken by Default: A Formal Verification Study of …

200 papers

While several studies have examined the security of code generated by GPT and other Large Language Models (LLMs), most have relied on controlled experiments rather than real developer interactions. This paper investigates the security of…

Software Engineering · Computer Science 2026-02-19 Vladislav Belozerov , Peter J Barclay , Ashkan Sami

This study compares state-of-the-art Large Language Models (LLMs) on their tendency to generate vulnerabilities when writing C programs using a neutral zero-shot prompt. Tihanyi et al. introduced the FormAI dataset at PROMISE'23, featuring…

Cryptography and Security · Computer Science 2024-12-12 Norbert Tihanyi , Tamas Bisztray , Mohamed Amine Ferrag , Ridhi Jain , Lucas C. Cordeiro

AI programming assistants have demonstrated a tendency to generate code containing basic security vulnerabilities. While developers are ultimately responsible for validating and reviewing such outputs, improving the inherent quality of…

Cryptography and Security · Computer Science 2025-11-14 Catherine Xia , Manar H. Alalfi

Quantum computing simulators form the classical software foundation on which virtually all quantum algorithm research depends. We present Broken Quantum, the first comprehensive formal security audit of the open-source quantum computing…

Cryptography and Security · Computer Science 2026-04-15 Dominik Blain

This paper presents a comprehensive empirical analysis of security vulnerabilities in AI-generated code across public GitHub repositories. We collected and analyzed 7,703 files explicitly attributed to four major AI tools: ChatGPT…

Cryptography and Security · Computer Science 2025-10-31 Maximilian Schreiber , Pascal Tippe

Context: AI code generators are revolutionizing code writing and software development, but their training on large datasets, including potentially untrusted source code, raises security concerns. Furthermore, these generators can produce…

Software Engineering · Computer Science 2024-09-04 Domenico Cotroneo , Roberta De Luca , Pietro Liguori

This paper presents the FormAI dataset, a large collection of 112, 000 AI-generated compilable and independent C programs with vulnerability classification. We introduce a dynamic zero-shot prompting technique constructed to spawn diverse…

Generative Pre-Trained Transformer models have been shown to be surprisingly effective at a variety of natural language processing tasks -- including generating computer code. We evaluate the effectiveness of open source GPT models for the…

Cryptography and Security · Computer Science 2024-08-02 Elijah Pelofske , Vincent Urias , Lorie M. Liebrock

An autonomous AI ecosystem (SUBSTRATE S3), generating product specifications without explicit instructions about formal methods, independently proposed the use of Z3 SMT solver across six distinct domains of AI safety: verification of…

Software Engineering · Computer Science 2026-03-27 Octavian Untila

We witness an increasing usage of AI-assistants even for routine (classroom) programming tasks. However, the code generated on basis of a so called "prompt" by the programmer does not always meet accepted security standards. On the one…

Software Engineering · Computer Science 2024-08-15 Stefan Goetz , Andreas Schaad

The emergence of vibe coding, a paradigm where non-technical users instruct Large Language Models (LLMs) to generate executable codes via natural language, presents both significant opportunities and severe risks for the construction…

Software Engineering · Computer Science 2026-04-28 S M Jamil Uddin

As software development practices increasingly adopt AI-powered tools, ensuring that such tools can support secure coding has become critical. This study evaluates the effectiveness of GitHub Copilot's recently introduced code review…

Software Engineering · Computer Science 2025-09-18 Amena Amro , Manar H. Alalfi

Modern code generation tools utilizing AI models like Large Language Models (LLMs) have gained increased popularity due to their ability to produce functional code. However, their usage presents security challenges, often resulting in…

Software Engineering · Computer Science 2025-02-07 Yujia Fu , Peng Liang , Amjed Tahir , Zengyang Li , Mojtaba Shahin , Jiaxin Yu , Jinfu Chen

Software vulnerabilities in source code pose serious cybersecurity risks, prompting a shift from traditional detection methods (e.g., static analysis, rule-based matching) to AI-driven approaches. This study presents a systematic review of…

Software Engineering · Computer Science 2025-06-13 Samiha Shimmi , Hamed Okhravi , Mona Rahimi

Web applications continue to be a favorite target for hackers due to a combination of wide adoption and rapid deployment cycles, which often lead to the introduction of high impact vulnerabilities. Static analysis tools are important to…

Cryptography and Security · Computer Science 2022-01-19 Ibéria Medeiros , Nuno Neves , Miguel Correia

Security vulnerabilities present in a code that has been written in diverse programming languages are among the most critical yet complicated aspects of source code to detect. Static analysis tools based on rule-based patterns usually do…

Cryptography and Security · Computer Science 2025-08-19 Hael Abdulhakim Ali Humran , Ferdi Sonmez

Despite the impressive performance of Large Language Models (LLMs) in software development activities, recent studies show the concern of introducing vulnerabilities into software codebase by AI programming assistants (e.g., Copilot,…

Software Engineering · Computer Science 2024-05-08 Sung Yong Kim , Zhiyu Fan , Yannic Noller , Abhik Roychoudhury

LLM-based coding agents are rapidly being deployed in software development, yet their safety implications remain poorly understood. These agents, while capable of accelerating software development, may exhibit unsafe behaviors during normal…

Artificial Intelligence · Computer Science 2025-08-26 Matous Kozak , Roshanak Zilouchian Moghaddam , Siva Sivaraman

The rapid adoption of Large Language Models(LLMs) for code generation has transformed software development, yet little attention has been given to how security vulnerabilities evolve through iterative LLM feedback. This paper analyzes…

Software Engineering · Computer Science 2025-09-29 Shivani Shukla , Himanshu Joshi , Romilla Syed

The April 2026 Claude Mythos sandbox escape exposed a critical weakness in frontier AI containment: the infrastructure surrounding advanced models remains susceptible to formally characterizable arithmetic vulnerabilities. Anthropic has not…

Cryptography and Security · Computer Science 2026-04-23 Dominik Blain
‹ Prev 1 2 3 10 Next ›