An Investigation into Misuse of Java Security APIs by Large Language Models

arXiv:2404.03823v1 Announce Type: cross
Abstract: The increasing trend of using Large Language Models (LLMs) for code generation raises the question of their capability to generate trustworthy code. While many researchers are exploring the utility of code generation for uncovering software vulnerabilities, one crucial but often overlooked aspect is the security Application Programming Interfaces (APIs). APIs play an integral role in upholding software security, yet effectively integrating security APIs presents substantial challenges. This leads to inadvertent misuse by developers, thereby exposing …

abstract apis arxiv capability code code generation cs.cl cs.cr cs.cy generate investigation java language language models large language large language models llms misuse question raises researchers security software trend trustworthy type utility vulnerabilities