Utilize este identificador para referenciar este registo:
http://hdl.handle.net/10071/29201
Autoria: | Gasiba, T. E. Oguzhan, K. Kessba, I. Lechner, U. Pinto-Albuquerque, M. |
Editor: | Queirós, R. A. P. de, and Pinto, M. P. T. |
Data: | 2023 |
Título próprio: | I’m sorry Dave, I’m afraid I can’t fix your code: On ChatGPT, cybersecurity, and secure coding |
Volume: | 112 |
Título e volume do livro: | 4th International Computer Programming Education Conference (ICPEC 2023) |
Título do evento: | 4th International Computer Programming Education Conference (ICPEC 2023) |
Referência bibliográfica: | Gasiba, T. E., Oguzhan, K., Kessba, I., Lechner, U., & Pinto-Albuquerque, M. (2023). I’m sorry Dave, I’m afraid I can’t fix your code: On ChatGPT, cybersecurity, and secure coding. In R. A. P. de Queirós, & M. P. T. Pinto (Eds.), 4th International Computer Programming Education Conference (ICPEC 2023) (vol. 112, Article 2). Schloss Dagstuhl -- Leibniz-Zentrum für Informatik. https://doi.org/10.4230/OASIcs.ICPEC.2023.2 |
ISSN: | 2190-6807 |
ISBN: | 978-3-95977-290-7 |
DOI (Digital Object Identifier): | 10.4230/OASIcs.ICPEC.2023.2 |
Palavras-chave: | Serious games IT-security Machine learning ChatGPT Secure coding Industry Software development Teaching |
Resumo: | Software security is an important topic that is gaining more and more attention due to the rising number of publicly known cybersecurity incidents. Previous research has shown that one way to address software security is by means of a serious game, the CyberSecurity Challenges, which are designed to raise awareness of software developers of secure coding guidelines. This game, which has been proven to be very successful in the industry, makes use of an artificial intelligence technique (laddering technique) to implement a chatbot for human-machine interaction. Recent advances in machine learning led to a breakthrough, with the implementation of ChatGPT by OpenAI. This algorithm has been trained in a large amount of data and is capable of analysing and interpreting not only natural language, but also small code snippets containing source code in different programming languages. With the advent of ChatGPT, and previous state-of-the-art research in secure software development, a natural question arises: to which extent can ChatGPT aid software developers in writing secure software?. In this paper, we draw on our experience in the industry, and also on extensive previous work to analyse and reflect on how to use ChatGPT to aid secure software development. Towards this, we run a small experiment using five different vulnerable code snippets. Our interactions with ChatGPT allow us to conclude on advantages, disadvantages and limitations of the usage of this new technology. |
Arbitragem científica: | yes |
Acesso: | Acesso Aberto |
Aparece nas coleções: | ISTAR-CRI - Comunicações a conferências internacionais |
Ficheiros deste registo:
Ficheiro | Tamanho | Formato | |
---|---|---|---|
conferenceobject_97537.pdf | 553,25 kB | Adobe PDF | Ver/Abrir |
Todos os registos no repositório estão protegidos por leis de copyright, com todos os direitos reservados.