Convergence of AI for Secure Software Development

被引：0

作者：

Andrade, Roberto ^{[1
]}

Torres, Jenny ^{[2
]}

Flores, Pamela ^{[2
]}

Cabezas, Erick ^{[3
]}

Segovia, Jorge ^{[3
]}

机构：

[1] Univ San Francisco, Colegio Ciencias & Ingn El Politecn, Quito, Ecuador

[2] Escuela Politec Nacl, Dept Informat & Ciencias Computac, Quito, Ecuador

[3] Escuela Politec Nacl, Dept Informat & Ciencias Computac Carrera Softwar, Quito, Ecuador

来源：

2024 8TH CYBER SECURITY IN NETWORKING CONFERENCE, CSNET | 2024年

关键词：

artificial intelligence; antipatterns; large language model; continuous integration; continuous delivery; software development;

D O I：

10.1109/CSNET64211.2024.10851473

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

The traditional approach to software security often fails to detect vulnerabilities early enough. This research explores how artificial intelligence (AI) can be integrated into the software development cycle to improve the identification of vulnerabilities and antipatterns. In the context of DevSecOps, we propose a new methodology that detects antipatterns automatically using machine learning and natural language processing techniques. Also, we explore the possibility of using a large language model (LLM) in a CI (Continuous Integration) and CD (Continuous Delivery) pipeline, to allow the developers real-time feedback, with it the initial phases of the software development cycle can improve the security and quality of the software. Further study is necessary to determine the AI model's true capability in managing real-world challenges.

引用

页码：138 / 142

页数：5

共 14 条

[1] Software Vulnerability Detection using Large Language Models [J].

Das Purba, Moumita ;

Ghosh, Arpita ;

Radford, Benjamin J. ;

Chu, Bill .

2023 IEEE 34TH INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING WORKSHOPS, ISSREW, 2023, :112-119

[2] Knowledge-Aware Code Generation with Large Language Models [J].

Huang, Tao ;

Sun, Zhihong ;

Jin, Zhi ;

Li, Ge ;

Lyu, Chen .

PROCEEDINGS 2024 32ND IEEE/ACM INTERNATIONAL CONFERENCE ON PROGRAM COMPREHENSION, ICPC 2024, 2024, :52-63

[3]

Kovalchuk S., 2023, 2023 INT C COD QUAL, P73

[4] Exploring the Effect of Multiple Natural Languages on Code Suggestion Using GitHub Copilot [J].

Koyanagi, Kei ;

Wang, Dong ;

Noguchi, Kotaro ;

Kondo, Masanari ;

Serebrenik, Alexander ;

Kamei, Yasutaka ;

Ubayashi, Naoyasu .

2024 IEEE/ACM 21ST INTERNATIONAL CONFERENCE ON MINING SOFTWARE REPOSITORIES, MSR, 2024, :481-486

[5] Building Sankie: An AI Platform for DevOps [J].

Kumar, Rahul ;

Bansal, Chetan ;

Maddila, Chandra ;

Sharma, Nitin ;

Martelock, Shawn ;

Bhargava, Ravi .

2019 IEEE/ACM 1ST INTERNATIONAL WORKSHOP ON BOTS IN SOFTWARE ENGINEERING (BOTSE 2019), 2019, :48-53

[6]

Li K., 2024, Proc. ACM Softw. Eng., V1, P1447

[7]

Lwakatare LE, 2020, INT CONF SOFTW, P216

[8]

Pearce H, 2023, P IEEE S SECUR PRIV, P2339, DOI 10.1109/SP46215.2023.10179420

[9]

Reiss C., Heterogeneity and Dynamicity of Clouds at Scale: Google Trace Analysis

[10] Generative AI for Cyber Security: Analyzing the Potential of ChatGPT, DALL-E, and Other Models for Enhancing the Security Space [J].

Sai, Siva ;

Yashvardhan, Utkarsh ;

Chamola, Vinay ;

Sikdar, Biplab .

IEEE ACCESS, 2024, 12 :53497-53516

← 1 2 →