Authors: Rasmus Ingemann Tuffveson Jensen, Vali Tawosi, Salwa Alamir
Published on: March 13, 2024
Impact Score: 7.6
Arxiv code: Arxiv:2403.08429
Summary
- What is new: Using Large Language Models (LLMs) for code review focusing on flagging security vulnerabilities and validating software functionality.
- Why this is important: Code review is essential yet expensive and tedious in software development.
- What the research proposes: Utilizing zero-shot and chain-of-thought prompting with LLMs for code review tasks.
- Results: Proprietary models from OpenAI significantly outperform open-source LLMs, with 36.7% of LLM-generated security vulnerability descriptions matching true CWE vulnerabilities.
Technical Details
Technological frameworks used: Zero-shot and chain-of-thought prompting
Models used: Proprietary models from OpenAI and open-source LLMs
Data used: HumanEval, MBPP, and CWE code snippets
Potential Impact
Software development firms, cybersecurity companies, and businesses utilizing automated code review tools.
Want to implement this idea in a business?
We have generated a startup concept here: CodeGuardAI.
Leave a Reply