一种使用ChatGPT的源代码安全漏洞检测方法
A Source Code Security Vulnerability Detection Method Using ChatGPT
余里辉 1胡少文 1黄浪鑫 1罗澍寰1
作者信息
- 1. 江西省科技基础条件平台中心(江西省计算中心),江西 南昌 330003
- 折叠
摘要
随着软件及信息系统的安全问题越来越突出,作为重要组成部分,源代码的安全是最底层的关键点,如何快速准确地对源代码进行安全漏洞检测显得尤为重要.本文提出一种基于ChatGPT的源代码安全漏洞检测方法,利用ChatGPT在自然语言处理领域的优势,将源代码转换为自然语言形式,然后利用ChatGPT对其进行处理,识别潜在的安全漏洞.该方法可以检测出多种类型的安全漏洞,如不安全的设计、SQL注入等.通过在公开数据集的源代码上进行安全漏洞检测的实验分析,验证了该方法的优越性和准确性.
Abstract
As the security issues of software and information systems become more and more prominent,as an important part,the security of source code is the bottom key point.How to quickly and accurately detect security vulnerabilities of source code is par-ticularly important.This paper proposes a source code security vulnerability detection method based on ChatGPT,which takes ad-vantage of ChatGPT in the field of natural language processing,converts source code into natural language form,and then uses ChatGPT to process it to identify potential security vulnerabilities.This method can detect various types of security vulnerabili-ties,such as insecure design,SQL injection and so on.We demonstrate the superiority and accuracy of our approach through ex-perimental analysis of security vulnerability detection on source codes of publicly available datasets.
关键词
源代码安全/ChatGPT/漏洞检测/SQL注入Key words
source code security/ChatGPT/vulnerability detection/SQL injection引用本文复制引用
基金项目
江西省03专项及5G项目(20224ABC03W02)
出版年
2024
国家科技期刊平台
NSTL
万方数据