FORGE 2024
Sun 14 Apr 2024 Lisbon, Portugal
co-located with ICSE 2024
ICSE 2024 (series) / FORGE 2024 (series) / Research Track /

Fine Tuning Large Language Model for Secure Code Generation

New Idea Paper
Junjie Li, Aseem Sangalay, Cheng Cheng, Yuan Tian, Jinqiu Yang
FORGE 2024 Research Track
Sun 14 Apr 2024 16:10 - 16:17 at Luis de Freitas Branco - FORGE2024 Awards & Foundation Models for Code and Documentation Generation Chair(s): Antonio Mastropaolo

AI pair programmers, such as GitHub’s Copilot, have shown great success in automatic code generation. However, such large language model-based code generation techniques face the risk of introducing security vulnerabilities to codebases. In this work, we explore the direction of fine-tuning large language models for generating more secure code. We use real-world vulnerability fixes as our fine-tuning dataset. We craft a code-generation scenario dataset (C/C++) for evaluating and comparing the pre-trained and fine-tuned models. Our experiments on GPT-J show that the fine-tuned GPT-J achieved 70.4% and 64.5% ratios of non-vulnerable code generation for C and C++, respectively, which has a 10% increase for C and a slight increase for C++ compared with the pre-trained large language model.

small-avatar
Junjie Li
Concordia University
small-avatar
Aseem Sangalay
Delhi Technological University
small-avatar
Cheng Cheng
Concordia University
Yuan Tian
Yuan Tian
Queen's University, Kingston, Ontario
Canada
Jinqiu Yang
Jinqiu Yang
Concordia University
Canada

Sun 14 Apr

Displayed time zone: Lisbon change

16:00 - 17:30
FORGE2024 Awards & Foundation Models for Code and Documentation GenerationResearch Track at Luis de Freitas Branco
Chair(s): Antonio Mastropaolo Università della Svizzera italiana
16:00
10m
Awards
Award Ceremony
Research Track

16:10
7m
Short-paper
Fine Tuning Large Language Model for Secure Code GenerationNew Idea Paper
Research Track
Junjie Li Concordia University, Aseem Sangalay Delhi Technological University, Cheng Cheng Concordia University, Yuan Tian Queen's University, Kingston, Ontario, Jinqiu Yang Concordia University
16:17
14m
Full-paper
Investigating the Performance of Language Models for Completing Code in Functional Programming Languages: a Haskell Case StudyFull Paper
Research Track
Tim van Dam Delft University of Technology, Frank van der Heijden Delft University of Technology, Philippe de Bekker Delft University of Technology, Berend Nieuwschepen Delft University of Technology, Marc Otten Delft University of Technology, Maliheh Izadi Delft University of Technology
16:31
7m
Short-paper
On Evaluating the Efficiency of Source Code Generated by LLMsNew Idea Paper
Research Track
Changan Niu Software Institute, Nanjing University, Ting Zhang Singapore Management University, Chuanyi Li Nanjing University, Bin Luo Nanjing University, Vincent Ng Human Language Technology Research Institute, University of Texas at Dallas, Richardson, TX 75083-0688
16:38
14m
Full-paper
PathOCL: Path-Based Prompt Augmentation for OCL Generation with GPT-4Full Paper
Research Track
Seif Abukhalaf Polytechnique Montreal, Mohammad Hamdaqa Polytechnique Montréal, Foutse Khomh École Polytechnique de Montréal
16:52
7m
Short-paper
Creative and Correct: Requesting Diverse Code Solutions from AI Foundation ModelsNew Idea Paper
Research Track
Scott Blyth Monash University, Christoph Treude Singapore Management University, Markus Wagner Monash University, Australia
16:59
7m
Short-paper
Commit Message Generation via ChatGPT: How Far Are We?New Idea Paper
Research Track
Yifan Wu Peking University, Ying Li School of Software and Microelectronics, Peking University, Beijing, China, Siyu Yu The Chinese University of Hong Kong, Shenzhen (CUHK-Shenzhen)
17:06
24m
Other
Discussion
Research Track