Overview
Explore the critical analysis of Large Language Models' (LLMs) capabilities and limitations in code security analysis through this 18-minute DEF CON 32 conference talk. Discover how LLMs perform in code search and clone detection tasks, with particular focus on their vulnerabilities when encountering misleading variable and function names. Learn about specific scenarios where these AI models make mistakes and understand the importance of well-defined naming conventions in code analysis. Gain valuable insights into the intersection of artificial intelligence and code security, making this presentation particularly relevant for security professionals, developers, and anyone interested in AI-powered code analysis tools.
Syllabus
DEF CON 32 - Defeating Secure Code Review GPT Hallucinations - Wang Zhilong, Xinzhi Luo
Taught by
DEFCONConference