YoVDO

Asleep at the Keyboard? Assessing the Security of GitHub Copilot's Code Contributions

Offered By: IEEE via YouTube

Tags

GitHub Copilot Courses Artificial Intelligence Courses Software Development Courses Cybersecurity Courses Language Models Courses

Course Description

Overview

Explore a conference talk examining the security implications of GitHub Copilot's code contributions. Delve into the assessment of AI-generated code, focusing on common vulnerabilities and weaknesses. Learn about the experiment overview, including examples of buffer overflow, use-after-free, and command injection issues. Analyze the results, discussing knowledge-based errors and the impact of prompt diversity. Gain insights into AI tools in software development and their potential security risks.

Syllabus

Introduction
What is GitHub Copilot
Language Models
Demo
Why is this happening
Common Weakness Enumeration Taxonomy
Relevance Scenarios
Three Dimensions
Experiment Overview
CWE 787 Example
Use After Free Example
Command Injection Example
Results
Knowledgebased errors
Diversity of Prompt
Verilog
Conclusions
AI Tools
Questions
Question from Fish


Taught by

IEEE Symposium on Security and Privacy

Tags

Related Courses

Building Language Models on AWS (Japanese)
Amazon Web Services via AWS Skill Builder Building Language Models on AWS (Korean)
Amazon Web Services via AWS Skill Builder Building Language Models on AWS (Simplified Chinese)
Amazon Web Services via AWS Skill Builder Building Language Models on AWS (Traditional Chinese)
Amazon Web Services via AWS Skill Builder Introduction to ChatGPT
edX