Our paper, Understanding Regular Expression Denial of Service (ReDoS): Insights from LLM-Generated Regexes and Developer Forums, got accepted for the 32nd ACM/IEEE International Conference on Program Comprehension (ICPC 2024). In this work, we analyzed the robustness in generating functionally correct and ReDoS-free RegEx by LLMs, how understandable the LLM-generated and real world ReDoS-vulnerable RegEx and what are the perspective of the developers for ReDoS vulnerability.
@inproceedings{siddiq2024regex,
author={Siddiq, Mohammed Latif and Zhang, Jiahao and Santos, Joanna C. S.},
booktitle={32nd IEEE/ACM International Conference on Program Comprehension (ICPC 2024)},
title={Understanding Regular Expression Denial of Service (ReDoS): Insights from LLM-Generated Regexes and Developer Forums},
year={2024},
doi={10.1145/3643916.3644424}
}
Subscribe to this blog via RSS.
Paper 13
Research 13
Tool 2
Llm 10
Dataset 2
Survey 1
"SALLM: Security Assessment of Generated Code" accepted at ASYDE 2024 (ASE Workshop)
Posted on 07 Sep 2024Paper (13) Research (13) Tool (2) Llm (10) Dataset (2) Qualitative-analysis (1) Survey (1)