{"id":"https://openalex.org/W7093293284","doi":"https://doi.org/10.1109/idsta66210.2025.11202778","title":"SOK: Exploring Hallucinations and Security Risks in AI-Assisted Software Development with Insights for LLM Deployment","display_name":"SOK: Exploring Hallucinations and Security Risks in AI-Assisted Software Development with Insights for LLM Deployment","publication_year":2025,"publication_date":"2025-09-01","ids":{"openalex":"https://openalex.org/W7093293284","doi":"https://doi.org/10.1109/idsta66210.2025.11202778"},"language":null,"primary_location":{"id":"doi:10.1109/idsta66210.2025.11202778","is_oa":false,"landing_page_url":"https://doi.org/10.1109/idsta66210.2025.11202778","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 Sixth International Conference on Intelligent Data Science Technologies and Applications (IDSTA)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Mohd Ariful Haque","orcid":null},"institutions":[{"id":"https://openalex.org/I52064589","display_name":"Clark Atlanta University","ror":"https://ror.org/0397tsa92","country_code":"US","type":"education","lineage":["https://openalex.org/I52064589"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Mohd Ariful Haque","raw_affiliation_strings":["Clark Atlanta University"],"affiliations":[{"raw_affiliation_string":"Clark Atlanta University","institution_ids":["https://openalex.org/I52064589"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Sunzida Siddique","orcid":null},"institutions":[{"id":"https://openalex.org/I200606013","display_name":"Daffodil International University","ror":"https://ror.org/052t4a858","country_code":"BD","type":"education","lineage":["https://openalex.org/I200606013"]}],"countries":["BD"],"is_corresponding":false,"raw_author_name":"Sunzida Siddique","raw_affiliation_strings":["Daffodil International University"],"affiliations":[{"raw_affiliation_string":"Daffodil International University","institution_ids":["https://openalex.org/I200606013"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Md. Mahfuzur Rahman","orcid":null},"institutions":[{"id":"https://openalex.org/I135564639","display_name":"Ahsanullah University of Science and Technology","ror":"https://ror.org/04wfbp123","country_code":"BD","type":"education","lineage":["https://openalex.org/I135564639"]}],"countries":["BD"],"is_corresponding":false,"raw_author_name":"Md. Mahfuzur Rahman","raw_affiliation_strings":["Ahsanullah University of Science and Technology"],"affiliations":[{"raw_affiliation_string":"Ahsanullah University of Science and Technology","institution_ids":["https://openalex.org/I135564639"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Ahmed Rafi Hasan","orcid":null},"institutions":[{"id":"https://openalex.org/I63169043","display_name":"United International University","ror":"https://ror.org/01tqv1p28","country_code":"BD","type":"education","lineage":["https://openalex.org/I63169043"]}],"countries":["BD"],"is_corresponding":false,"raw_author_name":"Ahmed Rafi Hasan","raw_affiliation_strings":["United International University"],"affiliations":[{"raw_affiliation_string":"United International University","institution_ids":["https://openalex.org/I63169043"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Laxmi Rani Das","orcid":null},"institutions":[{"id":"https://openalex.org/I315729180","display_name":"Noakhali Science and Technology University","ror":"https://ror.org/05q9we431","country_code":"BD","type":"education","lineage":["https://openalex.org/I315729180"]}],"countries":["BD"],"is_corresponding":false,"raw_author_name":"Laxmi Rani Das","raw_affiliation_strings":["Noakhali Science and Technology University"],"affiliations":[{"raw_affiliation_string":"Noakhali Science and Technology University","institution_ids":["https://openalex.org/I315729180"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Marufa Kamal","orcid":null},"institutions":[{"id":"https://openalex.org/I5518804","display_name":"BRAC University","ror":"https://ror.org/00sge8677","country_code":"BD","type":"education","lineage":["https://openalex.org/I5518804"]}],"countries":["BD"],"is_corresponding":false,"raw_author_name":"Marufa Kamal","raw_affiliation_strings":["BRAC University"],"affiliations":[{"raw_affiliation_string":"BRAC University","institution_ids":["https://openalex.org/I5518804"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Khalil Sujaee","orcid":null},"institutions":[{"id":"https://openalex.org/I52064589","display_name":"Clark Atlanta University","ror":"https://ror.org/0397tsa92","country_code":"US","type":"education","lineage":["https://openalex.org/I52064589"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Khalil Sujaee","raw_affiliation_strings":["Clark Atlanta University"],"affiliations":[{"raw_affiliation_string":"Clark Atlanta University","institution_ids":["https://openalex.org/I52064589"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Kishor Datta Gupta","orcid":null},"institutions":[{"id":"https://openalex.org/I52064589","display_name":"Clark Atlanta University","ror":"https://ror.org/0397tsa92","country_code":"US","type":"education","lineage":["https://openalex.org/I52064589"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kishor Datta Gupta","raw_affiliation_strings":["Clark Atlanta University"],"affiliations":[{"raw_affiliation_string":"Clark Atlanta University","institution_ids":["https://openalex.org/I52064589"]}]},{"author_position":"last","author":{"id":null,"display_name":"Roy George","orcid":null},"institutions":[{"id":"https://openalex.org/I52064589","display_name":"Clark Atlanta University","ror":"https://ror.org/0397tsa92","country_code":"US","type":"education","lineage":["https://openalex.org/I52064589"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Roy George","raw_affiliation_strings":["Clark Atlanta University"],"affiliations":[{"raw_affiliation_string":"Clark Atlanta University","institution_ids":["https://openalex.org/I52064589"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":9,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I52064589"],"apc_list":null,"apc_paid":null,"fwci":8.1766,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.97721018,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"57","last_page":"64"},"is_retracted":false,"is_paratext":false,"is_xpac":true,"primary_topic":{"id":"https://openalex.org/T12002","display_name":"Computability, Logic, AI Algorithms","score":0.09470000118017197,"subfield":{"id":"https://openalex.org/subfields/1703","display_name":"Computational Theory and Mathematics"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12002","display_name":"Computability, Logic, AI Algorithms","score":0.09470000118017197,"subfield":{"id":"https://openalex.org/subfields/1703","display_name":"Computational Theory and Mathematics"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12797","display_name":"History of Computing Technologies","score":0.03500000014901161,"subfield":{"id":"https://openalex.org/subfields/1706","display_name":"Computer Science Applications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T13898","display_name":"Diverse Interdisciplinary Research Studies","score":0.02800000086426735,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.586899995803833},{"id":"https://openalex.org/keywords/code-refactoring","display_name":"Code refactoring","score":0.5763999819755554},{"id":"https://openalex.org/keywords/coding","display_name":"Coding (social sciences)","score":0.5372999906539917},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.5356000065803528},{"id":"https://openalex.org/keywords/debugging","display_name":"Debugging","score":0.4765999913215637},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.45730000734329224},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.43459999561309814},{"id":"https://openalex.org/keywords/code-review","display_name":"Code review","score":0.42100000381469727},{"id":"https://openalex.org/keywords/replicate","display_name":"Replicate","score":0.4011000096797943}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6371999979019165},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.586899995803833},{"id":"https://openalex.org/C152752567","wikidata":"https://www.wikidata.org/wiki/Q116877","display_name":"Code refactoring","level":3,"score":0.5763999819755554},{"id":"https://openalex.org/C179518139","wikidata":"https://www.wikidata.org/wiki/Q5140297","display_name":"Coding (social sciences)","level":2,"score":0.5372999906539917},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.5356000065803528},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.5170000195503235},{"id":"https://openalex.org/C168065819","wikidata":"https://www.wikidata.org/wiki/Q845566","display_name":"Debugging","level":2,"score":0.4765999913215637},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.4632999897003174},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.45730000734329224},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.43459999561309814},{"id":"https://openalex.org/C150292731","wikidata":"https://www.wikidata.org/wiki/Q1342704","display_name":"Code review","level":5,"score":0.42100000381469727},{"id":"https://openalex.org/C2781162219","wikidata":"https://www.wikidata.org/wiki/Q26250693","display_name":"Replicate","level":2,"score":0.4011000096797943},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.3725999891757965},{"id":"https://openalex.org/C51929080","wikidata":"https://www.wikidata.org/wiki/Q2425187","display_name":"Codebase","level":3,"score":0.36800000071525574},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.36399999260902405},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.35089999437332153},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.3449000120162964},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.33899998664855957},{"id":"https://openalex.org/C170130773","wikidata":"https://www.wikidata.org/wiki/Q216378","display_name":"Usability","level":2,"score":0.30480000376701355},{"id":"https://openalex.org/C56666940","wikidata":"https://www.wikidata.org/wiki/Q788790","display_name":"Documentation","level":2,"score":0.2992999851703644},{"id":"https://openalex.org/C180152950","wikidata":"https://www.wikidata.org/wiki/Q2904257","display_name":"Software development process","level":4,"score":0.2955999970436096},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.29190000891685486},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.2863999903202057},{"id":"https://openalex.org/C137287247","wikidata":"https://www.wikidata.org/wiki/Q1329550","display_name":"Static program analysis","level":4,"score":0.27889999747276306},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.275299996137619},{"id":"https://openalex.org/C34974158","wikidata":"https://www.wikidata.org/wiki/Q131257","display_name":"Intellectual property","level":2,"score":0.27379998564720154},{"id":"https://openalex.org/C152124472","wikidata":"https://www.wikidata.org/wiki/Q1204361","display_name":"Redundancy (engineering)","level":2,"score":0.26429998874664307},{"id":"https://openalex.org/C10511746","wikidata":"https://www.wikidata.org/wiki/Q899388","display_name":"Data security","level":3,"score":0.2587999999523163}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/idsta66210.2025.11202778","is_oa":false,"landing_page_url":"https://doi.org/10.1109/idsta66210.2025.11202778","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 Sixth International Conference on Intelligent Data Science Technologies and Applications (IDSTA)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":8,"referenced_works":["https://openalex.org/W4226410005","https://openalex.org/W4385236616","https://openalex.org/W4385392091","https://openalex.org/W4396811058","https://openalex.org/W4400121384","https://openalex.org/W4401326448","https://openalex.org/W4401719321","https://openalex.org/W4411523078"],"related_works":[],"abstract_inverted_index":{"The":[0],"integration":[1],"of":[2,63,77,124,147,166],"Large":[3],"Language":[4],"Models":[5],"(LLMs)":[6],"such":[7],"as":[8],"GitHub":[9],"Copilot,":[10],"ChatGPT,":[11],"Cursor":[12],"AI,":[13],"and":[14,30,46,68,80,93,111,130,145],"Codeium":[15],"AI":[16],"into":[17],"software":[18],"development":[19],"has":[20],"revolutionized":[21],"the":[22,78,99,122,131,143,164],"coding":[23,85,107,168],"landscape,":[24],"offering":[25],"significant":[26],"productivity":[27],"gains,":[28],"automation,":[29],"enhanced":[31],"debugging":[32],"capabilities.":[33],"These":[34],"tools":[35,103],"have":[36],"proven":[37],"invaluable":[38],"for":[39,101,133],"generating":[40],"code":[41,66,116],"snippets,":[42],"refactoring":[43],"existing":[44],"code,":[45],"providing":[47],"real-time":[48],"support":[49],"to":[50,104,137,152],"developers.":[51],"However,":[52],"their":[53,160],"widespread":[54],"adoption":[55],"also":[56],"presents":[57],"notable":[58],"challenges,":[59],"particularly":[60],"in":[61,155],"terms":[62],"security":[64,91,135],"vulnerabilities,":[65],"quality,":[67],"ethical":[69],"concerns.":[70],"This":[71],"paper":[72],"provides":[73],"a":[74],"comprehensive":[75],"analysis":[76],"benefits":[79,165],"risks":[81,123],"associated":[82,173],"with":[83],"AI-powered":[84],"tools,":[86,149],"drawing":[87],"on":[88],"user":[89],"feedback,":[90],"analyses,":[92],"practical":[94],"use":[95],"cases.":[96],"We":[97],"explore":[98],"potential":[100],"these":[102,139,148],"replicate":[105],"insecure":[106],"practices,":[108],"introduce":[109],"biases,":[110],"generate":[112],"incorrect":[113],"or":[114],"non-sensical":[115],"(hallucinations).":[117],"In":[118],"addition,":[119],"we":[120,150],"discuss":[121],"data":[125],"leaks,":[126],"intellectual":[127],"property":[128],"violations,":[129],"need":[132],"robust":[134],"measures":[136],"mitigate":[138],"threats.":[140],"By":[141],"comparing":[142],"features":[144],"performance":[146],"aim":[151],"guide":[153],"developers":[154],"making":[156],"informed":[157],"decisions":[158],"about":[159],"use,":[161],"ensuring":[162],"that":[163],"AI-assisted":[167],"are":[169],"maximized":[170],"while":[171],"minimizing":[172],"risks.":[174]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":3}],"updated_date":"2026-03-13T16:22:10.518609","created_date":"2025-10-24T00:00:00"}