{"id":"https://openalex.org/W7127098697","doi":"https://doi.org/10.1109/trustcom66490.2025.00106","title":"Securing AI Code Generation - A Prompt Rectification Approach for Mitigating Cyber Risks","display_name":"Securing AI Code Generation - A Prompt Rectification Approach for Mitigating Cyber Risks","publication_year":2025,"publication_date":"2025-11-14","ids":{"openalex":"https://openalex.org/W7127098697","doi":"https://doi.org/10.1109/trustcom66490.2025.00106"},"language":null,"primary_location":{"id":"doi:10.1109/trustcom66490.2025.00106","is_oa":false,"landing_page_url":"https://doi.org/10.1109/trustcom66490.2025.00106","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE 24th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5124844769","display_name":"Jialiang Dong","orcid":null},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":true,"raw_author_name":"Jialiang Dong","raw_affiliation_strings":["University of New South Wales,Sydney,Australia"],"affiliations":[{"raw_affiliation_string":"University of New South Wales,Sydney,Australia","institution_ids":["https://openalex.org/I31746571"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102630210","display_name":"Zihan Ni","orcid":"https://orcid.org/0009-0002-2638-9029"},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Zihan Ni","raw_affiliation_strings":["University of New South Wales,Sydney,Australia"],"affiliations":[{"raw_affiliation_string":"University of New South Wales,Sydney,Australia","institution_ids":["https://openalex.org/I31746571"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5069830698","display_name":"Nan Sun","orcid":"https://orcid.org/0009-0002-8989-3150"},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Nan Sun","raw_affiliation_strings":["University of New South Wales,Sydney,Australia"],"affiliations":[{"raw_affiliation_string":"University of New South Wales,Sydney,Australia","institution_ids":["https://openalex.org/I31746571"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5124852713","display_name":"Sanjay Jha","orcid":null},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Sanjay Jha","raw_affiliation_strings":["University of New South Wales,Sydney,Australia"],"affiliations":[{"raw_affiliation_string":"University of New South Wales,Sydney,Australia","institution_ids":["https://openalex.org/I31746571"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101947055","display_name":"Yiwei Zhang","orcid":"https://orcid.org/0000-0003-2188-8865"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yiwei Zhang","raw_affiliation_strings":["Purdue University,West Lafayette,Indiana,USA"],"affiliations":[{"raw_affiliation_string":"Purdue University,West Lafayette,Indiana,USA","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5061694501","display_name":"Elisa Bertino","orcid":"https://orcid.org/0000-0002-4029-7051"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Elisa Bertino","raw_affiliation_strings":["Purdue University,West Lafayette,Indiana,USA"],"affiliations":[{"raw_affiliation_string":"Purdue University,West Lafayette,Indiana,USA","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5121198490","display_name":"Surya Nepal","orcid":null},"institutions":[{"id":"https://openalex.org/I1292875679","display_name":"Commonwealth Scientific and Industrial Research Organisation","ror":"https://ror.org/03qn8fb07","country_code":"AU","type":"government","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Surya Nepal","raw_affiliation_strings":["CSIRO&#x2019;s Data61,Sydney,Australia"],"affiliations":[{"raw_affiliation_string":"CSIRO&#x2019;s Data61,Sydney,Australia","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5039957747","display_name":"Siqi Ma","orcid":null},"institutions":[{"id":"https://openalex.org/I204824540","display_name":"University of Wollongong","ror":"https://ror.org/00jtmb277","country_code":"AU","type":"education","lineage":["https://openalex.org/I204824540"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Siqi Ma","raw_affiliation_strings":["University of Wollongong,Wollongong,Australia"],"affiliations":[{"raw_affiliation_string":"University of Wollongong,Wollongong,Australia","institution_ids":["https://openalex.org/I204824540"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5124844769"],"corresponding_institution_ids":["https://openalex.org/I31746571"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.85755512,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"914","last_page":"925"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.33640000224113464,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.33640000224113464,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.22040000557899475,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.11599999666213989,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.6873999834060669},{"id":"https://openalex.org/keywords/coding","display_name":"Coding (social sciences)","score":0.5516999959945679},{"id":"https://openalex.org/keywords/rewriting","display_name":"Rewriting","score":0.5329999923706055},{"id":"https://openalex.org/keywords/code-generation","display_name":"Code generation","score":0.4878000020980835},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.47909998893737793},{"id":"https://openalex.org/keywords/task","display_name":"Task (project management)","score":0.43529999256134033}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7347999811172485},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.6873999834060669},{"id":"https://openalex.org/C179518139","wikidata":"https://www.wikidata.org/wiki/Q5140297","display_name":"Coding (social sciences)","level":2,"score":0.5516999959945679},{"id":"https://openalex.org/C154690210","wikidata":"https://www.wikidata.org/wiki/Q1668499","display_name":"Rewriting","level":2,"score":0.5329999923706055},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5324000120162964},{"id":"https://openalex.org/C133162039","wikidata":"https://www.wikidata.org/wiki/Q1061077","display_name":"Code generation","level":3,"score":0.4878000020980835},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.47909998893737793},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.44200000166893005},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.43529999256134033},{"id":"https://openalex.org/C150292731","wikidata":"https://www.wikidata.org/wiki/Q1342704","display_name":"Code review","level":5,"score":0.39340001344680786},{"id":"https://openalex.org/C51929080","wikidata":"https://www.wikidata.org/wiki/Q2425187","display_name":"Codebase","level":3,"score":0.38760000467300415},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.31450000405311584},{"id":"https://openalex.org/C137287247","wikidata":"https://www.wikidata.org/wiki/Q1329550","display_name":"Static program analysis","level":4,"score":0.30880001187324524},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.2822999954223633},{"id":"https://openalex.org/C151578736","wikidata":"https://www.wikidata.org/wiki/Q1251793","display_name":"Redundant code","level":4,"score":0.27880001068115234},{"id":"https://openalex.org/C121957198","wikidata":"https://www.wikidata.org/wiki/Q14365593","display_name":"KPI-driven code analysis","level":5,"score":0.26100000739097595},{"id":"https://openalex.org/C183003079","wikidata":"https://www.wikidata.org/wiki/Q1000371","display_name":"Personalization","level":2,"score":0.25270000100135803}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/trustcom66490.2025.00106","is_oa":false,"landing_page_url":"https://doi.org/10.1109/trustcom66490.2025.00106","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE 24th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.411355584859848,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":26,"referenced_works":["https://openalex.org/W3094130708","https://openalex.org/W3156480510","https://openalex.org/W3198685994","https://openalex.org/W4225108562","https://openalex.org/W4281763794","https://openalex.org/W4288057748","https://openalex.org/W4288057755","https://openalex.org/W4288057765","https://openalex.org/W4308627320","https://openalex.org/W4311887664","https://openalex.org/W4312438588","https://openalex.org/W4312970618","https://openalex.org/W4320560161","https://openalex.org/W4367061230","https://openalex.org/W4384345639","https://openalex.org/W4385080397","https://openalex.org/W4385187421","https://openalex.org/W4385848632","https://openalex.org/W4386982649","https://openalex.org/W4388858772","https://openalex.org/W4391558413","https://openalex.org/W4391558545","https://openalex.org/W4403747722","https://openalex.org/W4405556610","https://openalex.org/W4407392582","https://openalex.org/W4411551762"],"related_works":[],"abstract_inverted_index":{"The":[0],"past":[1],"decade":[2],"has":[3],"witnessed":[4],"the":[5,50,82,88,99,109,136,145,166],"wide":[6],"adoption":[7],"of":[8,52,165],"AI":[9,58,151,169],"code":[10,24,26,55,59,83,133,152,158,170],"generators,":[11,171],"such":[12,42],"as":[13],"GitHub":[14,172],"Copilot,":[15],"AskCodi,":[16],"and":[17,34,93,183],"OpenAI":[18],"Codex.":[19],"They":[20],"offer":[21],"intelligent":[22],"solution":[23,54],"for":[25,85,174],"completion":[27],"to":[28,49,79,124,131,143],"achieve":[29],"faster":[30],"development,":[31],"cleaner":[32],"code,":[33],"a":[35,113],"significant":[36,43],"boost":[37],"in":[38,90,95,154],"overall":[39],"productivity.":[40],"However,":[41],"productivity":[44],"advantages":[45],"also":[46],"inadvertently":[47],"lead":[48,130],"generation":[51],"insecure":[53,132],"because":[56],"most":[57,167],"generators":[60,84,153],"derive":[61],"their":[62],"knowledge":[63],"from":[64],"existing":[65],"projects,":[66],"which":[67],"typically":[68],"prioritize":[69],"functionality":[70],"over":[71],"security.":[72],"Although":[73],"numerous":[74],"tools":[75],"have":[76],"been":[77],"developed":[78],"integrate":[80],"with":[81,163],"identifying":[86],"vulnerabilities,":[87],"inconsistency":[89],"syntactic":[91],"features":[92],"variability":[94],"coding":[96],"rules":[97],"make":[98],"detection":[100],"task":[101],"challenging":[102],"across":[103],"different":[104],"programming":[105],"languages.":[106],"To":[107],"address":[108],"challenges,":[110],"we":[111],"devise":[112],"prompt-enhancing":[114],"approach,":[115],"PECKER.":[116],"It":[117],"examines":[118],"textual":[119],"prompts":[120,127],"provided":[121],"by":[122],"users":[123],"identify":[125],"risky":[126,137,178,186],"that":[128],"could":[129],"generation.":[134,159],"Given":[135],"prompts,":[138,179],"PECKER":[139,162,180],"conducts":[140],"security-centric":[141],"rewriting":[142],"strengthen":[144],"\"potentially":[146],"insecure\"":[147],"descriptions,":[148],"thereby":[149],"guiding":[150],"mitigating":[155],"vulnerabilities":[156],"during":[157],"We":[160],"integrated":[161],"one":[164],"prevalent":[168],"Copilot":[173],"evaluation.":[175],"Among":[176],"509":[177],"successfully":[181],"identified":[182],"rectified":[184],"471":[185],"prompts.":[187]},"counts_by_year":[],"updated_date":"2026-02-06T02:01:19.302388","created_date":"2026-02-03T00:00:00"}