{"id":"https://openalex.org/W4395702127","doi":"https://doi.org/10.1145/3603287.3651194","title":"A Pilot Study on Secure Code Generation with ChatGPT for Web Applications","display_name":"A Pilot Study on Secure Code Generation with ChatGPT for Web Applications","publication_year":2024,"publication_date":"2024-04-18","ids":{"openalex":"https://openalex.org/W4395702127","doi":"https://doi.org/10.1145/3603287.3651194"},"language":"en","primary_location":{"id":"doi:10.1145/3603287.3651194","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3603287.3651194","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3603287.3651194?download=true","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 ACM Southeast Conference on ZZZ","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3603287.3651194?download=true","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5095920173","display_name":"Mahesh Jamdade","orcid":"https://orcid.org/0009-0002-8030-7733"},"institutions":[{"id":"https://openalex.org/I100633361","display_name":"University of Massachusetts Dartmouth","ror":"https://ror.org/00fzmm222","country_code":"US","type":"education","lineage":["https://openalex.org/I100633361"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Mahesh Jamdade","raw_affiliation_strings":["University of Massachusetts Dartmouth, Dartmouth, Massachusetts, USA"],"raw_orcid":"https://orcid.org/0009-0002-8030-7733","affiliations":[{"raw_affiliation_string":"University of Massachusetts Dartmouth, Dartmouth, Massachusetts, USA","institution_ids":["https://openalex.org/I100633361"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100330500","display_name":"Yi Liu","orcid":"https://orcid.org/0000-0002-1571-5442"},"institutions":[{"id":"https://openalex.org/I100633361","display_name":"University of Massachusetts Dartmouth","ror":"https://ror.org/00fzmm222","country_code":"US","type":"education","lineage":["https://openalex.org/I100633361"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yi Liu","raw_affiliation_strings":["University of Massachusetts Dartmouth, Dartmouth, Massachusetts, USA"],"raw_orcid":"https://orcid.org/0000-0002-1571-5442","affiliations":[{"raw_affiliation_string":"University of Massachusetts Dartmouth, Dartmouth, Massachusetts, USA","institution_ids":["https://openalex.org/I100633361"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5095920173"],"corresponding_institution_ids":["https://openalex.org/I100633361"],"apc_list":null,"apc_paid":null,"fwci":3.3114,"has_fulltext":true,"cited_by_count":10,"citation_normalized_percentile":{"value":0.92815243,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"229","last_page":"234"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9176999926567078,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9176999926567078,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7039775252342224},{"id":"https://openalex.org/keywords/code-generation","display_name":"Code generation","score":0.5005061626434326},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.47942155599594116},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.4602881968021393},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.39224180579185486},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.344009667634964},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.20683833956718445}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7039775252342224},{"id":"https://openalex.org/C133162039","wikidata":"https://www.wikidata.org/wiki/Q1061077","display_name":"Code generation","level":3,"score":0.5005061626434326},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.47942155599594116},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.4602881968021393},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.39224180579185486},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.344009667634964},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.20683833956718445},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3603287.3651194","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3603287.3651194","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3603287.3651194?download=true","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 ACM Southeast Conference on ZZZ","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3603287.3651194","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3603287.3651194","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3603287.3651194?download=true","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 ACM Southeast Conference on ZZZ","raw_type":"proceedings-article"},"sustainable_development_goals":[{"score":0.4300000071525574,"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure"}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4395702127.pdf","grobid_xml":"https://content.openalex.org/works/W4395702127.grobid-xml"},"referenced_works_count":1,"referenced_works":["https://openalex.org/W2994922757"],"related_works":["https://openalex.org/W2748952813","https://openalex.org/W4231937131","https://openalex.org/W323219885","https://openalex.org/W2063928587","https://openalex.org/W1487966966","https://openalex.org/W1589342014","https://openalex.org/W2163672025","https://openalex.org/W2048831961","https://openalex.org/W1606349578","https://openalex.org/W4399567378"],"abstract_inverted_index":{"Conversational":[0],"Large":[1],"Language":[2],"Models":[3],"(LLMs),":[4],"such":[5],"as":[6],"ChatGPT,":[7,94],"have":[8],"demonstrated":[9],"their":[10],"potent":[11],"capabilities":[12],"in":[13,70,89],"natural":[14],"language":[15],"processing":[16],"tasks.":[17],"This":[18],"paper":[19,60,97],"presents":[20],"a":[21,33,62,99],"pilot":[22],"study":[23,64],"that":[24],"uses":[25,61],"ChatGPT":[26],"for":[27],"generating":[28],"web":[29,40],"application":[30,41],"code":[31,72,91],"with":[32,75],"specific":[34],"emphasis":[35],"on":[36],"mitigating":[37,105],"four":[38],"prevalent":[39],"vulnerability":[42],"types:":[43],"SQL":[44],"Injection,":[45,53],"Cross":[46],"Site":[47],"Scripting,":[48],"Carriage":[49],"Return":[50],"Line":[51],"Feed":[52],"and":[54,78,95],"Exposure":[55],"of":[56],"Sensitive":[57],"Information.":[58],"The":[59,82],"case":[63],"to":[65,103],"illustrate":[66],"how":[67],"the":[68,71,76,79,86,90,96,106],"vulnerabilities":[69],"are":[73],"mitigated":[74],"prompts":[77],"subsequent":[80],"refinements.":[81],"study's":[83],"findings":[84],"summarize":[85],"security":[87],"concerns":[88],"generated":[92],"by":[93],"proposes":[98],"prompt":[100],"pattern":[101],"designed":[102],"help":[104],"potential":[107],"vulnerabilities.":[108]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":3}],"updated_date":"2026-03-13T14:20:09.374765","created_date":"2025-10-10T00:00:00"}