274,320 generated regular expression patterns were analyzed using the RegExEval dataset, showing LLMs frequently produced ReDoS vulnerabilities. This dissertation introduces SecurityEval, a benchmark of 130 vulnerability-representative prompts across 75 CWE categories, and SecTactics, a framework that injected 14 security tactics into Java codebases. The work was authored by ETD Depositor and last updated on 2026-05-12.
Use Cases
- Evaluating security risks in LLM-generated code based on the analysis of code smells and security weaknesses.
- Benchmarking LLM security performance using the SecurityEval framework spanning 75 CWE categories.
- Mitigating vulnerabilities in generated code using the SecTactics framework for static-analysis-guided security tactic injection.
- Calibrating LLM confidence for security-sensitive code generation based on the described overconfidence alignment methodology.
Strengths
- Analysis includes a large-scale study of 274,320 generated regular expression patterns.
- The SecurityEval benchmark comprises 130 prompts across 75 Common Weakness Enumeration categories.
- The SecTactics framework achieved over 77% success on the OWASP BenchmarkJava.
Limitations
- Column-level documentation is absent; field semantics must be inferred after download.
- Row count is unknown, which may limit suitability assessment.
- Data may reflect temporal or source bias inherent to the dissertation's research scope.
Provenance
- Source
- ETD Depositor via figshare
- Collection Method
- Research compilation from empirical studies and framework development described in a dissertation.
- Freshness
- Last updated 2026-05-12 15:56:39; freshness should be verified.