Instruction Tuning for Secure Code Generation
CoRR(2024)
摘要
Modern language models (LMs) have gained widespread acceptance in everyday
and professional contexts, particularly in programming. An essential procedure
enabling this adoption is instruction tuning, which substantially enhances LMs'
practical utility by training them to follow user instructions and human
preferences. However, existing instruction tuning schemes overlook a crucial
aspect: the security of generated code. As a result, even the state-of-the-art
instruction-tuned LMs frequently produce unsafe code, posing significant
security risks. In this work, we introduce SafeCoder to address this gap.
SafeCoder performs security-centric fine-tuning using a diverse and
high-quality dataset that we collected using an automated pipeline. We
integrate the security fine-tuning with standard instruction tuning, to
facilitate a joint optimization of both security and utility. Despite its
simplicity, we show that SafeCoder is effective across a variety of popular LMs
and datasets. It is able to drastically improve security (by about 30
preserving utility.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要