[Abstract]

In this talk, I explore how AI-powered coding tools are changing the way we build software and why this shift raises important security concerns. While large language models can greatly improve developer productivity, they can also introduce vulnerabilities by generating code that appears correct but is not secure. I highlight recent research on making LLM-based code generation safer, including fine-tuning and parameter-efficient adaptation, security-aware prompting, vulnerability detection and repair, and inference-time guidance with external knowledge. Together, these approaches show both the promise and the limits of current defenses, and I argue that secure AI-assisted programming ultimately requires an end-to-end perspective in which code generation, security checking, patching, and validation work together to make AI coding tools more trustworthy in practice.

[Biography]

Hyoungshick Kim is a professor in the Department of Computer Science and Engineering, Sungkyunkwan University. He received a BS degree from the Department of Information Engineering at Sungkyunkwan University, an MS from the Department of Computer Science at KAIST, and a Ph.D. from the Computer Laboratory at the University of Cambridge in 1999, 2001, and 2012, respectively. After completing his Ph.D., he worked as a post-doctoral fellow in the Department of Electrical and Computer Engineering at the University of British Columbia. He previously worked for Samsung Electronics as a senior engineer from 2004 to 2008. He also worked as a distinguished visiting researcher at CSIRO Data61 from 2019 to 2020. His current research interests include usable security, vulnerability analysis, and data-driven security. He enjoys finding security issues in new systems, particularly recent AI systems and applications, and has been deeply engaged in identifying real security problems in these areas. His work aims to uncover and address the practical security challenges posed by emerging technologies.