Options
Discrete prompt optimization using genetic algorithm for secure Python code generation
Citation Link: https://doi.org/10.15480/882.16244
Publikationstyp
Journal Article
Date Issued
2025-10-26
Sprache
English
TORE-DOI
Volume
232
Article Number
112682
Citation
Journal of Systems and Software 232: 112682 (2026)
Publisher DOI
Scopus ID
Publisher
Elsevier
Large language models (LLMs) have become powerful tools that enable novice developers to generate production-level code. However, research has highlighted the security risks associated with such code generation, due to the high volume of generated software vulnerabilities. Recent studies have explored various techniques for automatically optimizing prompts to elicit desired responses from LLMs. Among these methods, Genetic Algorithms (GAs), which search for optimal solutions by evolving an initial population of candidates through iterative mutations, have gained attention as a lightweight and effective prompt optimization approach that does not require large datasets or access to model weights. However, their potential has not yet been examined in the context of secure code generation. In this paper, we use GA to develop a discrete prompt optimization pipeline specifically designed for secure code generation. We introduce two domain-specific prompt mutation techniques and assess how incorporating these security-focused mutations alongside general-purpose techniques, such as back translation and paraphrasing, affects the security of Python code generated by LLMs. Results demonstrate that our security-specific mutation techniques led to prompts with richer security context compared to the generic mutation techniques. Furthermore, combining these techniques with generic mutations substantially reduced the number of security weaknesses in the LLM-generated code. We also observed that prompts optimized for a particular LLM tend to perform best on that same model, highlighting the importance of model-specific prompt optimization.
Subjects
Genetic algorithms
LLMs
Prompt optimization
Secure code generation
DDC Class
004: Computer Sciences
005: Computer Programming, Programs, Data and Security
Publication version
publishedVersion
Loading...
Name
1-s2.0-S0164121225003516-main.pdf
Size
10.92 MB
Format
Adobe PDF