Artificial Intelligence (AI) tools like GitHub Copilot and ChatGPT are changing software development by automating routine coding tasks and speeding up delivery times. However, using AI-generated code in production environments comes with significant challenges. These include verifying the source of the code, ensuring its quality, and managing vulnerabilities. This paper proposes a flexible, multi-layered framework to (i) determine whether a code snippet is created by AI or a human and (ii) evaluate its quality and security using a combined risk score. The framework uses stylometric analysis, abstract syntax tree (AST) patterns, and static application security testing (SAST) results alongside machine learning classifiers. It aims to be effective against code obfuscation, reformatting, and any edits made afterward.
Saiyad Uzaib (Tue,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: