Go to DBLP homepageSCCA: A Multi-Agent Code Security Analysis Framework for AI-Assisted Code Generation
Abstract: This paper presents SCCA, a novel multi-agent security analysis framework for AI-assisted code generation environments. Our system combines three specialized agents—AST-based structural analysis, LLM-enhanced vulnerability detection, and data flow security assessment—to overcome limitations of traditional security tools. We evaluate the framework using different LLM configurations (e.g., Claude-4, GPT-4o) across diverse project types, demonstrating the impact of LLM selection on the quality of security analysis. Results show our framework with Claude-4 achieves superior performance in vulnerability detection and explanation quality, with the multi-agent approach significantly outperforming traditional methods. Furthermore, our framework produces structured reports specifically designed for automated remediation, enabling high remediation success rates without human intervention. This work provides a foundation for addressing the unique security challenges of AI-generated code in modern development environments.
External IDs:dblp:conf/mass/JiaoZLM25
Loading