ChatGPT, as a versatile large language model, has demonstrated remarkable potential in addressing inquiries across various domains. Its ability to analyze, comprehend, and synthesize information from both online sources and user inputs has garnered significant attention. Previous research has explored ChatGPT's competence in code generation and code reviews. In this paper, we delve into ChatGPT's capabilities in security-oriented program analysis, focusing on perspectives from both attackers and security analysts. We present a case study involving several security-oriented program analysis tasks while deliberately introducing challenges to assess ChatGPT's responses. Through an examination of the quality of answers provided by ChatGPT, we gain a clearer understanding of its strengths and limitations in the realm of security-oriented program analysis.

翻译：ChatGPT 作为一种多功能的大型语言模型，在解决跨领域问题方面展现了显著潜力。其分析、理解及综合在线资源与用户输入信息的能力备受关注。已有研究探讨了 ChatGPT 在代码生成与代码审查中的能力。本文深入研究了 ChatGPT 在安全导向的程序分析中的能力，重点关注攻击者与安全分析师的视角。我们通过一项案例研究，在若干安全导向的程序分析任务中主动设置挑战，以评估 ChatGPT 的响应。通过审视 ChatGPT 提供的回答质量，我们对其在安全导向程序分析领域的优势与局限有了更清晰的认识。