Code generation aims to automatically produce code from requirements, significantly improving software development efficiency. Recent large language model (LLM)-based approaches have shown promising results and revolutionized the code generation task. Despite the promising performance, LLMs often produce content with hallucinations, especially for code generation requiring security-critical functions in the practical development process. Although previous studies have analyzed hallucinations in LLM-powered code generation, the studies are mostly limited to fabricated package imports and incorrect API calls. The linguistic structure of fabricated security function names themselves has not been thoroughly examined. In this paper, we conduct an empirical study to investigate phantom security functions, which imply security operations but reference no real implementation in any library. First, we manually examine 560 phantom instances from seven mainstream LLMs to establish a taxonomy. Next, we elaborate on the phenomenon of phantom naming and analyze its distribution across prefix-suffix patterns. We then analyze the lexical similarity between phantom names and real library functions across three programming languages. Finally, we train a character n-gram classifier to predict the implied Common Weakness Enumeration (CWE) category from the function name, achieving 99.6% accuracy and demonstrating that phantom naming follows a templatic vocabulary useful for automated detection.
Contact Info
editor@learning-gate.com
For all editorial matters, including decisions on acceptance/rejection and publication status updates.
submissions@learning-gate.com
For submission difficulties, submitting papers via email, and checking submission status.
formatting@learning-gate.com
For assistance with formatting and template-related issues (authors only).
board@learning-gate.com
To request to join or be removed from the editorial board.
support@learning-gate.com
For technical issues or general queries related to the journal website.
This is an open-access article distributed under the terms of the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License
Licensed under 
a Creative Commons Attribution 4.0 International License.
a Creative Commons Attribution 4.0 International License.