![[Review] Python Crypto Misuses in the Wild](/blog/images/32/cover.png)
[Review] Python Crypto Misuses in the Wild
The paper conducts a study on Python crypto API misuses. A tool called LICMA is implemented aiming at detecting crypto API misuses in python.
Several conclusions:
- 52.26 % of the Python projects using crypto APIs contain at least a potential misuse.
- Only 14.81 % of the projects directly contain a misuse of a crypto API. The rest is introduced through third-party code.
- Most Python applications are more secure compared with C or Java, and the distribution between the concrete types of misuses differ a lot.
![[Review] Assisting Static Analysis with Large Language Models: A ChatGPT Experiment](/blog/images/42/cover.png)
![[Review] Detecting Missed Security Operations Through Differential Checking of Object-based Similar Paths](/blog/images/41/cover.png)
![[Review] GPTScan: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis](/blog/images/40/cover.png)
![[Review] MoonShine: Optimizing OS Fuzzer Seed Selection with Trace Distillation](/blog/images/39/cover.png)
![[Review] One Simple API Can Cause Hundreds of Bugs: An Analysis of Refcounting Bugs in All Modern Linux Kernels](/blog/images/38/cover.png)