Peng Qian,Zhenguang Liu,Qinming He,Butian Huang,Duanzheng Tian,Xun Wang

DOI: https://doi.org/10.13328/j.cnki.jos.006375

2022-01-01

Journal of Software

Abstract: Smart contract, one of the most successful applications of blockchain, is taking the world by storm, playing an essential role in the blockchain ecosystem. However, frequent smart contract security incidents not only result in tremendous economic losses but also destroy the blockchain-based credit system. The security and reliability of smart contracts thus gain extensive attention from researchers worldwide. In this survey, we first summarize the common types and typical cases of smart contract vulnerabilities from three levels, i.e., Solidity code layer, EVM execution layer, and Block dependency layer. Further, we review the research progress of smart contract vulnerability detection and classify existing counterparts into five categories, i.e., formal verification, symbolic execution, fuzzing detection, intermediate representation, and deep learning. Empirically, we take 300 real-world smart contracts deployed on Ethereum as the test samples and compare the representative methods in terms of accuracy, F1-Score, and average detection time. Finally, we discuss the challenges in the field of smart contract vulnerability detection and combine with the deep learning technology to look forward to future research directions.

Peng Qian,Zhenguang Liu,Yifang Yin,Qinming He

DOI: https://doi.org/10.1145/3543507.3583367

2023-01-01

Abstract:Over the past couple of years, smart contracts have been plagued by multifarious vulnerabilities, which have led to catastrophic financial losses. Their security issues, therefore, have drawn intense attention. As countermeasures, a family of tools has been developed to identify vulnerabilities in smart contracts at the source-code level. Unfortunately, only a small fraction of smart contracts is currently open-sourced. Another spectrum of work is presented to deal with pure bytecode, but most such efforts still suffer from relatively low performance due to the inherent difficulty in restoring abundant semantics in the source code from the bytecode. This paper proposes a novel cross-modality mutual learning framework for enhancing smart contract vulnerability detection on bytecode. Specifically, we engage in two networks, a student network as the primary network and a teacher network as the auxiliary network. takes two modalities, i.e., source code and its corresponding bytecode as inputs, while is fed with only bytecode. By learning from , is trained to infer the missed source code embeddings and combine both modalities to approach precise vulnerability detection. To further facilitate mutual learning between and , we present a cross-modality mutual learning loss and two transfer losses. As a side contribution, we construct and release a labeled smart contract dataset that concerns four types of common vulnerabilities. Experimental results show that our method significantly surpasses state-of-the-art approaches.

Rohini G. Pise,Sonali Patil

DOI: https://doi.org/10.1007/s10207-024-00817-z

2024-02-29

International Journal of Information Security

Abstract:Smart contracts function like specialized computer programs on the blockchain. Many of these contracts are on Ethereum, but sometimes these contracts have problems with security. These problems caused big money losses and made the blockchain less stable. Smart contracts are self-executing with predefined rules and are at the core of many blockchain applications. However, they are susceptible to various vulnerabilities and security risks. Automated vulnerability detection helps identify and mitigate these issues efficiently. Smart Contracts (SC) have become really popular lately. People think they are the future for making deals on blockchains. Smart contracts are like automatic agreements. They work by themselves using special computer programs. They follow the rules of the deal and keep track of everything. The main idea with smart contracts is to get rid of the need for traditional trusted middlemen-like authorities or organizations. Instead, we use code that runs on a secure and unchangeable system. In this manuscript, pioneering automated vulnerability detection for smart contracts in blockchain using KEVM: Guardian ADRGAN (ADRGAN-SCB-KEVM) is proposed. Here, K framework's Ethereum virtual machine (KEVM) is a computation engine used in this research. From this KEVM, smart contracts data are provided to feature extraction phase. Feature extraction is done using Nested patch-based feature extraction. Then the extracted features are fed to attentive dual residual generative adversarial network (ADRGAN), identifying KEVM smart contracts vulnerabilities. Finally, by using ADRGAN, it is classified as Vulnerable and Non-Vulnerable in smart contracts. The proposed ADRGAN-SCB-KEVM method employed on Python and efficiency of proposed method evaluated with different metrics like Accuracy, Computation Time, Precision, Recall, F1 Score, Specificity, RoC are evaluated. The simulation outcomes prove that the proposed ADRGAN-SCB-KEVM technique attains 41.34%, 31.28%, and 36.38% higher Accuracy for Vulnerable; 32.44%, 38.45%, and 29.47% higher Accuracy for Non-Vulnerable while compared with the existing methods such as Utilizing fault injection to evaluate blockchain systems in the presence of faulty smart contracts (UFI-BS-ESVD), State-of-the-Art Blockchain-Enabled Smart Contract Applications in the University (SA-BESC-ESVD), enhancing Ethereum smart contracts static analysis by computing precise Control-Flow Graph of Ethereum bytecode (EESC-CPC-EBD), respectively.

computer science, information systems, theory & methods, software engineering

Mengliang Li,Xiaoxue Ren,Han Fu,Zhuo Li,Jianling Sun

DOI: https://doi.org/10.1109/issre59848.2023.00025

2023-01-01

Abstract:Smart contracts are essential for executing computing logic on blockchain networks. However, they are also susceptible to various vulnerabilities. In recent years, the detection of smart contract vulnerabilities has become a significant concern due to the substantial losses caused by hacker attacks. Traditional vulnerability detection approaches rely on expert rules, which often suffer from limitations in accuracy and completeness. Deep learning-based methods offer better coverage of vulnerabilities but may overlook certain vulnerability characteristics and suffer from overfitting during training. In this paper, we propose a novel approach called ConvMHSA-SCVD, which combines knowledge-driven and data-driven algorithms together to detect smart contract vulnerabilities. By incorporating feature selection, data balancing, and a combination of multi-channel convolution and multi-head self-attention neural networks, our ConvMHSA-SCVD achieves effective vulnerability detection in smart contracts. Extensive experiments demonstrate that our approach outperforms the state-of-the-art method in accuracy and F1 score, with improvements ranging from 0.4% to 3.84% and 1.28% to 1.90%, respectively.

Hanting Chu,Pengcheng Zhang,Hai Dong,Yan Xiao,Shunhui Ji

DOI: https://doi.org/10.1002/smr.2712

2024-07-20

Journal of Software Evolution and Process

Abstract:The growing popularity of smart contracts in various areas, such as digital payments and the Internet of Things, has led to an increase in smart contract security challenges. Researchers have responded by developing vulnerability detection tools. However, the effectiveness of these tools is limited due to the lack of authentic smart contract vulnerability datasets to comprehensively assess their capacity for diverse vulnerabilities. This paper proposes a Deep Learning‐based Smart contract vulnerability Generation approach (SGDL) to overcome this challenge. SGDL utilizes static analysis techniques to extract both syntactic and semantic information from the contracts. It then uses a classification technique to match injected vulnerabilities with contracts. A generative adversarial network is employed to generate smart contract vulnerability fragments, creating a diverse and authentic pool of fragments. The vulnerability fragments are then injected into the smart contracts using an abstract syntax tree to ensure their syntactic correctness. Our experimental results demonstrate that our method is more effective than existing vulnerability injection methods in evaluating the contract vulnerability detection capacity of existing detection tools. Overall, SGDL provides a comprehensive and innovative solution to address the critical issue of authentic and diverse smart contract vulnerability datasets.

computer science, software engineering

Dongcheng Li,W. Eric Wong,Xiaodan Wang,Sean Pan,Liang-Seng Koh

2024-10-01

Abstract:This paper introduces a method for detecting vulnerabilities in smart contracts using static analysis and a multi-objective optimization algorithm. We focus on four types of vulnerabilities: reentrancy, call stack overflow, integer overflow, and timestamp dependencies. Initially, smart contracts are compiled into an abstract syntax tree to analyze relationships between contracts and functions, including calls, inheritance, and data flow. These analyses are transformed into static evaluations and intermediate representations that reveal internal relations. Based on these representations, we examine contract's functions, variables, and data dependencies to detect the specified vulnerabilities. To enhance detection accuracy and coverage, we apply a multi-objective optimization algorithm to the static analysis process. This involves assigning initial numeric values to input data and monitoring changes in statement coverage and detection accuracy. Using coverage and accuracy as fitness values, we calculate Pareto front and crowding distance values to select the best individuals for the new parent population, iterating until optimization criteria are met. We validate our approach using an open-source dataset collected from Etherscan, containing 6,693 smart contracts. Experimental results show that our method outperforms state-of-the-art tools in terms of coverage, accuracy, efficiency, and effectiveness in detecting the targeted vulnerabilities.

Software Engineering

Yujian Zhang,Daifu Liu

DOI: https://doi.org/10.3390/fi14110326

2022-11-12

Future Internet

Abstract:With the blooming of blockchain-based smart contracts in decentralized applications, the security problem of smart contracts has become a critical issue, as vulnerable contracts have resulted in severe financial losses. Existing research works have explored vulnerability detection methods based on fuzzing, symbolic execution, formal verification, and static analysis. In this paper, we propose two static analysis approaches called ASGVulDetector and BASGVulDetector for detecting vulnerabilities in Ethereum smart contacts from source-code and bytecode perspectives, respectively. First, we design a novel intermediate representation called abstract semantic graph (ASG) to capture both syntactic and semantic features from the program. ASG is based on syntax information but enriched by code structures, such as control flow and data flow. Then, we apply two different training models, i.e., graph neural network (GNN) and graph matching network (GMN), to learn the embedding of ASG and measure the similarity of the contract pairs. In this way, vulnerable smart contracts can be identified by calculating the similarity to labeled ones. We conduct extensive experiments to evaluate the superiority of our approaches to state-of-the-art competitors. Specifically, ASGVulDetector improves the best of three source-code-only static analysis tools (i.e., SmartCheck, Slither, and DR-GCN) regarding the F1 score by 12.6% on average, while BASGVulDetector improves that of the three detection tools supporting bytecode (i.e., ContractFuzzer, Oyente, and Securify) regarding the F1 score by 25.6% on average. We also investigate the effectiveness and advantages of the GMN model for detecting vulnerabilities in smart contracts.

Mahdi Fooladgar,Fathiyeh Faghih

2024-07-05

Abstract:Smart contracts are autonomous and immutable pieces of code that are deployed on blockchain networks and run by miners. They were first introduced by Ethereum in 2014 and have since been used for various applications such as security tokens, voting, gambling, non-fungible tokens, self-sovereign identities, stock taking, decentralized finances, decentralized exchanges, and atomic swaps. Since smart contracts are immutable, their bugs cannot be fixed, which may lead to significant monetary losses. While many researchers have focused on testing smart contracts, our recent work has highlighted a gap between test adequacy and test data generation, despite numerous efforts in both fields. Our framework, Griffin, tackles this deficiency by employing a targeted symbolic execution technique for generating test data. This tool can be used in diverse applications, such as killing the survived mutants in mutation testing, validating static analysis alarms, creating counter-examples for safety conditions, and reaching manually selected lines of code. This paper discusses how smart contracts differ from legacy software in targeted symbolic execution and how these differences can affect the tool structure, leading us to propose an enhanced version of the control-flow graph for Solidity smart contracts called CFG+. We also discuss how Griffin can utilize custom heuristics to explore the program space and find the test data that reaches a target line while considering a safety condition in a reasonable execution time. We conducted experiments involving an extensive set of smart contracts, target lines, and safety conditions based on real-world faults and test suites from related tools. The results of our evaluation demonstrate that Griffin can effectively identify the required test data within a reasonable timeframe.

Software Engineering

Ruidong Chen,Yangyang Liu,Shiping Huang,Yuyan Sun,Guozheng Li,Qiwen Jiang

DOI: https://doi.org/10.1109/ICCBD-AI62252.2023.00022

2023-12-15

Abstract:The increasement of blockchain applications has brought about many security issues, with smart contract vulnerabilities causing significant financial losses. The majority of current smart contract vulnerability detection methods predominantly rely on static analysis of the source code and predefined expert rules. However, these approaches exhibit certain limitations, characterized by their restricted scalability and lower detection accuracy. Therefore in this paper, we use graph neural networks to perform smart contract vulnerability detection at the bytecode level, aiming to address the aforementioned issues. In particular, we propose a novel detection model. In order to acquire a comprehensive understanding of the dependencies among individual functions within a smart contract, we first construct a Program Dependency Graph(PDG) of functions, extract function-level features using graph neural networks, then augment function-level features using a self-attentive mechanism to learn the dependencies between functions, and finally aggregate function-level features for detecting the vulnerabilities. Our model possesses the capability to identify the subtle nuances in the interactions and interdependencies among different functions, consequently enhancing the precision of vulnerability detection. Experimental results show the performance of the method compared to existing smart contract vulnerability detection methods across multiple evaluation metrics.

Computer Science

Christopher De Baets,Basem Suleiman,Armin Chitizadeh,Imran Razzak

2024-07-08

Abstract:In the growing field of blockchain technology, smart contracts exist as transformative digital agreements that execute transactions autonomously in decentralised networks. However, these contracts face challenges in the form of security vulnerabilities, posing significant financial and operational risks. While traditional methods to detect and mitigate vulnerabilities in smart contracts are limited due to a lack of comprehensiveness and effectiveness, integrating advanced machine learning technologies presents an attractive approach to increasing effective vulnerability countermeasures. We endeavour to fill an important gap in the existing literature by conducting a rigorous systematic review, exploring the intersection between machine learning and smart contracts. Specifically, the study examines the potential of machine learning techniques to improve the detection and mitigation of vulnerabilities in smart contracts. We analysed 88 articles published between 2018 and 2023 from the following databases: IEEE, ACM, ScienceDirect, Scopus, and Google Scholar. The findings reveal that classical machine learning techniques, including KNN, RF, DT, XG-Boost, and SVM, outperform static tools in vulnerability detection. Moreover, multi-model approaches integrating deep learning and classical machine learning show significant improvements in precision and recall, while hybrid models employing various techniques achieve near-perfect performance in vulnerability detection accuracy. By integrating state-of-the-art solutions, this work synthesises current methods, thoroughly investigates research gaps, and suggests directions for future studies. The insights gathered from this study are intended to serve as a seminal reference for academics, industry experts, and bodies interested in leveraging machine learning to enhance smart contract security.

Cryptography and Security,Machine Learning

Cuifeng Gao,Wenzhang Yang,Jiaming Ye,Yinxing Xue,Jun Sun

DOI: https://doi.org/10.1145/3641846

IF: 3.685

2024-02-08

ACM Transactions on Software Engineering and Methodology

Abstract:Smart contracts are becoming appealing targets for hackers because of the vast amount of cryptocurrencies under their control. Asset loss due to the exploitation of smart contract codes has increased significantly in recent years. To guarantee that smart contracts are vulnerability-free, there are many works to detect the vulnerabilities of smart contracts, but only a few vulnerability repair works have been proposed. Repairing smart contract vulnerabilities at the source code level is attractive as it is transparent to users, whereas existing repair tools, such as SCRepair and sGuard , suffer from many limitations: (1) ignoring the code of vulnerability prevention; (2) possibly applying the repair to the wrong statements and changing the original business logic of smart contracts; (3) showing poor performance in terms of time and gas overhead. In this work, we propose machine learning guided rule-based automated vulnerability repair on smart contracts to improve the effectiveness and efficiency of sGuard . To address the limitations mentioned above, we design the features that characterize both the symptoms of vulnerabilities and the methods of vulnerability prevention to learn various vulnerability patterns and reduce false positives. Additionally, a fine-grained localization algorithm is designed by traversing the nodes of the abstract syntax tree, and we refine and extend the repair rules of sGuard to preserve the original business logic of smart contracts and support new vulnerability types. Our tool, named sGuard+ , reduces time overhead based on machine learning models, and reduces gas overhead by fewer code changes and precise patching. In our experiment, we collect a publicly available vulnerability dataset from CVE, SWC and SmartBugs Curated as a ground truth for evaluations. Overall, sGuard+ repairs more vulnerabilities with less time and gas overhead than state-of-the-art tools. Furthermore, we reproduce about 9,000 historical transactions for regression testing. It is shown that sGuard+ has no impact on the original business logic of smart contracts.

computer science, software engineering

Jeffy Yu

2024-07-20

Abstract:The rapid growth of Decentralized Finance (DeFi) has been accompanied by substantial financial losses due to smart contract vulnerabilities, underscoring the critical need for effective security auditing. With attacks becoming more frequent, the necessity and demand for auditing services has escalated. This especially creates a financial burden for independent developers and small businesses, who often have limited available funding for these services. Our study builds upon existing frameworks by integrating Retrieval-Augmented Generation (RAG) with large language models (LLMs), specifically employing GPT-4-1106 for its 128k token context window. We construct a vector store of 830 known vulnerable contracts, leveraging Pinecone for vector storage, OpenAI's text-embedding-ada-002 for embeddings, and LangChain to construct the RAG-LLM pipeline. Prompts were designed to provide a binary answer for vulnerability detection. We first test 52 smart contracts 40 times each against a provided vulnerability type, verifying the replicability and consistency of the RAG-LLM. Encouraging results were observed, with a 62.7% success rate in guided detection of vulnerabilities. Second, we challenge the model under a "blind" audit setup, without the vulnerability type provided in the prompt, wherein 219 contracts undergo 40 tests each. This setup evaluates the general vulnerability detection capabilities without hinted context assistance. Under these conditions, a 60.71% success rate was observed. While the results are promising, we still emphasize the need for human auditing at this time. We provide this study as a proof of concept for a cost-effective smart contract auditing process, moving towards democratic access to security.

Cryptography and Security,Artificial Intelligence

Stefan Driessen,Dario Di Nucci,Geert Monsieur,Damian A. Tamburri,Willem-Jan van den Heuvel

DOI: https://doi.org/10.48550/arXiv.2102.08864

2022-04-15

Abstract:Blockchain and smart contract technology are novel approaches to data and code management that facilitate trusted computing by allowing for development in a distributed and decentralized manner. Testing smart contracts comes with its own set of challenges which have not yet been fully identified and explored. Although existing tools can identify and discover known vulnerabilities and their interactions on the Ethereum blockchain through random search or symbolic execution, these tools generally do not produce test suites suitable for human oracles. In this paper, we present AGSOLT (Automated Generator of Solidity Test Suites). We demonstrate its efficiency by implementing two search algorithms to automatically generate test suites for stand-alone Solidity smart contracts, taking into account some of the blockchain-specific challenges. To test AGSOLT, we compared a random search algorithm and a genetic algorithm on a set of 36 real-world smart contracts. We found that AGSOLT is capable of achieving high branch coverage with both approaches and even discovered some errors in some of the most popular Solidity smart contracts on Github.

Software Engineering

Weichu Deng,Huanchun Wei,Teng Huang,Cong Cao,Yun Peng,Xuan Hu

DOI: https://doi.org/10.3390/s23167246

IF: 3.9

2023-08-19

Sensors

Abstract:With the rapid development and widespread application of blockchain technology in recent years, smart contracts running on blockchains often face security vulnerability problems, resulting in significant economic losses. Unlike traditional programs, smart contracts cannot be modified once deployed, and vulnerabilities cannot be remedied. Therefore, the vulnerability detection of smart contracts has become a research focus. Most existing vulnerability detection methods are based on rules defined by experts, which are inefficient and have poor scalability. Although there have been studies using machine learning methods to extract contract features for vulnerability detection, the features considered are singular, and it is impossible to fully utilize smart contract information. In order to overcome the limitations of existing methods, this paper proposes a smart contract vulnerability detection method based on deep learning and multimodal decision fusion. This method also considers the code semantics and control structure information of smart contracts. It integrates the source code, operation code, and control-flow modes through the multimodal decision fusion method. The deep learning method extracts five features used to represent contracts and achieves high accuracy and recall rates. The experimental results show that the detection accuracy of our method for arithmetic vulnerability, re-entrant vulnerability, transaction order dependence, and Ethernet locking vulnerability can reach 91.6%, 90.9%, 94.8%, and 89.5%, respectively, and the detected AUC values can reach 0.834, 0.852, 0.886, and 0.825, respectively. This shows that our method has a good vulnerability detection effect. Furthermore, ablation experiments show that the multimodal decision fusion method contributes significantly to the fusion of different modalities.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Dongfang Jia,Zhicong Liu,Zhengqi Zhang,Jun Ye

DOI: https://doi.org/10.1007/978-981-16-7469-3_108

2022-01-01

Abstract:In recent years, the second-generation blockchain platforms and applications represented by smart contracts have seen explosive growth, but frequent smart contract vulnerability incidents have seriously threatened the ecological security of blockchain. In view of the low efficiency of code audit based on expert experience, it is important to develop a general automation tool to mine smart contract vulnerabilities. In the beginning, the security threats of smart contracts should be investigated and analyzed, and many smart contract vulnerabilities and attack modes that occur frequently, such as code reentrant, access control, integer overflow, etc., were summarized. Then, the technology method of smart contract vulnerability detection conforming to The Times is obtained, and the current samples of smart contract vulnerability detection are summarized. The current investigation includes too few types of vulnerabilities, with a variety of inaccuracies and deviations. It is only carried out through manual audit. Through these methods, according to the state of including after put forward the general ideas of this kind of situation, and puts forward a kind of symbolic execution auxiliary fuzzy test framework, can reduce the symbolic execution channel congestion and fuzzy test code coverage degree is too little, so as to improve test efficiency, easy to dig holes of large and medium-sized intelligent contracts quality improvement.

Zixian Zhen,Xiangfu Zhao,Jinkai Zhang,Yichen Wang,Haiyue Chen

DOI: https://doi.org/10.1016/j.comnet.2024.110238

IF: 5.493

2024-04-01

Computer Networks

Abstract:A smart contract is an automated computer program based on blockchain technology. In recent years, the security incidents of smart contracts have caused serious economic losses. However, existing smart contract vulnerability detection methods rely on fixed expert rules, resulting in reduced detection accuracy and scalability. Therefore, addressing the issues of low accuracy in traditional smart contract vulnerability detection methods and the insufficient feature extraction in neural network-based approaches for smart contracts, this paper introduces an intelligent contract vulnerability identification method, Dual Attention Graph Neural Network (DA-GNN). Firstly, DA-GNN transforms the operation code sequence of nodes in the smart contract Control Flow Graph (CFG) into a feature matrix of semantic features and relationships between nodes based on the five types of instructions we propose. Secondly, our proposed dual attention mechanism introduces node semantic features and relationship features between nodes into the GAT to achieve node embedding updates. The updated graph node information is fused through self-attention mechanism to obtain the graph features. Then, the classification and prediction of vulnerabilities are achieved through the classification module. Finally, we evaluated our method on 17,670 real smart contracts. The experimental results show that the precision in detecting integer overflow vulnerabilities, self-destruct vulnerabilities, and transaction sequence dependency vulnerabilities reaches 72.17%, 67.03%, and 73.66%, respectively.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Reza M. Parizi,Ali Dehghantanha,Kim-Kwang Raymond Choo,Amritraj Singh

DOI: https://doi.org/10.5555/3291291.3291303

2018-09-08

Abstract:The emerging blockchain technology supports decentralized computing paradigm shift and is a rapidly approaching phenomenon. While blockchain is thought primarily as the basis of Bitcoin, its application has grown far beyond cryptocurrencies due to the introduction of smart contracts. Smart contracts are self-enforcing pieces of software, which reside and run over a hosting blockchain. Using blockchain-based smart contracts for secure and transparent management to govern interactions (authentication, connection, and transaction) in Internet-enabled environments, mostly IoT, is a niche area of research and practice. However, writing trustworthy and safe smart contracts can be tremendously challenging because of the complicated semantics of underlying domain-specific languages and its testability. There have been high-profile incidents that indicate blockchain smart contracts could contain various code-security vulnerabilities, instigating financial harms. When it involves security of smart contracts, developers embracing the ability to write the contracts should be capable of testing their code, for diagnosing security vulnerabilities, before deploying them to the immutable environments on blockchains. However, there are only a handful of security testing tools for smart contracts. This implies that the existing research on automatic smart contracts security testing is not adequate and remains in a very stage of infancy. With a specific goal to more readily realize the application of blockchain smart contracts in security and privacy, we should first understand their vulnerabilities before widespread implementation. Accordingly, the goal of this paper is to carry out a far-reaching experimental assessment of current static smart contracts security testing tools, for the most widely used blockchain, the Ethereum and its domain-specific programming language, Solidity to provide the first...

Cryptography and Security

Jiahao Li

DOI: https://doi.org/10.48550/arXiv.2303.03179

2023-03-06

Abstract:Despite the rapid growth of smart contracts, they are suffering numerous security vulnerabilities due to the absence of reliable development and testing. In this article, we apply the metamorphic testing technique to detect smart contract vulnerabilities. Based on the anomalies we observed in vulnerable smart contracts, we define five metamorphic relations to detect abnormal gas consumption and account interaction inconsistency of the target smart contract. Through dynamically executing transactions and checking the final violation of metamorphic relations, we determine whether a smart contract is vulnerable. We evaluate our approach on a benchmark of 67 manually annotated smart contracts. The experimental results show that our approach achieves a higher detection rate (TPR, true positive rate) with a lower misreport rate (FDR, false discovery rate) than the other three state-of-the-art tools. These results further suggest that metamorphic testing is a promising method for detecting smart contract vulnerabilities.

Software Engineering

Li Duan,Wei Wang,Chunhong Liu,Liu Yang,Wei Ni

DOI: https://doi.org/10.1109/TNSM.2023.3278311

2023-12-01

IEEE Transactions on Network and Service Management

Abstract:Digital assets involved in smart contracts are on the rise. Security vulnerabilities in smart contracts have resulted in significant losses for the blockchain community. Existing smart contract vulnerability detection techniques have been typically single-purposed and focused only on the source code or opcode of contracts. This paper presents a new smart contract vulnerability detection method, which extracts features from different levels of smart contracts to train machine learning models for effective detection of vulnerabilities. Specifically, we propose to extract 2-gram features from the opcodes of smart contracts and token features from the source code using a pre-trained CodeBERT model, thereby capturing the semantic information of smart contracts at different levels. The 2-gram and token features are separately aggregated and then fused and input into machine-learning models to mine the vulnerability features of contracts. Over 10,266 smart contracts are used to verify the proposed method. Widespread reentrancy, timestamp dependence, and transaction-ordering dependence vulnerabilities are considered. Experiments show the fused features can help significantly improve smart contract vulnerability detection compared to the single-level features. The detection accuracy is as high as 98%, 98% and 94% for the three vulnerabilities, respectively. The average detection time is 0.99 second per contract, indicating the proposed method is suitable for automatic batch detection of vulnerabilities in smart contracts.

Computer Science

Xiaozhou You,Hui Li,Han Wang,Faisal Mehmood

DOI: https://doi.org/10.1109/BigData59044.2023.10386771

2023-01-01

Abstract:In recent years, blockchain technology has received widespread attention. Smart contracts are programs that run on the blockchain, and their security faces serious challenges for blockchain applications. Inspired by the success of artificial intelligence technology, some smart contract vulnerability detection methods based on deep learning have been proposed and achieved meaningful progress. However, a closer look reveals three flaws in these works. First, some works simply use LSTM modules to perform sequence learning on pre-processing smart contracts, which lacks the ability to extract long-range features and does not support parallel processing of inputs. Secondly, smart contract vulnerability detection methods based on deep learning lack interpretability of results. From the perspective of system design, in order to solve these problems, we propose SmartDT, a more effective, faster, and interpretable smart contract vulnerability detection system. Specifically, (i) we propose an attention-based deep learning smart contract detection module, which is able to learn long-range dependencies in inputs and supports parallel processing of inputs. (ii) After the deep learning module, we stack an optional symbolic execution module for enhancing the interpretability of the classification results. Compared with general symbolic execution detection, our method can achieve faster detection because we can call a specific symbolic analysis model to detect input based on the classification results of the deep learning module. Extensive experiments demonstrate the effectiveness of our proposed method. Compared with other machine learningbased methods, our method achieves better performance and better interpretability, which demonstrates SmartDT’s outstanding feature learning capabilities. Compared with symbolic execution methods, our method achieves faster and more effective detection. In addition, we conducted ablation experiments to verify the effectiveness of each module.