Peng Qian,Zhenguang Liu,Qinming He,Butian Huang,Duanzheng Tian,Xun Wang

DOI: https://doi.org/10.13328/j.cnki.jos.006375

2022-01-01

Journal of Software

Abstract: Smart contract, one of the most successful applications of blockchain, is taking the world by storm, playing an essential role in the blockchain ecosystem. However, frequent smart contract security incidents not only result in tremendous economic losses but also destroy the blockchain-based credit system. The security and reliability of smart contracts thus gain extensive attention from researchers worldwide. In this survey, we first summarize the common types and typical cases of smart contract vulnerabilities from three levels, i.e., Solidity code layer, EVM execution layer, and Block dependency layer. Further, we review the research progress of smart contract vulnerability detection and classify existing counterparts into five categories, i.e., formal verification, symbolic execution, fuzzing detection, intermediate representation, and deep learning. Empirically, we take 300 real-world smart contracts deployed on Ethereum as the test samples and compare the representative methods in terms of accuracy, F1-Score, and average detection time. Finally, we discuss the challenges in the field of smart contract vulnerability detection and combine with the deep learning technology to look forward to future research directions.

Qiliang Yang,Tao Wang,Wenbo Zhang,Bo Yang,Yong Yu,Haiyu Li,Jingyi Wang,Zirui Qiao

DOI: https://doi.org/10.1155/2021/3758782

2021-01-01

Wireless Communications and Mobile Computing

Abstract:Blockchain-based crowdsourcing systems can mitigate some known limitations of the centralized crowdsourcing platform, such as single point of failure and Sybil attacks. However, blockchain-based crowdsourcing systems still endure the issues of privacy and security. Participants' sensitive information (e.g., identity, address, and expertise) have the risk of privacy disclosure. Sensitive crowdsourcing tasks such as location-based data collection and labeling images including faces also need privacy-preserving. Moreover, current work fails to balance the anonymity and public auditing of workers. In this paper, we present a secure blockchain-based crowdsourcing framework with fine-grained worker selection, named PrivCrowd which exploits a functional encryption scheme to protect the data privacy of tasks and to select workers by matching the attributes. In PrivCrowd, requesters and workers can achieve both exchange and evaluation fairness by calling smart contracts. Solutions collection also can be done in a secure, sound, and noninteractive way. Experiment results show the feasibility, usability, and efficiency of PrivCrowd.

Chen Zhang,Yu Guo,Xiaohua Jia,Cong Wang,Hongwei Du

DOI: https://doi.org/10.1109/jiot.2021.3051295

IF: 10.6

2021-04-15

IEEE Internet of Things Journal

Abstract:With the rapid development and widespread application of crowdsourcing, the limitations of traditional systems are gradually exposed. First, traditional systems fail to protect the privacy of task requesters and workers. They typically rely on a centralized server to aggregate the task content and workers' interests, while these data contain sensitive information. Second, crowdsourcing resources in each system are isolated. The tasks in one system cannot reach potential workers in other systems. Thus, there is a great need to build a new privacy-preserving and federated crowdsourcing system. However, the existing privacy-preserving solutions rely on a trusted third party to perform key management, which is not applicable in a federated setting. To this end, we propose the first proxy-free privacy-preserving and federated crowdsourcing system. It interconnects the existing crowdsourcing systems and can perform encrypted task matching across various systems without relying on a trusted third-party authority. Our main idea is to achieve federated crowdsourcing by moving secure task matching to the trusted smart contract. To get rid of the dependence on the trusted authority, we combine the rewritable deterministic hashing technique with searchable encryption schemes to achieve secure on-chain task-matching authorization. Moreover, we utilize the puncturable encryption technique to implement secure authorization revocation. We formally analyze the security of our design and implement a prototype on Ethereum. Evaluation results demonstrate that our design is secure and efficient for blockchain-based crowdsourcing.

computer science, information systems,telecommunications,engineering, electrical & electronic

Heng Wang,Yunlong Mao,Sheng Zhong

DOI: https://doi.org/10.1109/mass56207.2022.00019

2022-01-01

Abstract:Conventional crowdsourcing platforms primarily rely on a central server as the broker for information exchange. Although many efforts have been made, centralized platforms are still vulnerable to underlying security issues such as the trusted central server and single-point failure. Fortunately, blockchain has emerged as an alternative infrastructure for building crowd-sourcing platforms. Many excellent designs of decentralized crowdsourcing platforms (DCSPs) built atop blockchain have been proposed recently. Benefiting from blockchain, DCSPs can provide fascinating features, like tampering resistance and anonymity. However, new security issues keep cropping up. While existing studies have proved that DCSPs are vulnerable to various attacks, our study has identified a new attack named solution probing attack against DCSPs. The adversary of solution probing attack can take advantage of the anonymity of DCSPs to probe valid solutions using a generative model. Due to the transparency of blockchain transactions, our probing attack is effective even if the solutions are encrypted. We evaluate the probing attack on large-scale crowdsourcing tasks. Experimental results show that the adversary is capable of rewarding fraud without any meaningful contribution to the crowdsourcing task. To protect DCSPs from the probing attack, we propose a defense solution based on a mix-and-match strategy. Defense evaluation results show that our solution can defeat the probing attack effectively.

Zhifang Liao,Jincheng Ai,Shaoqiang Liu,Yan Zhang,Shengzong Liu

DOI: https://doi.org/10.1016/j.eswa.2022.118526

IF: 8.5

2023-01-01

Expert Systems with Applications

Abstract:Crowdsourcing is a task assignment technology that has emerged in recent years, enabling companies to reduce costs and increase work efficiency. Most of the current crowdsourcing systems (BCSs) built on blockchain focus on solving privacy issues and use rigorous proof protocols for task and solution security. Such systems cannot be directly applied in mobile environments because it would lead to excessive computational overhead for the endpoint. To achieve confidentiality of crowdsourcing tasks during transmission while reducing the energy consumption of mobile devices and optimizing task assignment results, in this paper, we develop a blockchain-based crowdsourcing model. We first build a model structure consisting of basic components, such as users, smart contracts, and blockchain, and design contracts to implement various crowdsourcing operations, such as registering, publishing tasks, and acquiring solutions. Unlike before, the ciphertext of the task and the encrypted secret key are embedded into the contract. This, together with the three operations we designed for users to interact with the smart contracts, can effectively protect the crowdsourcing data from being stolen while using the address anonymity of Ethereum to ensure the privacy of users. During task assignment, we use the DBSCAN algorithm to delineate each valid service area and implement the established multiobjective planning model within each area to achieve as many benefit goals as possible in the best way. Finally, we implement our prototype on the Ethereum test network Ropsten. The experimental results show that the cost overhead of the designed model is acceptable to mobile users, and the security analysis establishes the confidentiality of the designed operations.

computer science, artificial intelligence,engineering, electrical & electronic,operations research & management science

Jian An,Danwei Liang,Xiaolin Gui,He Yang,Ruowei Gui,Xin He

DOI: https://doi.org/10.1109/jiot.2018.2883835

IF: 10.6

2019-01-01

IEEE Internet of Things Journal

Abstract:With the popularization of intelligent terminals, crowdsensing has become increasingly prominent because of its advantages, such as low cost, high convenience, and fast speed in conducting tasks. However, the quality of the data collected through crowdsensing is varied and is difficult to evaluate. Furthermore, the existing crowdsensing quality control methods are mostly based on a central platform, which is not completely trusted in reality and results in the existence of fraud and other problems. To solve these two questions, a crowdsensing quality control model based on a two-consensus blockchain is proposed in this paper. First, the idea of a blockchain is introduced into this model. The credit-based verifier selection mechanism and the two-consensus approach are proposed to realize the nonrepudiation and nontampering of information in crowdsensing. Then, to help task publishers obtain higher-quality sensing data, the methods of node matching and QGE are proposed. The former method uses the idea of the calculation of matching degree to select workers, and the latter uses the idea of clustering and fuzzy theories to evaluate the quality of the sensing data. Finally, the experiments show that the running time of the block generation in our model is acceptable, and comparing with the other methods, our model can acquire data of higher quality after the addition of malicious nodes.

Chen Zhang,Yu Guo,Hongwei Du,Xiaohua Jia

DOI: https://doi.org/10.1109/iwqos49365.2020.9212891

2020-01-01

Abstract:Crowdsourcing is a promising computing paradigm that utilizes collective intelligence to solve complex tasks. While it is valuable, traditional crowdsourcing systems lock computation resources inside each individual system where tasks cannot reach numerous potential workers among the other systems. Therefore, there is a great need to build a federated platform for different crowdsourcing systems to share resources. However, the security issue lies in the center of constructing the federated crowdsourcing platform. Although many studies are focusing on privacy-preserving crowdsourcing, existing solutions require a trusted third party to perform the key management, which is not applicable in our federated platform. The reason is that it is difficult for a third party to be trusted by various systems. In this paper, we present a secure crowdsourcing framework as our initial effort toward this direction, which bridges together the recent advancements of blockchain and cryptographic techniques. Our proposed design, named PFcrowd, allows different crowdsourcing systems to perform encrypted task-worker matching over the blockchain platform without involving any thirdparty authority. The core idea is to utilize the blockchain to assist the federated crowdsourcing by moving the task recommendation algorithm to the trusted smart contract. To avoid third-party involvement, we first leverage the re-writable deterministic hashing (RDH) technique to convert the problem of federated task-worker matching into the secure query authorization. We then devise a secure scheme based on RDH and searchable encryption (SE) to support privacy-preserving task-worker matching via the smart contract. We formally analyze the security of our proposed scheme and implement the system prototype on Ethereum. Extensive evaluations of real-world datasets demonstrate the efficiency of our design.

Fei Tong,Yuanhang Zhou,Kaiming Wang,Guang Cheng,Jianyu Niu,Shibo He

DOI: https://doi.org/10.1109/tdsc.2024.3368655

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Mobile crowdsensing (MCS) is an efficient approach for large-scale sensing data collection by leveraging the mobility and capability of mobile devices. To avoid the weaknesses of traditional centralized crowdsensing systems, blockchain has been introduced to secure the process of MCS. This paper studies a location-aware scenario, where privacy of users are protected in a blockchain- based MCS system, and formulates an optimization problem to maximize the coverage given a budget based on reverse auction. An incentive mechanism named MMCB is further proposed and implemented as smart contracts in blockchain to solve the problem. We demonstrate that the mechanism achieves a set of desirable properties, including computation efficiency, individual rationality, truthfulness, budget feasibility, approximation, and privacy preservation. To protect the identity privacy of workers and obtain anonymity, a linkable ring signature is employed in smart contracts. In addition, a Pedersen commitment is utilized for protecting workers’ bid profile and the submitted sensing data is encrypted and only accessible to the requester. We implement a prototype system based on the Hyperledger Fabric platform, and the evaluation results show that our privacy-preserving incentive mechanism architecture improves 36.2% coverage and reduces 53.1% payment with better security level compared to the state-of-the-art schemes.

Yu Guo,Hongcheng Xie,Yinbin Miao,Cong Wang,Xiaohua Jia

DOI: https://doi.org/10.1109/tsc.2020.3031061

IF: 11.019

2020-01-01

IEEE Transactions on Services Computing

Abstract:Crowdsourcing has attracted widespread attention in recent years and developed into various applications. An indispensable service of crowdsourcing systems is task recommendation, which means tasks should be accurately recommended to the workers with aligned interests. However, existing systems rely on their separate servers to conduct recommendation services, resulting in computing resources locked inside each isolated system. Moreover, due to the wide attacking surfaces of traditional centralized servers setting, existing systems are subject to single points of failure or malicious data breaches. Therefore, failure to address these inherent limitations properly will hinder the wide adoption of crowdsourcing. In this article, we propose and implement FedCrowd, the first federated and privacy-preserving crowdsourcing platform by using blockchain technology. Our main idea is to employ the smart contract as a trusted platform for systems to release encrypted tasks, and carefully craft matching protocols to enable efficient task recommendations in the ciphertext domain. Our task-matching protocols are highly customized for the decentralized settings, where users can securely perform keyword and range-based queries over federated task indexes without sharing secret keys. We formally analyze the security strengths and complete the prototype implementation on Ethereum. Experiment results demonstrate the feasibility and usability of the FedCrowd platform.

computer science, information systems, software engineering

Qiantong Jiang,Zhuo Xu,Xinyi Luo,Xianchao Zhang,Kaiping Xue,Ruidong Li

DOI: https://doi.org/10.1109/globecom54140.2023.10437088

2023-01-01

Abstract:To improve the security of crowdsourcing, existing studies introduce blockchain to ensure reliability and utilize cryptography (e.g., encryption and zero-knowledge proof) to protect data privacy. Nevertheless, the crowdsourcing process may involve sensitive identity information, and identity protection remains unresolved during stages such as data submission and correct payment. Especially, when workers invoke a smart contract to submit data, it inevitably exposes their identities. Identity disclosure significantly impacts the credibility of crowdsourcing platforms. Existing solutions suggest solving the problem through anonymous token contracts such as Zether. However, tokens can easily result in fund freezing or extra information leakage. Moreover, invoking the contract to submit data will still disclose workers' blockchain accounts. To tackle the identity protection issue, in this paper, we propose AcCrowd which achieves worker anonymity and payment correctness in crowdsourcing systems atop blockchain. We first design a verifiable proxy submission mechanism for data submission, enabling workers to invoke contracts without disclosing their accounts. Then, we introduce and improve the BlockMaze architecture to replace previous anonymous token-based methods, enhancing privacy and flexibility. Besides, we designed a revealed payment mechanism that utilizes an adaptor signature to bind data reveal and reward payment together, simultaneously protecting the requester and worker. Our security and performance evaluations demonstrate the security and practicability of AcCrowd.

Shunrong Jiang,Xiao Zhang,Jingwei Chen,Jinpeng Li,Haiqin Wu,Yiliang Liu,Yong Zhou

DOI: https://doi.org/10.1109/tnsm.2024.3398143

2024-08-25

IEEE Transactions on Network and Service Management

Abstract:Crowdsourcing has gained many developments and wide applications in our daily life. Traditional centralized crowdsourcing systems suffer from high management costs and low efficiency. The recent advance in the blockchain technology has enabled the construction of decentralized crowdsourcing systems, which can overcome the limitations of centralized systems and make crowdsourcing solution reuse possible. However, such systems also bring new security and privacy challenges. For instance, transactions on blockchain are publicly visible which can lead to privacy leakage of crowdsourcing users. Moreover, unfair exchange is a critical issue on these platforms. In this paper, we propose a privacy-preserving and fair crowdsourcing framework with fine-grained reuse based on blockchain to meet the security requirements for decentralized crowdsourcing. Specifically, we construct one-address-only (OAO) authentication to ensure the uniqueness of the participant's address in the crowdsourcing process. Additionally, We design a submit-then-open method with commitments to resist the "free-riding" and "false-reporting" attacks. Thus, fair exchange between entities can be guaranteed. To ensure data confidentiality and fine-grained solution item reuse, we employ pairing-based cryptography to generate an encryption key and ensure flexible authorization reuse. We also adopt stealth authorization techniques to ensure privacy-preserving access authorization during the reuse phase. Finally, security analysis and implementation results have shown that the proposed framework can effectively achieve privacy-preserving and fair crowdsourcing as well as fine-grained crowdsourcing reuse. Specifically, the gas consumption in the reuse phase is reduced by approximately 49% to 81% compared to the normal operation, which significantly improves the efficiency of blockchain applications.

computer science, information systems

Ruidong Chen,Yangyang Liu,Shiping Huang,Yuyan Sun,Guozheng Li,Qiwen Jiang

DOI: https://doi.org/10.1109/ICCBD-AI62252.2023.00022

2023-12-15

Abstract:The increasement of blockchain applications has brought about many security issues, with smart contract vulnerabilities causing significant financial losses. The majority of current smart contract vulnerability detection methods predominantly rely on static analysis of the source code and predefined expert rules. However, these approaches exhibit certain limitations, characterized by their restricted scalability and lower detection accuracy. Therefore in this paper, we use graph neural networks to perform smart contract vulnerability detection at the bytecode level, aiming to address the aforementioned issues. In particular, we propose a novel detection model. In order to acquire a comprehensive understanding of the dependencies among individual functions within a smart contract, we first construct a Program Dependency Graph(PDG) of functions, extract function-level features using graph neural networks, then augment function-level features using a self-attentive mechanism to learn the dependencies between functions, and finally aggregate function-level features for detecting the vulnerabilities. Our model possesses the capability to identify the subtle nuances in the interactions and interdependencies among different functions, consequently enhancing the precision of vulnerability detection. Experimental results show the performance of the method compared to existing smart contract vulnerability detection methods across multiple evaluation metrics.

Computer Science

Zice Sun,Yingjie Wang,Zhipeng Cai,Tianen Liu,Xiangrong Tong,Nan Jiang

DOI: https://doi.org/10.1002/int.22371

IF: 8.993

2021-01-23

International Journal of Intelligent Systems

Abstract:<p>With the rise of the Internet of Things (IoT) and fifth‐generation (5G) networks, which have led to a surge in data processing and increased data transfer time, traditional cloud computing could no longer meet the needs of workers, so edge computing has emerged. Edge computing could meet the demand for low time consumption by processing data at the edge of the network and then transmitting it to a third‐party platform. However, since the credibility of the third‐party platform is unknown which can easily leak the privacy of workers. For the transparent mechanism of blockchain, a two‐stage privacy protection mechanism based on blockchain is proposed to solve this problem. In the first stage, this paper proposes a double disturbance localized differential privacy (DDLDP) algorithm to disturb the location information of workers. In the second stage, all the sensing data are uploaded to the blockchain through edge nodes, processed by the edge cloud, and fed back to the requester. Blockchain technology not only guarantees the integrity of sensing data, but also prevents the possibility of third‐party platforms from leaking workers' privacy. Through extensive performance evaluation and comparative experiments on real data sets, the DDLDP algorithm could effectively protect the privacy of workers and has higher service quality and data availability.</p>

computer science, artificial intelligence

Longtao Guo,Huakun Huang,Lingjun Zhao,Peiliang Wang,Shan Jiang,Chunhua Su

DOI: https://doi.org/10.1016/j.cose.2024.103894

IF: 5.105

2024-05-11

Computers & Security

Abstract:Smart contracts with automatic execution capability provide a vast development space for transactions in Blockchain. However, due to the vulnerabilities in smart contracts, Blockchain has suffered huge economic losses, which greatly undermines people's trust in Blockchain and smart contracts. In this paper, we explore a vulnerability detection method based on graph neural networks and combine both contract source code and opcode. The structure of the method consists of four modules, i.e., preprocessing, subspace mapping, feature extraction, and detection modules. In the feature mapping module, we use a multi-subspace mapping approach to explore the impact of different subspace mappings on the detection method. For reentrancy vulnerability, we conducted extensive experiments. The experiments prove that our method achieves 95% accuracy and 94% F1-Score on average.

computer science, information systems

Dongfang Jia,Zhicong Liu,Zhengqi Zhang,Jun Ye

DOI: https://doi.org/10.1007/978-981-16-7469-3_108

2022-01-01

Abstract:In recent years, the second-generation blockchain platforms and applications represented by smart contracts have seen explosive growth, but frequent smart contract vulnerability incidents have seriously threatened the ecological security of blockchain. In view of the low efficiency of code audit based on expert experience, it is important to develop a general automation tool to mine smart contract vulnerabilities. In the beginning, the security threats of smart contracts should be investigated and analyzed, and many smart contract vulnerabilities and attack modes that occur frequently, such as code reentrant, access control, integer overflow, etc., were summarized. Then, the technology method of smart contract vulnerability detection conforming to The Times is obtained, and the current samples of smart contract vulnerability detection are summarized. The current investigation includes too few types of vulnerabilities, with a variety of inaccuracies and deviations. It is only carried out through manual audit. Through these methods, according to the state of including after put forward the general ideas of this kind of situation, and puts forward a kind of symbolic execution auxiliary fuzzy test framework, can reduce the symbolic execution channel congestion and fuzzy test code coverage degree is too little, so as to improve test efficiency, easy to dig holes of large and medium-sized intelligent contracts quality improvement.

Ming Li,Jian Weng,Anjia Yang,Wei Lu,Yue Zhang,Lin Hou,Jia-Nan Liu,Yang Xiang,Robert H. Deng

DOI: https://doi.org/10.1109/tpds.2018.2881735

IF: 5.3

2019-06-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Crowdsourcing systems which utilize the human intelligence to solve complex tasks have gained considerable interest and adoption in recent years. However, the majority of existing crowdsourcing systems rely on central servers, which are subject to the weaknesses of traditional trust-based model, such as single point of failure. They are also vulnerable to distributed denial of service (DDoS) and Sybil attacks due to malicious users involvement. In addition, high service fees from the crowdsourcing platform may hinder the development of crowdsourcing. How to address these potential issues has both research and substantial value. In this paper, we conceptualize a blockchain-based decentralized framework for crowdsourcing named CrowdBC, in which a requester&#x27;s task can be solved by a crowd of workers without relying on any third trusted institution, users’ privacy can be guaranteed and only low transaction fees are required. In particular, we introduce the architecture of our proposed framework, based on which we give a concrete scheme. We further implement a software prototype on Ethereum public test network with real-world dataset. Experiment results show the feasibility, usability, and scalability of our proposed crowdsourcing system.

computer science, theory & methods,engineering, electrical & electronic

Zhifeng Wang,Wanxuan Wu,Chunyan Zeng,Jialong Yao,Yang Yang,Hongmin Xu

2023-03-08

Abstract:With the development of blockchain technology, more and more attention has been paid to the intersection of blockchain and education, and various educational evaluation systems and E-learning systems are developed based on blockchain technology. Among them, Ethereum smart contract is favored by developers for its ``event-triggered" mechanism for building education intelligent trading systems and intelligent learning platforms. However, due to the immutability of blockchain, published smart contracts cannot be modified, so problematic contracts cannot be fixed by modifying the code in the educational blockchain. In recent years, security incidents due to smart contract vulnerabilities have caused huge property losses, so the detection of smart contract vulnerabilities in educational blockchain has become a great challenge. To solve this problem, this paper proposes a graph neural network (GNN) based vulnerability detection for smart contracts in educational blockchains. Firstly, the bytecodes are decompiled to get the opcode. Secondly, the basic blocks are divided, and the edges between the basic blocks according to the opcode execution logic are added. Then, the control flow graphs (CFG) are built. Finally, we designed a GNN-based model for vulnerability detection. The experimental results show that the proposed method is effective for the vulnerability detection of smart contracts. Compared with the traditional approaches, it can get good results with fewer layers of the GCN model, which shows that the contract bytecode and GCN model are efficient in vulnerability detection.

Cryptography and Security,Machine Learning

Yang Qiliang,Zhang Mingrui,Zhou Yanwei,Yu Yong

DOI: https://doi.org/10.1049/cje.2021.01.007

IF: 1.019

2021-01-01

Chinese Journal of Electronics

Abstract:Traditional crowdsourcing based on centralized management platform is vulnerable to Distributed denial of service（DDo S） attack and single point of failure.Combining blockchain technology with crowdsourcing can well solve the above problems, enabling users to realize peer-to-peer transactions and collaboration based on decentralized trust in distributed systems where nodes do not need to trust each other. Although the current methods have solved the above problems, task publishers select workers based on their reputation values, which has two disadvantages: subjectivity and difficulty in initial value setting. Due to the complexity of crowdsourcing network, there will be malicious users in the network.The requirement for anonymity protects both legitimate and malicious users. In order to solve these problems, we propose an attribute-based worker selection scheme using the private set intersection technology. Our scheme also realizes the malicious user identity disclosure function. A concrete example of our scheme is given.

Jinggang Li,Gehao Lu,Yulian Gao,Feng Gao

DOI: https://doi.org/10.3390/math11234823

IF: 2.4

2023-11-30

Mathematics

Abstract:With the proliferation of blockchain technology in decentralized applications like decentralized finance and supply chain and identity management, smart contracts operating on a blockchain frequently encounter security issues such as reentrancy vulnerabilities, timestamp dependency vulnerabilities, tx.origin vulnerabilities, and integer overflow vulnerabilities. These security concerns pose a significant risk of causing substantial losses to user accounts. Consequently, the detection of vulnerabilities in smart contracts has become a prominent area of research. Existing research exhibits limitations, including low detection accuracy in traditional smart contract vulnerability detection approaches and the tendency of deep learning-based solutions to focus on a single type of vulnerability. To address these constraints, this paper introduces a smart contract vulnerability detection method founded on multimodal feature fusion. This method adopts a multimodal perspective to extract three modal features from the lifecycle of smart contracts, leveraging both static and dynamic features comprehensively. Through deep learning models like Graph Convolutional Networks (GCNs) and bidirectional Long Short-Term Memory networks (bi-LSTMs), effective detection of vulnerabilities in smart contracts is achieved. Experimental results demonstrate that the proposed method attains detection accuracies of 85.73% for reentrancy vulnerabilities, 85.41% for timestamp dependency vulnerabilities, 83.58% for tx.origin vulnerabilities, and 90.96% for integer Overflow vulnerabilities. Furthermore, ablation experiments confirm the efficacy of the newly introduced modal features, highlighting the significance of fusing dynamic and static features in enhancing detection accuracy.

mathematics

Pang Xiaoyi,Guo Dengfeng,Wang Zhibo,Sun Peng,Zhang Liqiang

DOI: https://doi.org/10.1007/s42045-020-00043-w

2020-01-01

CCF Transactions on Networking

Abstract:Crowdsourcing has been a popular paradigm leveraging the power of the crowd to accomplish a common goal. Traditional crowdsourcing systems rely on a centralized platform to allocate tasks and rewards to users, facing severe problems of single node failure and malicious behaviors of the platform. Recently, some works take advantage of blockchain to solve the drawback of centralization. However, the key issue, fair and efficient task allocation, has not been explored in existing blockchain-based crowdsourcing systems. In this paper, we design a novel blockchain-based framework for crowdsourcing, in which a distributed reverse and blind auction-based task allocation mechanism (RbatAlloc) is proposed utilizing user profile and bidding price to realize fair and efficient task allocation in transparent blockchain environment. Finally, we implement a prototype of our system and deploy it to a locally developed network. The experimental results demonstrate the effectiveness of the proposed framework and mechanism.