Blockchain Smart Contract Threat Detection Technology Based on Symbolic
Execution
- URL: http://arxiv.org/abs/2312.15392v1
- Date: Sun, 24 Dec 2023 03:27:03 GMT
- Title: Blockchain Smart Contract Threat Detection Technology Based on Symbolic
Execution
- Authors: Chang Chu
- Abstract summary: Reentrancy vulnerability, which is hidden and complex, poses a great threat to smart contracts.
In this paper, we propose a smart contract threat detection technology based on symbolic execution.
The experimental results show that this method significantly increases both detection efficiency and accuracy.
- Score: 0.0
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: The security of smart contracts, which are an important part of blockchain
technology, has attracted much attention. In particular, reentrancy
vulnerability, which is hidden and complex, poses a great threat to smart
contracts. In order to improve the existing detection methods, which exhibit
low efficiency and accuracy, in this paper, we propose a smart contract threat
detection technology based on symbolic execution. In this method, first, the
recursive descent algorithm is used to recover the basic blocks of contract
code and control flow diagram, and static type inference is performed for
static single assignment (SSA) variables. Then, the control flow diagram is
encoded into constrained horn clause (CHC) constraints in combination with the
symbolic execution technology. Model checking is conducted for the generated
constraints using an automatic theorem prover based on the abstraction
refinement technique for fast static detection of common security threats in
smart contracts. Compared with existing detection methods, the method proposed
in this paper allows the detection of both the checks-effects-interactions
pattern and the vulnerability in relation to reentrant locks. It can simulate
the state changes of reentrant locks as well as other global variables in
multiple recursive transactions. The experimental results show that this method
significantly increases both detection efficiency and accuracy, improving the
security of smart contracts.
Related papers
- Soley: Identification and Automated Detection of Logic Vulnerabilities in Ethereum Smart Contracts Using Large Language Models [1.081463830315253]
We empirically investigate logic vulnerabilities in real-world smart contracts extracted from code changes on GitHub.
We introduce Soley, an automated method for detecting logic vulnerabilities in smart contracts.
We examine mitigation strategies employed by smart contract developers to address these vulnerabilities in real-world scenarios.
arXiv Detail & Related papers (2024-06-24T00:15:18Z) - Improving Smart Contract Security with Contrastive Learning-based Vulnerability Detection [8.121484960948303]
We propose Contrastive Learning Enhanced Automated Recognition Approach for Smart Contract Vulnerabilities, named Clear.
In particular, Clear employs a contrastive learning (CL) model to capture the fine-grained correlation information among contracts.
We show that Clear achieves optimal performance over all baseline methods; (2) 9.73%-39.99% higher F1-score than existing deep learning methods.
arXiv Detail & Related papers (2024-04-27T09:13:25Z) - LookAhead: Preventing DeFi Attacks via Unveiling Adversarial Contracts [15.071155232677643]
Decentralized Finance (DeFi) incidents have resulted in financial damages exceeding 3 billion US dollars.
Current detection tools face significant challenges in identifying attack activities effectively.
We propose a new direction for detecting DeFi attacks that focuses on identifying adversarial contracts.
arXiv Detail & Related papers (2024-01-14T11:39:33Z) - Scalable Ensemble-based Detection Method against Adversarial Attacks for
speaker verification [73.30974350776636]
This paper comprehensively compares mainstream purification techniques in a unified framework.
We propose an easy-to-follow ensemble approach that integrates advanced purification modules for detection.
arXiv Detail & Related papers (2023-12-14T03:04:05Z) - Token-Level Adversarial Prompt Detection Based on Perplexity Measures
and Contextual Information [67.78183175605761]
Large Language Models are susceptible to adversarial prompt attacks.
This vulnerability underscores a significant concern regarding the robustness and reliability of LLMs.
We introduce a novel approach to detecting adversarial prompts at a token level.
arXiv Detail & Related papers (2023-11-20T03:17:21Z) - Blockchain Large Language Models [65.7726590159576]
This paper presents a dynamic, real-time approach to detecting anomalous blockchain transactions.
The proposed tool, BlockGPT, generates tracing representations of blockchain activity and trains from scratch a large language model to act as a real-time Intrusion Detection System.
arXiv Detail & Related papers (2023-04-25T11:56:18Z) - Pre-deployment Analysis of Smart Contracts -- A Survey [0.27195102129095]
We present a systematic review of the literature on smart contract vulnerabilities and methods.
Specifically, we enumerate and classify smart contract vulnerabilities and methods by the properties they address.
Several patterns about the strengths of different methods emerge through this classification process.
arXiv Detail & Related papers (2023-01-15T12:36:56Z) - Perfectly Secure Steganography Using Minimum Entropy Coupling [60.154855689780796]
We show that a steganography procedure is perfectly secure under Cachin 1998's information-theoretic model of steganography.
We also show that, among perfectly secure procedures, a procedure maximizes information throughput if and only if it is induced by a minimum entropy coupling.
arXiv Detail & Related papers (2022-10-24T17:40:07Z) - Safe RAN control: A Symbolic Reinforcement Learning Approach [62.997667081978825]
We present a Symbolic Reinforcement Learning (SRL) based architecture for safety control of Radio Access Network (RAN) applications.
We provide a purely automated procedure in which a user can specify high-level logical safety specifications for a given cellular network topology.
We introduce a user interface (UI) developed to help a user set intent specifications to the system, and inspect the difference in agent proposed actions.
arXiv Detail & Related papers (2021-06-03T16:45:40Z) - ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep
Neural Network and Transfer Learning [80.85273827468063]
Existing machine learning-based vulnerability detection methods are limited and only inspect whether the smart contract is vulnerable.
We propose ESCORT, the first Deep Neural Network (DNN)-based vulnerability detection framework for smart contracts.
We show that ESCORT achieves an average F1-score of 95% on six vulnerability types and the detection time is 0.02 seconds per contract.
arXiv Detail & Related papers (2021-03-23T15:04:44Z) - Blockchained Federated Learning for Threat Defense [0.0]
This research paper introduces the development of an intelligent Threat Defense system, employing Federated Learning.
The proposed framework combines Federated Learning for the distributed and continuously validated learning of the tracing algorithms.
The aim of the proposed Framework is to intelligently classify smart cities networks traffic derived from Industrial IoT (IIoT) by Deep Content Inspection (DCI) methods.
arXiv Detail & Related papers (2021-02-25T09:16:48Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.