Dual-view Aware Smart Contract Vulnerability Detection for Ethereum

• URL: http://arxiv.org/abs/2407.00336v1
• Date: Sat, 29 Jun 2024 06:47:51 GMT
• Title: Dual-view Aware Smart Contract Vulnerability Detection for Ethereum
• Authors: Jiacheng Yao, Maolin Wang, Wanqi Chen, Chengxiang Jin, Jiajun Zhou, Shanqing Yu, Qi Xuan,
• Abstract summary: We propose a Dual-view Aware Smart Contract Vulnerability Detection Framework named DVDet. The framework initially converts the source code and bytecode of smart contracts into weighted graphs and control flow sequences. Comprehensive experiments on the dataset show that our method outperforms others in detecting vulnerabilities.
• Score: 5.002702845720439
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: The wide application of Ethereum technology has brought technological innovation to traditional industries. As one of Ethereum's core applications, smart contracts utilize diverse contract codes to meet various functional needs and have gained widespread use. However, the non-tamperability of smart contracts, coupled with vulnerabilities caused by natural flaws or human errors, has brought unprecedented challenges to blockchain security. Therefore, in order to ensure the healthy development of blockchain technology and the stability of the blockchain community, it is particularly important to study the vulnerability detection techniques for smart contracts. In this paper, we propose a Dual-view Aware Smart Contract Vulnerability Detection Framework named DVDet. The framework initially converts the source code and bytecode of smart contracts into weighted graphs and control flow sequences, capturing potential risk features from these two perspectives and integrating them for analysis, ultimately achieving effective contract vulnerability detection. Comprehensive experiments on the Ethereum dataset show that our method outperforms others in detecting vulnerabilities.

Related papers

• Vulnerability Detection in Ethereum Smart Contracts via Machine Learning: A Qualitative Analysis [0.0]
  We analyze the state of the art in machine-learning vulnerability detection for smart contracts. We discuss best practices to enhance the accuracy, scope, and efficiency of vulnerability detection in smart contracts.
  arXiv  Detail & Related papers  (2024-07-26T10:09:44Z)
• Versioned Analysis of Software Quality Indicators and Self-admitted Technical Debt in Ethereum Smart Contracts with Ethstractor [2.052808596154225]
  This paper proposes Ethstractor, the first smart contract collection tool for gathering a dataset of versioned smart contracts. The collected dataset is then used to evaluate the reliability of code metrics as indicators of vulnerabilities in smart contracts.
  arXiv  Detail & Related papers  (2024-07-22T18:27:29Z)
• A security framework for Ethereum smart contracts [13.430752634838539]
  This article presents ESAF, a framework for analysis of smart contracts. It aims to unify and facilitate the task of analyzing smart contract vulnerabilities. It can be used as a persistent security monitoring tool for a set of target contracts as well as a classic vulnerability analysis tool among other uses.
  arXiv  Detail & Related papers  (2024-02-05T22:14:21Z)
• Generative AI-enabled Blockchain Networks: Fundamentals, Applications, and Case Study [73.87110604150315]
  Generative Artificial Intelligence (GAI) has emerged as a promising solution to address challenges of blockchain technology. In this paper, we first introduce GAI techniques, outline their applications, and discuss existing solutions for integrating GAI into blockchains.
  arXiv  Detail & Related papers  (2024-01-28T10:46:17Z)
• Vulnerability Scanners for Ethereum Smart Contracts: A Large-Scale Study [44.25093111430751]
  In 2023 alone, such vulnerabilities led to substantial financial losses exceeding a billion of US dollars. Various tools have been developed to detect and mitigate vulnerabilities in smart contracts. This study investigates the gap between the effectiveness of existing security scanners and the vulnerabilities that still persist in practice.
  arXiv  Detail & Related papers  (2023-12-27T11:26:26Z)
• Empirical Review of Smart Contract and DeFi Security: Vulnerability Detection and Automated Repair [36.46679501556185]
  Decentralized Finance (DeFi) is emerging as a peer-to-peer financial ecosystem. smart contracts hold a massive amount of value, making them an attractive target for attacks. This paper reviews the progress made in the field of smart contract and DeFi security from the perspective of both vulnerability detection and automated repair.
  arXiv  Detail & Related papers  (2023-09-05T17:00:42Z)
• Graph Neural Networks Enhanced Smart Contract Vulnerability Detection of Educational Blockchain [4.239144309557045]
  This paper proposes a graph neural network based vulnerability detection for smart contracts in educational blockchains. The experimental results show that the proposed method is effective for the vulnerability detection of smart contracts.
  arXiv  Detail & Related papers  (2023-03-08T09:58:58Z)
• An Automated Vulnerability Detection Framework for Smart Contracts [18.758795474791427]
  We propose a framework to automatically detect vulnerabilities in smart contracts on the blockchain. More specifically, first, we utilize novel feature vector generation techniques from bytecode of smart contract. Next, the collected vectors are fed into our novel metric learning-based deep neural network(DNN) to get the detection result.
  arXiv  Detail & Related papers  (2023-01-20T23:16:04Z)
• Combining Graph Neural Networks with Expert Knowledge for Smart Contract Vulnerability Detection [37.7763374870026]
  Existing efforts for contract security analysis rely on rigid rules defined by experts, which are labor-intensive and non-scalable. We propose a novel temporal message propagation network to extract the graph feature from the normalized graph, and combine the graph feature with designed expert patterns to yield a final detection system.
  arXiv  Detail & Related papers  (2021-07-24T13:16:30Z)
• Smart Contract Vulnerability Detection: From Pure Neural Network to Interpretable Graph Feature and Expert Pattern Fusion [48.744359070088166]
  Conventional smart contract vulnerability detection methods heavily rely on fixed expert rules. Recent deep learning approaches alleviate this issue but fail to encode useful expert knowledge. We develop automatic tools to extract expert patterns from the source code. We then cast the code into a semantic graph to extract deep graph features.
  arXiv  Detail & Related papers  (2021-06-17T07:12:13Z)
• ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning [80.85273827468063]
  Existing machine learning-based vulnerability detection methods are limited and only inspect whether the smart contract is vulnerable. We propose ESCORT, the first Deep Neural Network (DNN)-based vulnerability detection framework for smart contracts. We show that ESCORT achieves an average F1-score of 95% on six vulnerability types and the detection time is 0.02 seconds per contract.
  arXiv  Detail & Related papers  (2021-03-23T15:04:44Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.