Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Article type: Research Article
Authors: Wang, Changjinga; b; 1 | Jiang, Huiwena; 1 | Wang, Yuxinc | Huang, Qinga; 2; * | Zuo, Zhengkanga; 2; *
Affiliations: [a] School of Computer Information Engineering, Jiangxi Normal University, China | [b] Management Science and Engineering Research Center, Jiangxi Normal University, China | [c] School of Digital Industry, Jiangxi Normal University, China
Correspondence: [*] Corresponding author. Qing Huang and Zhengkang Zuo, School of Computer Information Engineering, Jiangxi Normal University, China. E-mails: [email protected] (Qing Huang) and [email protected] (Zhengkang Zuo).
Note: [1] Huiwen Jiang and Changjing Wang are co-first authors.
Note: [2] Qing Huang and Zhengkang Zuo are equally allocated to this work.
Abstract: The smart contract, a self-executing program on the blockchain, is key to programmable finance. However, the rise of smart contract use has also led to an increase in vulnerabilities that attract illegal activity from hackers. Traditional manual approaches for vulnerability detection, relying on domain experts, have limitations such as low automation and weak generalization. In this paper, we propose a deep learning approach that leverages domain-specific features and an attention mechanism to accurately detect vulnerabilities in smart contracts. Our approach reduces the reliance on manual input and enhances generalization by continuously learning code patterns of vulnerabilities, specifically detecting various types of vulnerabilities such as reentrancy, integer overflow, forced Ether injection, unchecked return value, denial of service, access control, short address attack, tx.origin, call stack overflow, timestamp dependency, random number dependency, and transaction order dependency vulnerabilities. In order to extract semantic information, we present a semantic distillation approach for detecting smart contract vulnerabilities. This approach involves using a syntax parser, Slither, to segment the code into smaller slices and word embedding to create a matrix for model training and prediction. Our experiments indicate that the BILSTM model is the best deep learning model for smart contract vulnerability detection task. We looked at how domain features and self-attentiveness mechanisms affected the ability to identify 12 different kinds of smart contract vulnerabilities. Our results show that by including domain features, we significantly increased the F1 values for 8 different types of vulnerabilities, with improvements ranging from 7.35% to 48.58%. The methods suggested in this study demonstrate a significant improvement in F1 scores ranging from 4.18% to 38.70% when compared to conventional detection tools like Oyente, Mythril, Osiris, Slither, Smartcheck, and Securify. This study provides developers with a more effective method of detecting smart contract vulnerabilities, assisting in the prevention of potential financial losses. This research provides developers with a more effective means of detecting smart contract vulnerabilities, thereby helping to prevent potential financial losses.
Keywords: Smart contract, vulnerability detection, attention mechanism, domain features, recurrent neural network 2010 MSC: 00-01, 99-00
DOI: 10.3233/JIFS-224489
Journal: Journal of Intelligent & Fuzzy Systems, vol. 45, no. 1, pp. 1513-1525, 2023
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
[email protected]
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office [email protected]
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
如果您在出版方面需要帮助或有任何建, 件至: [email protected]