TY - GEN
T1 - A Semantic Analysis-Based Method for Smart Contract Vulnerability
AU - Yan, Xingrun
AU - Wang, Shuo
AU - Gai, Keke
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - Smart contracts are distributed, self-executing programs on blockchain network and they have the potential to impact many industries. A large number of developers are optimistic about the development prospects of smart contracts. However, due to different levels of familiarity of developers with technology, the existence of serious vulnerabilities in code can result in huge property losses. The serious consequences of reentrancy vulnerabilities have attracted widespread attention from researchers, and researchers have proposed many approaches to detect them. Many experiments show that these approaches can only effectively detect certain types of vulnerabilities. Similar vulnerabilities still exist in some smart contracts. In this paper, we propose a semantic analysis-based detection method for reentrancy vulnerabilities. The method utilizes machine learning techniques to efficiently detect the vulnerabilities of the given code. And then, our method provides semantic analysis-based effective correction feedback of the code. Compared with the existing vulnerability detection tools Slither and Mythril, our method improves the work efficiency. Moreover, compared with the current Mythril method with the best vulnerability detection accuracy, our method improves the accuracy by 1.01%.
AB - Smart contracts are distributed, self-executing programs on blockchain network and they have the potential to impact many industries. A large number of developers are optimistic about the development prospects of smart contracts. However, due to different levels of familiarity of developers with technology, the existence of serious vulnerabilities in code can result in huge property losses. The serious consequences of reentrancy vulnerabilities have attracted widespread attention from researchers, and researchers have proposed many approaches to detect them. Many experiments show that these approaches can only effectively detect certain types of vulnerabilities. Similar vulnerabilities still exist in some smart contracts. In this paper, we propose a semantic analysis-based detection method for reentrancy vulnerabilities. The method utilizes machine learning techniques to efficiently detect the vulnerabilities of the given code. And then, our method provides semantic analysis-based effective correction feedback of the code. Compared with the existing vulnerability detection tools Slither and Mythril, our method improves the work efficiency. Moreover, compared with the current Mythril method with the best vulnerability detection accuracy, our method improves the accuracy by 1.01%.
KW - machine learning
KW - reentrancy vulnerability
KW - semantic analysis
KW - smart contract
KW - static analysis
UR - http://www.scopus.com/inward/record.url?scp=85134172568&partnerID=8YFLogxK
U2 - 10.1109/BigDataSecurityHPSCIDS54978.2022.00015
DO - 10.1109/BigDataSecurityHPSCIDS54978.2022.00015
M3 - Conference contribution
AN - SCOPUS:85134172568
T3 - Proceedings - 2022 IEEE 8th International Conference on Big Data Security on Cloud, IEEE International Conference on High Performance and Smart Computing, and IEEE International Conference on Intelligent Data and Security, BigDataSecurity/HPSC/IDS 2022
SP - 23
EP - 28
BT - Proceedings - 2022 IEEE 8th International Conference on Big Data Security on Cloud, IEEE International Conference on High Performance and Smart Computing, and IEEE International Conference on Intelligent Data and Security, BigDataSecurity/HPSC/IDS 2022
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 8th IEEE International Conference on Big Data Security on Cloud, 8th IEEE International Conference on High Performance and Smart Computing, and 8th IEEE International Conference on Intelligent Data and Security, BigDataSecurity/HPSC/IDS 2022
Y2 - 6 May 2022 through 8 May 2022
ER -