A Semantic Analysis-Based Method for Smart Contract Vulnerability

Xingrun Yan, Shuo Wang, Keke Gai

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

2 Citations (Scopus)

Abstract

Smart contracts are distributed, self-executing programs on blockchain network and they have the potential to impact many industries. A large number of developers are optimistic about the development prospects of smart contracts. However, due to different levels of familiarity of developers with technology, the existence of serious vulnerabilities in code can result in huge property losses. The serious consequences of reentrancy vulnerabilities have attracted widespread attention from researchers, and researchers have proposed many approaches to detect them. Many experiments show that these approaches can only effectively detect certain types of vulnerabilities. Similar vulnerabilities still exist in some smart contracts. In this paper, we propose a semantic analysis-based detection method for reentrancy vulnerabilities. The method utilizes machine learning techniques to efficiently detect the vulnerabilities of the given code. And then, our method provides semantic analysis-based effective correction feedback of the code. Compared with the existing vulnerability detection tools Slither and Mythril, our method improves the work efficiency. Moreover, compared with the current Mythril method with the best vulnerability detection accuracy, our method improves the accuracy by 1.01%.

Original languageEnglish
Title of host publicationProceedings - 2022 IEEE 8th International Conference on Big Data Security on Cloud, IEEE International Conference on High Performance and Smart Computing, and IEEE International Conference on Intelligent Data and Security, BigDataSecurity/HPSC/IDS 2022
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages23-28
Number of pages6
ISBN (Electronic)9781665480697
DOIs
Publication statusPublished - 2022
Event8th IEEE International Conference on Big Data Security on Cloud, 8th IEEE International Conference on High Performance and Smart Computing, and 8th IEEE International Conference on Intelligent Data and Security, BigDataSecurity/HPSC/IDS 2022 - Jinan, China
Duration: 6 May 20228 May 2022

Publication series

NameProceedings - 2022 IEEE 8th International Conference on Big Data Security on Cloud, IEEE International Conference on High Performance and Smart Computing, and IEEE International Conference on Intelligent Data and Security, BigDataSecurity/HPSC/IDS 2022

Conference

Conference8th IEEE International Conference on Big Data Security on Cloud, 8th IEEE International Conference on High Performance and Smart Computing, and 8th IEEE International Conference on Intelligent Data and Security, BigDataSecurity/HPSC/IDS 2022
Country/TerritoryChina
CityJinan
Period6/05/228/05/22

Keywords

  • machine learning
  • reentrancy vulnerability
  • semantic analysis
  • smart contract
  • static analysis

Fingerprint

Dive into the research topics of 'A Semantic Analysis-Based Method for Smart Contract Vulnerability'. Together they form a unique fingerprint.

Cite this