Sepideh HajiHosseinKhani , Arash Habibi Lashkari , Ali Mizani Oskui
{"title":"Unveiling vulnerable smart contracts: Toward profiling vulnerable smart contracts using genetic algorithm and generating benchmark dataset","authors":"Sepideh HajiHosseinKhani , Arash Habibi Lashkari , Ali Mizani Oskui","doi":"10.1016/j.bcra.2023.100171","DOIUrl":null,"url":null,"abstract":"<div><p>Smart contracts (SCs) are crucial in maintaining trust within blockchain networks. However, existing methods for analyzing SC vulnerabilities often lack accuracy and effectiveness, while approaches based on Deep Neural Networks (DNNs) struggle with detecting complex vulnerabilities due to limited data availability. This paper proposes a novel approach for analyzing SC vulnerabilities. Our method leverages an advanced form of the Genetic Algorithm (GA) and includes the development of a comprehensive benchmark dataset consisting of 36,670 Solidity source code samples. The primary objective of our study is to profile vulnerable SCs effectively. To achieve this goal, we have devised an analyzer called SCsVulLyzer based on GAs, designed explicitly for profiling SCs. Additionally, we have carefully curated a new dataset encompassing a wide range of examples, ensuring the practical validation of our approach. Furthermore, we have established three distinct taxonomies that cover SCs, profiling techniques, and feature extraction. These taxonomies provide a systematic classification and analysis of information, improving the efficiency of our approach. Our methodology underwent rigorous testing through experimentation, and the results demonstrated the superior capabilities of our model in detecting vulnerabilities. Compared to traditional and DNN-based approaches, our approach achieved higher precision, recall, and F1-score, which are widely used metrics for evaluating model performance. Across all these metrics, our model showed exceptional results. The customization and adaptations we implemented within the GA significantly enhanced its effectiveness. Our approach detects SC vulnerabilities more efficiently and facilitates robust exploration. These promising results highlight the potential of GA-based profiling to improve the detection of SC vulnerabilities, contributing to enhanced security in blockchain networks.</p></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"5 1","pages":"Article 100171"},"PeriodicalIF":6.9000,"publicationDate":"2023-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2096720923000465/pdfft?md5=3d59e17ff3aef14044707e48b0743a5f&pid=1-s2.0-S2096720923000465-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Blockchain-Research and Applications","FirstCategoryId":"1093","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2096720923000465","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Smart contracts (SCs) are crucial in maintaining trust within blockchain networks. However, existing methods for analyzing SC vulnerabilities often lack accuracy and effectiveness, while approaches based on Deep Neural Networks (DNNs) struggle with detecting complex vulnerabilities due to limited data availability. This paper proposes a novel approach for analyzing SC vulnerabilities. Our method leverages an advanced form of the Genetic Algorithm (GA) and includes the development of a comprehensive benchmark dataset consisting of 36,670 Solidity source code samples. The primary objective of our study is to profile vulnerable SCs effectively. To achieve this goal, we have devised an analyzer called SCsVulLyzer based on GAs, designed explicitly for profiling SCs. Additionally, we have carefully curated a new dataset encompassing a wide range of examples, ensuring the practical validation of our approach. Furthermore, we have established three distinct taxonomies that cover SCs, profiling techniques, and feature extraction. These taxonomies provide a systematic classification and analysis of information, improving the efficiency of our approach. Our methodology underwent rigorous testing through experimentation, and the results demonstrated the superior capabilities of our model in detecting vulnerabilities. Compared to traditional and DNN-based approaches, our approach achieved higher precision, recall, and F1-score, which are widely used metrics for evaluating model performance. Across all these metrics, our model showed exceptional results. The customization and adaptations we implemented within the GA significantly enhanced its effectiveness. Our approach detects SC vulnerabilities more efficiently and facilitates robust exploration. These promising results highlight the potential of GA-based profiling to improve the detection of SC vulnerabilities, contributing to enhanced security in blockchain networks.
期刊介绍:
Blockchain: Research and Applications is an international, peer reviewed journal for researchers, engineers, and practitioners to present the latest advances and innovations in blockchain research. The journal publishes theoretical and applied papers in established and emerging areas of blockchain research to shape the future of blockchain technology.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
