Small sample smart contract vulnerability detection method based on multi-layer feature fusion

Abstract

The identification of vulnerabilities in smart contracts is necessary for ensuring their security. As a pre-trained language model, BERT has been employed in the detection of smart contract vulnerabilities, exhibiting high accuracy in tasks. However, it has certain limitations. Existing methods solely depend on features extracted from the final layer, thereby disregarding the potential contribution of features from other layers. To address these issues, this paper proposes a novel method, which is named multi-layer feature fusion (MULF). Experiments investigate the impact of utilizing features from other layers on performance improvement. To the best of our knowledge, this is the first instance of multi-layer feature sequence fusion in the field of smart contract vulnerability detection. Furthermore, there is a special type of patched contract code that contains vulnerability features which need to be studied. Therefore, to overcome the challenges posed by limited smart contract vulnerability datasets and high false positive rates, we introduce a data augmentation technique that incorporates function feature screening with those special smart contracts into the training set. To date, this method has not been reported in the literature. The experimental results demonstrate that the MULF model significantly enhances the performance of smart contract vulnerability identification compared to other models. The MULF model achieved accuracies of 98.95% for reentrancy vulnerabilities, 96.27% for timestamp dependency vulnerabilities, and 87.40% for overflow vulnerabilities, which are significantly higher than those achieved by existing methods.