{"title":"利用广度和深度神经网络检测智能合约漏洞","authors":"Samuel Banning Osei , Zhongchen Ma , Rubing Huang","doi":"10.1016/j.scico.2024.103172","DOIUrl":null,"url":null,"abstract":"<div><p>Smart contracts, integral to blockchain technology, automate agreements without intermediaries, ensuring transparency and security across various sectors. However, the immutable nature of blockchain exposes deployed contracts to potential risks if they contain vulnerabilities. Current approaches, including symbolic execution and graph-based machine learning, aim to ensure smart contract security. However, these methods suffer from limitations such as high false positive rates, heavy reliance on trained data, and over-generalization.</p><p>The goal of this paper is to investigate the application of Wide and Deep Neural Networks in identifying vulnerabilities within smart contracts. We introduce WIDENNET, a method based on deep neural networks, designed to detect reentrancy and timestamp dependence vulnerabilities in smart contracts. Our approach involves extracting bytecodes from the contracts and converting them into Operational Codes (OPCODES), which are then transformed into distinct vector representations. These vectors are subsequently fed into the neural network to extract both complex and simple patterns for vulnerability detection. Testing on real-world datasets yielded an average accuracy of 83.07% and a precision of 83.13%. Our method offers a potential solution to mitigate vulnerabilities in blockchain applications.</p></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"238 ","pages":"Article 103172"},"PeriodicalIF":1.5000,"publicationDate":"2024-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Smart contract vulnerability detection using wide and deep neural network\",\"authors\":\"Samuel Banning Osei , Zhongchen Ma , Rubing Huang\",\"doi\":\"10.1016/j.scico.2024.103172\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Smart contracts, integral to blockchain technology, automate agreements without intermediaries, ensuring transparency and security across various sectors. However, the immutable nature of blockchain exposes deployed contracts to potential risks if they contain vulnerabilities. Current approaches, including symbolic execution and graph-based machine learning, aim to ensure smart contract security. However, these methods suffer from limitations such as high false positive rates, heavy reliance on trained data, and over-generalization.</p><p>The goal of this paper is to investigate the application of Wide and Deep Neural Networks in identifying vulnerabilities within smart contracts. We introduce WIDENNET, a method based on deep neural networks, designed to detect reentrancy and timestamp dependence vulnerabilities in smart contracts. Our approach involves extracting bytecodes from the contracts and converting them into Operational Codes (OPCODES), which are then transformed into distinct vector representations. These vectors are subsequently fed into the neural network to extract both complex and simple patterns for vulnerability detection. Testing on real-world datasets yielded an average accuracy of 83.07% and a precision of 83.13%. Our method offers a potential solution to mitigate vulnerabilities in blockchain applications.</p></div>\",\"PeriodicalId\":49561,\"journal\":{\"name\":\"Science of Computer Programming\",\"volume\":\"238 \",\"pages\":\"Article 103172\"},\"PeriodicalIF\":1.5000,\"publicationDate\":\"2024-07-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Science of Computer Programming\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0167642324000959\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, SOFTWARE ENGINEERING\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Science of Computer Programming","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167642324000959","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}
Smart contract vulnerability detection using wide and deep neural network
Smart contracts, integral to blockchain technology, automate agreements without intermediaries, ensuring transparency and security across various sectors. However, the immutable nature of blockchain exposes deployed contracts to potential risks if they contain vulnerabilities. Current approaches, including symbolic execution and graph-based machine learning, aim to ensure smart contract security. However, these methods suffer from limitations such as high false positive rates, heavy reliance on trained data, and over-generalization.
The goal of this paper is to investigate the application of Wide and Deep Neural Networks in identifying vulnerabilities within smart contracts. We introduce WIDENNET, a method based on deep neural networks, designed to detect reentrancy and timestamp dependence vulnerabilities in smart contracts. Our approach involves extracting bytecodes from the contracts and converting them into Operational Codes (OPCODES), which are then transformed into distinct vector representations. These vectors are subsequently fed into the neural network to extract both complex and simple patterns for vulnerability detection. Testing on real-world datasets yielded an average accuracy of 83.07% and a precision of 83.13%. Our method offers a potential solution to mitigate vulnerabilities in blockchain applications.
期刊介绍:
Science of Computer Programming is dedicated to the distribution of research results in the areas of software systems development, use and maintenance, including the software aspects of hardware design.
The journal has a wide scope ranging from the many facets of methodological foundations to the details of technical issues andthe aspects of industrial practice.
The subjects of interest to SCP cover the entire spectrum of methods for the entire life cycle of software systems, including
• Requirements, specification, design, validation, verification, coding, testing, maintenance, metrics and renovation of software;
• Design, implementation and evaluation of programming languages;
• Programming environments, development tools, visualisation and animation;
• Management of the development process;
• Human factors in software, software for social interaction, software for social computing;
• Cyber physical systems, and software for the interaction between the physical and the machine;
• Software aspects of infrastructure services, system administration, and network management.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
