Dynamic Vulnerability Detection on Smart Contracts Using Machine Learning

被引:24
|
作者
Eshghie, Mojtaba [1 ]
Artho, Cyrille [1 ]
Gurov, Dilian [1 ]
机构
[1] KTH Royal Inst Technol, Stockholm, Sweden
来源
PROCEEDINGS OF EVALUATION AND ASSESSMENT IN SOFTWARE ENGINEERING (EASE 2021) | 2021年
关键词
Smart Contracts; Vulnerability Detection; Machine Learning for Dynamic Software Analysis; Ethereum; Blockchain;
D O I
10.1145/3463274.3463348
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
In this work we propose Dynamit, a monitoring framework to detect reentrancy vulnerabilities in Ethereum smart contracts. The novelty of our framework is that it relies only on transaction metadata and balance data from the blockchain system; our approach requires no domain knowledge, code instrumentation, or special execution environment. Dynamit extracts features from transaction data and uses a machine learning model to classify transactions as benign or harmful. Therefore, not only can we find the contracts that are vulnerable to reentrancy attacks, but we also get an execution trace that reproduces the attack. Using a random forest classifier, our model achieved more than 90 percent accuracy on 105 transactions, showing the potential of our technique.
引用
收藏
页码:305 / 312
页数:8
相关论文
共 50 条
  • [1] Vulnerability Detection in Smart Contracts Using Deep Learning
    Gopali, Saroj
    Khan, Zulfiqar Ali
    Chhetri, Bipin
    Karki, Bimal
    Namin, Akbar Siami
    [J]. 2022 IEEE 46TH ANNUAL COMPUTERS, SOFTWARE, AND APPLICATIONS CONFERENCE (COMPSAC 2022), 2022, : 1249 - 1255
  • [2] SmartMixModel: Machine Learning-based Vulnerability Detection of Solidity Smart Contracts
    Shakya, Supriya
    Mukherjee, Arnab
    Halder, Raju
    Maiti, Abyayananda
    Chaturvedi, Amrita
    [J]. 2022 IEEE INTERNATIONAL CONFERENCE ON BLOCKCHAIN (BLOCKCHAIN 2022), 2022, : 37 - 44
  • [3] VSCL: Automating Vulnerability Detection in Smart Contracts with Deep Learning
    Mi, Feng
    Wang, Zhuoyi
    Zhao, Chen
    Guo, Jinghui
    Ahmed, Fawaz
    Khan, Latifur
    [J]. 2021 IEEE INTERNATIONAL CONFERENCE ON BLOCKCHAIN AND CRYPTOCURRENCY (ICBC), 2021,
  • [4] Smart contracts auditing and multi-classification using machine learning algorithms: an efficient vulnerability detection in ethereum blockchain
    El Haddouti, Samia
    Khaldoune, Mohammed
    Ayache, Meryeme
    Ech-Cherif El Kettani, Mohamed Dafir
    [J]. COMPUTING, 2024, 106 (09) : 2971 - 3003
  • [5] A Survey on Ethereum Smart Contract Vulnerability Detection Using Machine Learning
    Surucu, Onur
    Yeprem, Uygar
    Wilkinson, Connor
    Hilal, Waleed
    Gadsden, S. Andrew
    Yawney, John
    Alsadi, Naseem
    Giuliano, Alessandro
    [J]. DISRUPTIVE TECHNOLOGIES IN INFORMATION SCIENCES VI, 2022, 12117
  • [6] Deep learning-based methodology for vulnerability detection in smart contracts
    Wang, Zhibo
    Guoming, Liu
    Xu, Hongzhen
    You, Shengyu
    Ma, Han
    Wang, Hongling
    [J]. PEERJ COMPUTER SCIENCE, 2024, 10
  • [7] A Multimodal Deep Learning Approach for Efficient Vulnerability Detection in Smart Contracts
    Le Cong Trinh
    Vu Trung Kien
    Trinh Minh Hoang
    Nguyen Huu Quyen
    Nghi Hoang Khoa
    Phan The Duy
    Van-Hau Pham
    [J]. IEEE CONFERENCE ON GLOBAL COMMUNICATIONS, GLOBECOM, 2023, : 3421 - 3426
  • [8] Survey on Vulnerability Detection Technology of Smart Contracts
    Dong, Wei-Liang
    Liu, Zhe
    Liu, Kui
    Li, Li
    Ge, Chun-Peng
    Huang, Zhi-Qiu
    [J]. Ruan Jian Xue Bao/Journal of Software, 2024, 35 (01): : 38 - 62
  • [9] ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection
    Jiang, Bo
    Liu, Ye
    Chan, W. C.
    [J]. PROCEEDINGS OF THE 2018 33RD IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMTED SOFTWARE ENGINEERING (ASE' 18), 2018, : 259 - 269
  • [10] Smart Contracts Vulnerability Classification Through Deep Learning
    Rossini, Martina
    Zichichi, Mirko
    Ferretti, Stefano
    [J]. PROCEEDINGS OF THE TWENTIETH ACM CONFERENCE ON EMBEDDED NETWORKED SENSOR SYSTEMS, SENSYS 2022, 2022, : 1229 - 1230
12345