Dynamic Vulnerability Detection on Smart Contracts Using Machine Learning

被引:24
|
作者
Eshghie, Mojtaba [1 ]
Artho, Cyrille [1 ]
Gurov, Dilian [1 ]
机构
[1] KTH Royal Inst Technol, Stockholm, Sweden
来源
PROCEEDINGS OF EVALUATION AND ASSESSMENT IN SOFTWARE ENGINEERING (EASE 2021) | 2021年
关键词
Smart Contracts; Vulnerability Detection; Machine Learning for Dynamic Software Analysis; Ethereum; Blockchain;
D O I
10.1145/3463274.3463348
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
In this work we propose Dynamit, a monitoring framework to detect reentrancy vulnerabilities in Ethereum smart contracts. The novelty of our framework is that it relies only on transaction metadata and balance data from the blockchain system; our approach requires no domain knowledge, code instrumentation, or special execution environment. Dynamit extracts features from transaction data and uses a machine learning model to classify transactions as benign or harmful. Therefore, not only can we find the contracts that are vulnerable to reentrancy attacks, but we also get an execution trace that reproduces the attack. Using a random forest classifier, our model achieved more than 90 percent accuracy on 105 transactions, showing the potential of our technique.
引用
收藏
页码:305 / 312
页数:8
相关论文
共 50 条
  • [21] Toward Vulnerability Detection for Ethereum Smart Contracts Using Graph-Matching Network
    Zhang, Yujian
    Liu, Daifu
    [J]. FUTURE INTERNET, 2022, 14 (11):
  • [22] Bayesian network based vulnerability detection of blockchain smart contracts
    Kodavali, Lakshminarayana
    Kuppuswamy, Sathiyamurthy
    [J]. JOURNAL OF INTELLIGENT & FUZZY SYSTEMS, 2023, 44 (02) : 1907 - 1920
  • [23] Improvement and Optimization of Vulnerability Detection Methods for Ethernet Smart Contracts
    Yang, Zhongju
    Zhu, Weixing
    Yu, Minggang
    [J]. IEEE ACCESS, 2023, 11 : 78207 - 78223
  • [24] ReDetect: Reentrancy Vulnerability Detection in Smart Contracts with High Accuracy
    Yu, Rutao
    Shu, Jiangang
    Yan, Dekai
    Jia, Xiaohua
    [J]. 2021 17TH INTERNATIONAL CONFERENCE ON MOBILITY, SENSING AND NETWORKING (MSN 2021), 2021, : 412 - 419
  • [25] HFContractFuzzer: Fuzzing Hyperledger Fabric Smart Contracts for Vulnerability Detection
    Ding, Mengjie
    Li, Peiru
    Li, Shanshan
    Zhang, He
    [J]. PROCEEDINGS OF EVALUATION AND ASSESSMENT IN SOFTWARE ENGINEERING (EASE 2021), 2021, : 321 - 328
  • [26] ContractWard: Automated Vulnerability Detection Models for Ethereum Smart Contracts
    Wang, Wei
    Song, Jingjing
    Xu, Guangquan
    Li, Yidong
    Wang, Hao
    Su, Chunhua
    [J]. IEEE TRANSACTIONS ON NETWORK SCIENCE AND ENGINEERING, 2021, 8 (02): : 1133 - 1144
  • [27] Vulnerability detection techniques for smart contracts: A systematic literature review
    Vidal, Fernando Richter
    Ivaki, Naghmeh
    Laranjeiro, Nuno
    [J]. JOURNAL OF SYSTEMS AND SOFTWARE, 2024, 217
  • [28] EtherFuzz: Mutation Fuzzing Smart Contracts for TOD Vulnerability Detection
    Wang, Xiaoyin
    Sun, Jiaze
    Hu, Chunyang
    Yu, Panpan
    Zhang, Bin
    Hou, Donghai
    [J]. WIRELESS COMMUNICATIONS & MOBILE COMPUTING, 2022, 2022
  • [29] Machine Learning Model for Smart Contracts Security Analysis
    Momeni, Pouyan
    Wang, Yu
    Samavi, Reza
    [J]. 2019 17TH INTERNATIONAL CONFERENCE ON PRIVACY, SECURITY AND TRUST (PST), 2019, : 272 - 277
  • [30] Anomaly Detection in Smart Grids using Machine Learning
    Shabad, Prem Kumar Reddy
    Alrashide, Abdulmueen
    Mohammed, Osama
    [J]. IECON 2021 - 47TH ANNUAL CONFERENCE OF THE IEEE INDUSTRIAL ELECTRONICS SOCIETY, 2021,
12345