Dynamic Vulnerability Detection on Smart Contracts Using Machine Learning

被引:24
|
作者
Eshghie, Mojtaba [1 ]
Artho, Cyrille [1 ]
Gurov, Dilian [1 ]
机构
[1] KTH Royal Inst Technol, Stockholm, Sweden
来源
PROCEEDINGS OF EVALUATION AND ASSESSMENT IN SOFTWARE ENGINEERING (EASE 2021) | 2021年
关键词
Smart Contracts; Vulnerability Detection; Machine Learning for Dynamic Software Analysis; Ethereum; Blockchain;
D O I
10.1145/3463274.3463348
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
In this work we propose Dynamit, a monitoring framework to detect reentrancy vulnerabilities in Ethereum smart contracts. The novelty of our framework is that it relies only on transaction metadata and balance data from the blockchain system; our approach requires no domain knowledge, code instrumentation, or special execution environment. Dynamit extracts features from transaction data and uses a machine learning model to classify transactions as benign or harmful. Therefore, not only can we find the contracts that are vulnerable to reentrancy attacks, but we also get an execution trace that reproduces the attack. Using a random forest classifier, our model achieved more than 90 percent accuracy on 105 transactions, showing the potential of our technique.
引用
收藏
页码:305 / 312
页数:8
相关论文
共 50 条
  • [41] VULNERABILITY DETECTION IN CYBER-PHYSICAL SYSTEM USING MACHINE LEARNING
    Bharathi, V
    Kumar, C. N. S. Vinoth
    [J]. SCALABLE COMPUTING-PRACTICE AND EXPERIENCE, 2024, 25 (01): : 577 - 592
  • [42] Mobile cellular network security vulnerability detection using machine learning
    Chen, Gongping
    Wang, Hong
    Zhang, Chuanqi
    [J]. International Journal of Information and Communication Technology, 2023, 22 (03) : 327 - 341
  • [43] Smart Contract Vulnerability Detection Using Deep Learning Algorithms on EVM bytecode
    Prifti, Lejdi
    Cico, Betim
    Karras, Dimitrios
    [J]. 2024 13TH MEDITERRANEAN CONFERENCE ON EMBEDDED COMPUTING, MECO 2024, 2024, : 223 - 229
  • [44] A Critical-Path-Coverage-Based Vulnerability Detection Method for Smart Contracts
    Fu, Menglin
    Wu, Lifa
    Hong, Zheng
    Zhu, Feng
    Sun, He
    Feng, Wenbo
    [J]. IEEE ACCESS, 2019, 7 : 147327 - 147344
  • [45] EOSIOAnalyzer: An Effective Static Analysis Vulnerability Detection Framework for EOSIO Smart Contracts
    Li, Wenyuan
    He, Jiahao
    Zhao, Gansen
    Yang, Jinji
    Li, Shuangyin
    Lai, Ruilin
    Li, Ping
    Tang, Hua
    Luo, Haoyu
    Zhou, Ziheng
    [J]. 2022 IEEE 46TH ANNUAL COMPUTERS, SOFTWARE, AND APPLICATIONS CONFERENCE (COMPSAC 2022), 2022, : 746 - 756
  • [46] A novel extended multimodal AI framework towards vulnerability detection in smart contracts
    Jie, Wanqing
    Chen, Qi
    Wang, Jiaqi
    Koe, Arthur Sandor Voundi
    Li, Jin
    Huang, Pengfei
    Wu, Yaqi
    Wang, Yin
    [J]. INFORMATION SCIENCES, 2023, 636
  • [47] Machine Learning Methods for Software Vulnerability Detection
    Chernis, Boris
    Verma, Rakesh
    [J]. IWSPA '18: PROCEEDINGS OF THE FOURTH ACM INTERNATIONAL WORKSHOP ON SECURITY AND PRIVACY ANALYTICS, 2018, : 31 - 39
  • [48] Detect and Mitigate Blockchain-Based DDoS Attacks Using Machine Learning and Smart Contracts
    Hamodi, Yaser Issam
    Majeed, Aso Ahmed
    Jihad, Kamal H.
    Qader, Banaz Anwer
    [J]. Informatica (Slovenia), 2022, 46 (07): : 55 - 62
  • [49] Ponzi scheme detection in smart contracts using the integration of deep learning and formal verification
    Chen, Shibao
    Li, Fei
    [J]. IET Blockchain, 2024, 4 (02): : 185 - 196
  • [50] Detecting Reentrancy Vulnerability in Smart Contracts using Graph Convolution Networks
    Lakadawala, Hozefa
    Dzigbede, Komla
    Chen, Yu
    [J]. 2024 IEEE 21ST CONSUMER COMMUNICATIONS & NETWORKING CONFERENCE, CCNC, 2024, : 188 - 193
12345