Top

Published in:

2023 | OriginalPaper | Chapter

Block-gram: Mining Knowledgeable Features for Smart Contract Vulnerability Detection

Authors : Tao Li, Haolong Wang, Yaozheng Fang, Zhaolong Jian, Zichun Wang, Xueshuo Xie

Published in: Smart Computing and Communication

Publisher: Springer Nature Switzerland

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Effective vulnerability detection of large-scale smart contracts is critical because smart contract attacks frequently bring about tremendous economic loss. However, code analysis requiring traversal paths and learning methods requiring many features training is too time-consuming to detect large-scale on-chain contracts. This paper focuses on improving detection efficiency by reducing the dimension of the features, combined with expert knowledge. We propose a feature extraction method Block-gram to form low-dimensional knowledgeable features from the bytecode. We first separate the metadata and convert the runtime code to opcode sequence, dividing the opcode sequence into segments according to some instructions (jump, etc.). Then, we mine extensible Block-gram features for learning-based model training, consisting of 4-dimensional block features and 8-dimensional attribute features. We evaluate these knowledge-based features using seven state-of-the-art learning algorithms to show that the average detection latency speeds up 25 to 650 times, compared with the features extracted by N-gram.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Research on Power Border Firewall Policy Import and Optimization Tool

next chapter Enhanced 4A Identity Authentication Center Based on Super SIM Technology

https://explore.duneanalytics.com/.

http://www.coindesk.com/daoattacked-code-issue-leads-60-million-ether-theft, 2016.

https://hacked.slowmist.io/en/.

Wang, S., Ouyang, L., Yuan, Y., Ni, X., Han, X., Wang, F.-Y.: Blockchain-enabled smart contracts: architecture, applications, and future trends. IEEE Trans. Syst. Man Cybern. Syst. 49(11), 2266–2277 (2019)CrossRef

Ma, F., et al.: EVM*: from offline detection to online reinforcement for ethereum virtual machine. In: 2019 IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER), pp. 554–558. IEEE (2019)

Sai, A.R., Holmes, C., Buckley, J., Gear, A.L.: Inheritance software metrics on smart contracts. In: Proceedings of the 28th International Conference on Program Comprehension, pp. 381–385 (2020)

Durieux, T., Ferreira, J.F., Abreu, R., Cruz, P.: Empirical review of automated analysis tools on 47,587 ethereum smart contracts. In: Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering, pp. 530–541 (2020)

Wang, W., Song, J., Xu, G., Li, Y., Wang, H., Su, C.: ContractWard: automated vulnerability detection models for ethereum smart contracts. IEEE Trans. Netw. Sci. Eng. 8(2), 1133–1144 (2020)CrossRef

Hildenbrandt, E., et al.: KEVM: a complete formal semantics of the ethereum virtual machine. In: 2018 IEEE 31st Computer Security Foundations Symposium (CSF), pp. 204–217. IEEE (2018)

Krupp, J., Rossow, C.: teEther: gnawing at ethereum to automatically exploit smart contracts. In: 27th USENIX Security Symposium (USENIX Security 2018), pp. 1317–1333 (2018)

Luu, L., Chu, D.-H., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 254–269 (2016)

Jiang, B., Liu, Y., Chan, W.K.: ContractFuzzer: fuzzing smart contracts for vulnerability detection. In: 2018 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE), pp. 259–269. IEEE (2018)

10.

Albert, E., Gordillo, P., Livshits, B., Rubio, A., Sergey, I.: EthIR: a framework for high-level analysis of ethereum bytecode. In: Lahiri, S.K., Wang, C. (eds.) ATVA 2018. LNCS, vol. 11138, pp. 513–520. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01090-4_30CrossRef

11.

Gai, K., Qiu, M.: Reinforcement learning-based content-centric services in mobile sensing. IEEE Netw. 32(4), 34–39 (2018)CrossRef

12.

Mi, F., Wang, Z., Zhao, C., Guo, J., Ahmed, F., Khan, L.: VSCL: automating vulnerability detection in smart contracts with deep learning. In: 2021 IEEE International Conference on Blockchain and Cryptocurrency (ICBC), pp. 1–9. IEEE (2021)

13.

Zhuang, Y., Liu, Z., Qian, P., Liu, Q., Wang, X., He, Q.: Smart contract vulnerability detection using graph neural network. In: IJCAI, pp. 3283–3290 (2020)

14.

Zeng, Q., et al.: EtherGIS: a vulnerability detection framework for ethereum smart contracts based on graph learning features. In: IEEE 46th Annual Computers, Software, and Applications Conference (COMPSAC), pp. 1742–1749. IEEE (2022)

15.

Li, T., et al.: SmartVM: a smart contract virtual machine for fast on-chain DNN computations. IEEE Trans. Parallel Distrib. Syst. 33(12), 4100–4116 (2022)CrossRef

16.

Qiu, H., Qiu, M., Memmi, G., Ming, Z., Liu, M.: A dynamic scalable blockchain based communication architecture for IoT. In: Qiu, M. (ed.) SmartBlock 2018. LNCS, vol. 11373, pp. 159–166. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-05764-0_17CrossRef

17.

Gai, K., Wu, Y., Zhu, L., Zhang, Z., Qiu, M.: Differential privacy-based blockchain for industrial Internet-of-Things. IEEE Trans. Ind. Inf. 16(6), 4156–4165 (2019)CrossRef

18.

Tian, Z., Li, M., Qiu, M., Sun, Y., Su, S.: Block-DEF: a secure digital evidence framework using blockchain. Inf. Sci. 491, 151–165 (2019)CrossRef

19.

Contro, F., Crosara, M., Ceccato, M., Dalla Preda, M.: EtherSolve: computing an accurate control-flow graph from ethereum bytecode. In: 2021 IEEE/ACM 29th International Conference on Program Comprehension (ICPC), pp. 127–137. IEEE (2021)

Title: Block-gram: Mining Knowledgeable Features for Smart Contract Vulnerability Detection
Authors: Tao Li
Haolong Wang
Yaozheng Fang
Zhaolong Jian
Zichun Wang
Xueshuo Xie
Publisher: Springer Nature Switzerland
Book: Smart Computing and Communication
Print ISBN: 978-3-031-28123-5

Electronic ISBN: 978-3-031-28124-2

Copyright Year: 2023
DOI: https://doi.org/10.1007/978-3-031-28124-2_52

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner