Automation and smart materials in detecting smart contracts vulnerabilities in Blockchain using deep learning

Narayana, K. Lakshmi; Sathiyamurthy, K.

doi:10.1016/j.matpr.2021.04.125

Cited by 14 publications

(13 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Recently, several works investigated using machine learning methods to analyze smart contracts [21,88,91,95,128,138,140,145,168,212,223,225,241]. Machine learning methods learn from data and build predictions.…”

Section: Machine Learning Methodsmentioning

confidence: 99%

Pre-deployment Analysis of Smart Contracts -- A Survey

Munir¹,

Taha²

2023

Preprint

View full text Add to dashboard Cite

Smart contracts are programs that execute transactions involving independent parties and cryptocurrencies. As programs, smart contracts are susceptible to a wide range of errors and vulnerabilities. Such vulnerabilities can result in significant losses. Furthermore, by design, smart contract transactions are irreversible. This creates a need for methods to ensure the correctness and security of contracts pre-deployment. Recently there has been substantial research into such methods. The sheer volume of this research makes articulating state-of-the-art a substantial undertaking. To address this challenge, we present a systematic review of the literature. A key feature of our presentation is to factor out the relationship between vulnerabilities and methods through properties. Specifically, we enumerate and classify smart contract vulnerabilities and methods by the properties they address. The methods considered include static analysis as well as dynamic analysis methods and machine learning algorithms that analyze smart contracts before deployment.Several patterns about the strengths of different methods emerge through this classification process.CCS Concepts: • General and reference → Surveys and overviews; • Software and its engineering → Automated static analysis; Dynamic analysis; Software verification.

show abstract

Section: Machine Learning Methodsmentioning

confidence: 99%

Pre-deployment Analysis of Smart Contracts -- A Survey

Munir¹,

Taha²

2023

Preprint

View full text Add to dashboard Cite

show abstract

“…"Block reorganization can result in the original block being replaced in the blockchain when a miner produces a new block at the same block height as an existing block. This may result in a modification to the block number for a specific contract call or transaction [6]. d. The use of the delegatecall opcode, which enables a contract to execute code from another contract while preserving the context of the calling contract, is the reason behind the delegatecall vulnerability in smart contracts.…”

Section: Occurrence Of Vulnerabilitiesmentioning

confidence: 99%

Examination of Approaches for Identifying Vulnerabilities in Smart Contracts

Janhavi Satam

2024

jes

View full text Add to dashboard Cite

Objective: By reviewing various previous works, this paper collects the multiple of approaches, strategies used to identify vulnerabilities in smart contracts. Blockchain is a decentralized technology that securely and immutably, records transactions across numerous computers in a visible manner. On a blockchain, smart contracts are self-executing agreements that independently execute and verify contract conditions. This reduces the need for middlemen and increases transparency. Smart contract vulnerabilities are problems in the code that could allow other parties to gain access to, alter, or steal assets as a result of mistakes, faults or imperfections made during development, thereby causing financial and operational harm. In this paper we have algorithms, techniques to detect vulnerabilities in smart contract using deep learning found in literature surveys. Methods: We have found some techniques using opcode, bytecode, Skip-Gram-Word2Vec to convert the smart contract file. Findings: We have found that LSTM, Vanilla-RNN, GRU have very less accuracy 49.64,53.68,54.54. Novelty & Applications: We will come with some different algorithms that will understand different vulnerability with more accuracy. We have come with CNN, Xception, EfficientNet-B2 which has accuracy high then LSTM, Vanilla-RNN, GRU i.e.71,69,75 percent.

show abstract

“…Reentrancy vulnerability [10,15]: In which they can take on the control flow and modify your data that is not expected by the call function. There are numerous shapes this bug class might take.…”

Section: Fig 1 Ethereum Blockchain Networkmentioning

confidence: 99%

“…Lakshminarayana. K et al [15] experimented with basic classification methods, which are binary classification, multiclass classification, multi-label classification, and auto encoding techniques to detect smart contract vulnerabilities, which are reentrancy, DOS, and Tx.origin. The proposed paper also tries to improve detection results of the same vulnerabilities using a combination of two techniques, which are the contract snippets, n-gram features, and the XGBoost classification technique.…”

Section: Literature Workmentioning

confidence: 99%

Towards Auto Contract Generation and Ensemble-based Smart Contract Vulnerability Detection

Lakshminarayana

Sathiyamurthy

2022

Int. j. electr. comput. eng. syst. (Online)

View full text Add to dashboard Cite

Smart contracts (SC) are computer programs that are major components of Blockchain. The "intelligent contract" is made up of the rules accepted by the parties concerned. When the transactions started by the parties obey these established rules, then only their transactions will be completed without the involvement of a third party. Because of the simplicity and succinct nature of the solidity language, most smart contracts are written in this language. Smart contracts have two limitations, which are vulnerabilities in SC and that smart contracts can't be understood by all stakeholders, especially non-technical people who are involved in the business, since they are written in a programming language. Hence, the proposed paper used the XGBoost model and BPMN (Business Process Modeling Notation) tool to solve the first and second limitations of the SC respectively. Attackers are drawn to attention because of the popularity and fragility of the Solidity language. Once smart contracts have been launched, they can’t be changed. If that smart contract is vulnerable, attackers may then cash it. BPMN is used to represent business rules or contracts in graphical notation, so everyone involved in the business can understand the business rules. This BPMN diagram can be converted into a smart contract template through the BPMN-SOL tool. A few publications and existing tools exist on smart contract vulnerability detection, but they require more time to forecast and interpretation of vulnerability causes is also difficult. Thus, the proposed model experimented with several deep learning approaches and improved F1 score results by an average of 2% using the XGBoost model based on the ensemble technique to detect vulnerabilities of SCs, which are: Denial of Service (DOS), Unchecked external call, Re-entrancy, and Origin of Transaction. This paper also combined two important features to construct a data set, which are code snippets and n-grams.

show abstract

Automation and smart materials in detecting smart contracts vulnerabilities in Blockchain using deep learning

Cited by 14 publications

References 11 publications

Pre-deployment Analysis of Smart Contracts -- A Survey

Pre-deployment Analysis of Smart Contracts -- A Survey

Examination of Approaches for Identifying Vulnerabilities in Smart Contracts

Towards Auto Contract Generation and Ensemble-based Smart Contract Vulnerability Detection

Contact Info

Product

Resources

About