Path-Sensitive Oracle Data Selection via Static Analysis

Zhang, Mingzhe; Gong, Yi; Wang, Yawen; Jin, Dahai

doi:10.3390/electronics10020110

Cited by 1 publication

(1 citation statement)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The trend of smart contract vulnerability detection techniques [2] has emerged under classifications such as static analysis [3], dynamic analysis [4], and code translation mechanisms, according to research. Static analysis approaches used by vulnerability detection tools [13] include control flow analysis [5], [6], [7], pattern matching [8], [9], data flow analysis [10], [11], and symbolic execution [12]. Since it is convenient and does not involve running the program, static analysis has long been used to scrutinise the complex behaviour of programs.…”

Section: Introductionmentioning

confidence: 99%

A Vulnerability Detection Approach for Automated Smart Contract Using Enhanced Machine Learning Techniques

Sosu

Chen

Brown-Acquaye

et al. 2022

Preprint

View full text Add to dashboard Cite

A typical contract would necessitate the use of an intermediary, make a payment to them, then wait for the record to return. Through a smart contract, though, it is as easy as putting the bitcoin into the vending machine, and the products would be published instantly. Smart contracts are Blockchain-based autonomous software. On Ethereum, a vast number of smart contracts have been deployed. Meanwhile, transaction security vulnerabilities have resulted in significant financial damages and have harmed the contract layer’s ecological integrity on Blockchain. As a result, detecting contract bugs reliably and efficiently is a new yet critical problem. Currently, available identification approaches, such as Oyente and Securify, depend primarily on symbolic execution or analysis. Since symbolic execution necessitates the discovery of all executable routes or the study of dependence diagrams in a contract, these approaches are time-consuming. In this paper, we suggest SmartPol, a machine learning-based method for detecting vulnerabilities in smart contracts. First, we use a data pre-processor to clean up the data before extracting features and classifying them. Second, we present a PSOGSA-based method for data optimisation and function extraction and a TSVM-based approach for semi-supervised learning classification models to identify smart contract vulnerabilities automatically. On EtherScan, SmartPol was used to test 49512 real-world smart contracts. The experimental findings show SmartPol’s reliability and efficacy. When we use PSOGSA for function extraction and TSVM classification sets, SmartPol’s predictive precision and accuracy are over 96%, and the average prediction time is 4 seconds on each smart contract.

show abstract