SODA: A Generic Online Detection Framework for Smart Contracts

Chen, Ting; Cao, Rong; Li, Ting; Wang, Liu; Gu, Guofei; Zhang, Yufei; Liao, Zhou; Zhu, Hang; Chen, Gang; He, Zheyuan; Tang, Yuxing; Lin, Xiaodong; Zhang, Xiaosong

doi:10.14722/ndss.2020.24449

Cited by 74 publications

(62 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As shown in Figure 1, in the second stage, the framework in [10] is used to collect complete transaction data, including internal transactions and external transactions, and then build different relationship graphs based on the attack data set of the first stage because different attack types have very different natures. For example, DDoS attacks do not involve profit from the attack, so we do not need to pay too much attention to the flow of money.…”

Section: Methodsmentioning

confidence: 99%

“…Even now, there are still many attackers active on Ethereum. ere are many ways to detect Ethereum contract vulnerabilities [7][8][9][10][11][12], and some people have studied the behavior of users on DAPPs [13]. However, few people trace the origin of the attackers.…”

Section: Introductionmentioning

confidence: 99%

“…Chen [10] has designed a set of frameworks on which to write corresponding APPs to detect different types of attacks. Using this framework can obtain a large number of attack data sets [16].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Attacker Traceability on Ethereum through Graph Analysis

Zhu

Niu

Liao

et al. 2022

Security and Communication Networks

Self Cite

View full text Add to dashboard Cite

Since the Ethereum virtual machine is Turing complete, Ethereum can implement various complex logics such as mutual calls and nested calls between functions. Therefore, Ethereum has suffered a lot of attacks since its birth, and there are still many attackers active in Ethereum transactions. To this end, we propose a traceability method on Ethereum, using graph analysis to track attackers. We collected complete user transaction data to construct the graph and analyzed data on several harmful attacks, including reentry attacks, short address attacks, DDoS attacks, and Ponzi contracts. Through graph analysis, we found accounts that are strongly associated with these attacks and are still active. We have done a systematic analysis of these accounts to analyze their threats. Finally, we also analyzed the correlation between the information collected through RPC and these accounts and finally found that some accounts can find their IP addresses.

show abstract

Section: Methodsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Attacker Traceability on Ethereum through Graph Analysis

Zhu

Niu

Liao

et al. 2022

Security and Communication Networks

Self Cite

View full text Add to dashboard Cite

show abstract

“…The recent progress in big data analytics on blockchain data brings the opportunities to remedy the security vulnerabilities of blockchain. For example, the recent work [162] presented a framework to collect blockchain data and detect various attacks occurring on blockchain.…”

Section: B Secure Iiot Critical Infrastructuresmentioning

confidence: 99%

Convergence of Blockchain and Edge Computing for Secure and Scalable IIoT Critical Infrastructures in Industry 4.0

Dai

Wang

2021

IEEE Internet Things J.

214

View full text Add to dashboard Cite

Critical infrastructure systems are vital to underpin the functioning of a society and economy. Due to ever-increasing number of Internet-connected Internet-of-Things (IoTs) / Industrial IoT (IIoT), and high volume of data generated and collected, security and scalability are becoming burning concerns for critical infrastructures in industry 4.0. The blockchain technology is essentially a distributed and secure ledger that records all the transactions into a hierarchically expanding chain of blocks. Edge computing brings the cloud capabilities closer to the computation tasks. The convergence of blockchain and edge computing paradigms can overcome the existing security and scalability issues. In this paper, we first introduce the IoT/IIoT critical infrastructure in industry 4.0, and then we briefly present the blockchain and edge computing paradigms. After that, we show how the convergence of these two paradigms can enable secure and scalable critical infrastructures. Then, we provide a survey on state-of-the-art for security and privacy, and scalability of IoT/IIoT critical infrastructures. A list of potential research challenges and open issues in this area is also provided, which can be used as useful resources to guide future research.

show abstract

“…Lazarus monitors the software stack of each blockchain node for newly found or zeroday exploits and quarantines affected replicas. A number of tools exist for formal verification and vulnerability detection of Ethereum smart contracts, including both offline scanners [12], [13] and online detection frameworks [14].…”

Section: Related Workmentioning

confidence: 99%

Detecting Blockchain Security Threats

Putz

Pernul

2020

2020 IEEE International Conference on Blockchain (Blockchain)

View full text Add to dashboard Cite

In many organizations, permissioned blockchain networks are currently transitioning from a proof-of-concept stage to production use. A crucial part of this transition is ensuring awareness of potential threats to network operations. Due to the plethora of software components involved in distributed ledgers, threats may be difficult or impossible to detect without a structured monitoring approach. To this end, we conduct a survey of attacks on permissioned blockchains and develop a set of threat indicators. To gather these indicators, a data processing pipeline is proposed to aggregate log information from relevant blockchain components, enriched with data from external sources. To evaluate the feasibility of monitoring current blockchain frameworks, we determine relevant data sources in Hyperledger Fabric. Our results show that the required data is mostly available, but also highlight significant improvement potential with regard to threat intelligence, chaincode scanners and built-in metrics.

show abstract

SODA: A Generic Online Detection Framework for Smart Contracts

Cited by 74 publications

References 23 publications

Attacker Traceability on Ethereum through Graph Analysis

Attacker Traceability on Ethereum through Graph Analysis

Convergence of Blockchain and Edge Computing for Secure and Scalable IIoT Critical Infrastructures in Industry 4.0

Detecting Blockchain Security Threats

Contact Info

Product

Resources

About