Vulnerability Detection in Smart Contracts Using Deep Learning

Gopali, Saroj; Khan, Zulfiqar Ali; Chhetri, Bipin; Karki, Bimal; Namin, Akbar Siami

doi:10.1109/compsac54236.2022.00197

Cited by 7 publications

(4 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This research focuses only on programming-based approaches. Hence machine learning [122] is not part of our domain. On the other hand, we incorporate tools that use rule-based, logic-based, or solver-based techniques for vulnerability detection.…”

Section: Ai-based Approachesmentioning

confidence: 99%

A Survey of Vulnerability Detection Techniques by Smart Contract Tools

Khan,

Namin

2024

IEEE Access

Self Cite

View full text Add to dashboard Cite

Ethereum Blockchain technology introduced a competitive environment in the financial sector. Consequently, new technologies emerged, such as Smart Contracts (SCs), which preclude code corrections due to their immutable nature. But the incorrect and faulty uploaded SCs led to uninvited penetrations into SCs' accounts, resulting in considerable customer losses. This SC's drawback requires tools to test the SCs and paves the way for research on vulnerability detection techniques. Our survey paper comprehensively reviews 41 SC tools and presents the vulnerability detection techniques (VDTs) of the several previously discussed tools by dividing them into general and specific classes. Finally, we also perform a classification of detection techniques to standardize the approaches. Thus, our study will help SC developers and security analysts to streamline the security of SCs and reduce the chances of malicious monetary transfers.

show abstract

Section: Ai-based Approachesmentioning

confidence: 99%

A Survey of Vulnerability Detection Techniques by Smart Contract Tools

Khan,

Namin

2024

IEEE Access

Self Cite

View full text Add to dashboard Cite

show abstract

“…Currently, there is a need to address the issue of integrating ML technologies with smart contract detection methods. A few papers provide an overview of the literature [12] [13] [14] [15] [16] have been proposed and they have been using machine learning models to detect vulnerabilities in smart contract All these deep learning methods papers are trying to extract features from opcode and label contracts with types of vulnerabilities of smart contract to prepare data and employ machine learning algorithms to detect vulnerabilities in smart contracts.…”

Section: Machine Learning Vulnerability Detection In Smart Contractmentioning

confidence: 99%

Power of Fuzzing and Machine Learning in Smart Contract Security Validation

Ali,

Chen

2023

Fuzzy Systems and Data Mining IX

View full text Add to dashboard Cite

Blockchain technology revolutionized digital payments and transactions by introducing disruptive capabilities. It operates through smart contracts, automated software code facilitating transactions without intermediaries. Smart contracts, written in various languages, have gained popularity but are vulnerable to logic flaws and security threats, potentially leading to financial losses and undermining blockchain integrity. Validating their security is essential, although current tools only detect specific attacks, lacking a comprehensive automated solution. This article presents a two-stage process wherein the initial phase involves the extraction of characteristics from smart contracts through the analysis of abstract syntax trees (ASTs) and control flow graphs (CFGs). In order to improve the precision of our results, we can leverage the distinctive capabilities of the fuzzing technique to label the data prior to its integration into the training model. In the subsequent phase, approach is utilized neural decision tree (NDT) typically combines a decision tree structure with neural network components. The mixed-method approach is utilized, leveraging the distinct advantages offered by neural networks and decision trees. The purpose of this collaborative technique is to enhance the probability of identifying vulnerabilities in smart contracts. The experimental assessment yielded favorable outcomes in the detection of smart contract vulnerabilities, namely those pertaining to Reentrancy, integer overflow, and Block Number Dependency.

show abstract

“…In this regard, blockchain-based architectures have been considered to solve authentication challenges. In essence, the agreement between parties is based on smart contracts, but like any software program, smart contracts are susceptible to contain security vulnerabilities [13].…”

Section: (C) Blockchainmentioning

confidence: 99%

An Exploratory Study Gathering Security Requirements for the Software Development Process

Andrade,

Torres,

Ortiz-Garcés

et al. 2023

Electronics

View full text Add to dashboard Cite

Software development stands out as one of the most rapidly expanding markets due to its pivotal role in crafting applications across diverse sectors like healthcare, transportation, and finance. Nevertheless, the sphere of cybersecurity has also undergone substantial growth, underscoring the escalating significance of software security. Despite the existence of different secure development frameworks, the persistence of vulnerabilities or software errors remains, providing potential exploitation opportunities for malicious actors. One pivotal contributor to subpar security quality within software lies in the neglect of cybersecurity requirements during the initial phases of software development. In this context, the focal aim of this study is to analyze the importance of integrating security modeling by software developers into the elicitation processes facilitated through the utilization of abuse stories. To this end, the study endeavors to introduce a comprehensive and generic model for a secure software development process. This model inherently encompasses critical elements such as new technologies, human factors, and the management of security for the formulation of abuse stories and their integration within Agile methodological processes.

show abstract

Vulnerability Detection in Smart Contracts Using Deep Learning

Cited by 7 publications

References 22 publications

A Survey of Vulnerability Detection Techniques by Smart Contract Tools

A Survey of Vulnerability Detection Techniques by Smart Contract Tools

Power of Fuzzing and Machine Learning in Smart Contract Security Validation

An Exploratory Study Gathering Security Requirements for the Software Development Process

Contact Info

Product

Resources

About