Smart Contracts Vulnerability Auditing With Multi-Semantics
Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review
Author(s)
Related Research Unit(s)
Detail(s)
| Original language | English |
|---|---|
| Title of host publication | Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020 |
| Editors | W. K. Chan, Bill Claycomb, Hiroki Takakura |
| Place of Publication | Los Alamitos, Calif. |
| Publisher | Institute of Electrical and Electronics Engineers, Inc. |
| Pages | 892-901 |
| ISBN (electronic) | 978-1-7281-7303-0 |
| ISBN (print) | 978-1-7281-7304-7 |
| Publication status | Published - Jul 2020 |
Publication series
| Name | Proceedings - IEEE Annual Computers, Software, and Applications Conference, COMPSAC |
|---|---|
| ISSN (Print) | 0730-3157 |
Conference
| Title | 44th IEEE Computer Society International Conference on Computers, Software, and Applications (COMPSAC 2020) |
|---|---|
| Location | Virtual |
| Place | Spain |
| City | Madrid |
| Period | 13 - 17 July 2020 |
Link(s)
Abstract
Smart contracts vulnerability auditing is vitally critical to ensure transaction execution in normal on blockchain. The current data-driven approaches normally tokenize smart contracts into a series of sequences according to only one tokenization standard for vulnerability detection purpose, resulting some of the semantic contexts could not be reflected within restricted sequence length.
To address this limitation, we generate sequences from smart contracts in three tokenization standards for which we utilize n-gram language model to capture semantic contexts respectively, and finally exploiting our effective combination strategy of Intersection or Union to integrate the audited results from multiple semantic contexts. In order to evaluate the proposed approach, we applied it on over 7200 Ethereum smart contract samples. Experimental result shows our proposed method is capable of detecting vulnerabilities and competitive with the baseline in test sets, with improved precision of over 44% when Intersection is applied in their results, as well as improved Recall measure up by over 300% and F-measure up by 220% when Union is applied. Our proposed method for smart contract vulnerability detection, an important tool for developing quality decentralized software applications, is able to analyze multiple semantic contexts and successfully detects more true vulnerabilities with high precision, outperforming that of the baseline approaches.
To address this limitation, we generate sequences from smart contracts in three tokenization standards for which we utilize n-gram language model to capture semantic contexts respectively, and finally exploiting our effective combination strategy of Intersection or Union to integrate the audited results from multiple semantic contexts. In order to evaluate the proposed approach, we applied it on over 7200 Ethereum smart contract samples. Experimental result shows our proposed method is capable of detecting vulnerabilities and competitive with the baseline in test sets, with improved precision of over 44% when Intersection is applied in their results, as well as improved Recall measure up by over 300% and F-measure up by 220% when Union is applied. Our proposed method for smart contract vulnerability detection, an important tool for developing quality decentralized software applications, is able to analyze multiple semantic contexts and successfully detects more true vulnerabilities with high precision, outperforming that of the baseline approaches.
Research Area(s)
- Software Engineering, Smart Contract, Ethereum, N-gram Language Model, Vulnerability Auditing
Citation Format(s)
Smart Contracts Vulnerability Auditing With Multi-Semantics. / Yang, Zhen; Keung, Jacky; Zhang, Miao et al.
Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020. ed. / W. K. Chan; Bill Claycomb; Hiroki Takakura. Los Alamitos, Calif.: Institute of Electrical and Electronics Engineers, Inc., 2020. p. 892-901 9202747 (Proceedings - IEEE Annual Computers, Software, and Applications Conference, COMPSAC).
Proceedings - 2020 IEEE 44th Annual Computers, Software, and Applications Conference, COMPSAC 2020. ed. / W. K. Chan; Bill Claycomb; Hiroki Takakura. Los Alamitos, Calif.: Institute of Electrical and Electronics Engineers, Inc., 2020. p. 892-901 9202747 (Proceedings - IEEE Annual Computers, Software, and Applications Conference, COMPSAC).
Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review
