Reentrancy Vulnerability Detection Based on Improved Attention Mechanism

被引:0
作者
Xu, Haoran [1 ]
Qiu, Meikang [2 ]
Zhao, Hui [1 ]
机构
[1] Henan Univ, Software Sch, Kaifeng 475000, Peoples R China
[2] Augusta Univ, Sch Comp & Cyber Sci, Augusta, GA 30912 USA
来源
KNOWLEDGE SCIENCE, ENGINEERING AND MANAGEMENT, PT III, KSEM 2024 | 2024年 / 14886卷
关键词
BlockChain; Smart Contracts; Attention Mechanism; Deep learning; Vulnerability Detection;
D O I
10.1007/978-981-97-5498-4_25
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
With smart contracts rapidly proliferating, the efficiency of existing detection methods is inadequate. Detecting loopholes in contracts is a critical concern, and in this article, we present a fragmented, symbolic representation of smart contracts aimed to capture vital vulnerability semantic information and control flow correlation. Furthermore, for in-depth analysis of vulnerabilities in extensive code fragments, we refine the conventional attention mechanism to balance attention weights based on code semantics and context-specific features. We also integrate the text classification model TextRNN with the improved attention mechanism (LinkAttention) to precisely identify reentrancy vulnerabilities. Our experimental studies conducted on diverse real-world smart contracts suggest that our method outperforms existing vulnerability detection tools.
引用
收藏
页码:324 / 335
页数:12
相关论文
共 24 条
[1]   Empirical Review of Automated Analysis Tools on 47,587 Ethereum Smart Contracts [J].
Durieux, Thomas ;
Ferreira, Joao F. ;
Abreu, Rui ;
Cruz, Pedro .
2020 ACM/IEEE 42ND INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE 2020), 2020, :530-541
[2]   Blockchain-Enabled Service Optimizations in Supply Chain Digital Twin [J].
Gai, Keke ;
Zhang, Yue ;
Qiu, Meikang ;
Thuraisingham, Bhavani .
IEEE TRANSACTIONS ON SERVICES COMPUTING, 2023, 16 (03) :1673-1685
[3]   Blockchain Meets Cloud Computing: A Survey [J].
Gai, Keke ;
Guo, Jinnan ;
Zhu, Liehuang ;
Yu, Shui .
IEEE COMMUNICATIONS SURVEYS AND TUTORIALS, 2020, 22 (03) :2009-2030
[4]   Privacy-Preserving Energy Trading Using Consortium Blockchain in Smart Grid [J].
Gai, Keke ;
Wu, Yulu ;
Zhu, Liehuang ;
Qiu, Meikang ;
Shen, Meng .
IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, 2019, 15 (06) :3548-3558
[5]   Throughput Maximization for Periodic Real-Time Systems under the Maximal Temperature Constraint [J].
Huang, Huang ;
Chaturvedi, Vivek ;
Quan, Gang ;
Fan, Jeffrey ;
Qiu, Meikang .
ACM TRANSACTIONS ON EMBEDDED COMPUTING SYSTEMS, 2014, 13
[6]   ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection [J].
Jiang, Bo ;
Liu, Ye ;
Chan, W. C. .
PROCEEDINGS OF THE 2018 33RD IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMTED SOFTWARE ENGINEERING (ASE' 18), 2018, :259-269
[7]  
Li Chong, 2019, Reinforcement Learning for Cyber-physical Systems: With Cybersecurity Case Studies
[8]   ReGuard: Finding Reentrancy Bugs in Smart Contracts [J].
Liu, Chao ;
Liu, Han ;
Cao, Zhao ;
Chen, Zhong ;
Chen, Bangdao ;
Roscoe, Bill .
PROCEEDINGS 2018 IEEE/ACM 40TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING - COMPANION (ICSE-COMPANION, 2018, :65-68
[9]   Making Smart Contracts Smarter [J].
Luu, Loi ;
Chu, Duc-Hiep ;
Olickel, Hrishi ;
Saxena, Prateek ;
Hobor, Aquinas .
CCS'16: PROCEEDINGS OF THE 2016 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2016, :254-269
[10]  
Meikang Qiu, 2006, Web Intelligence and Agent Systems, V4, P43
123