Abstract
Machine learning-based models are one of the main methods for detecting reentrant vulnerabilities. However, these models extract smart contract features only from a single form, resulting in incompleteness and inaccuracy of features. To address this problem, we propose a novel machine learning-based model for reentrant vulnerabilities detection. We extract and fuse features from abstract syntax trees, opcodes, control flow graph basic blocks, and combine machine learning algorithms for reentrant vulnerabilities detection. Additionally, to address the time-consuming problem of manual labeling, we also propose an approach for automatically adding dataset labels. We perform experiments on Smartbugs and SolidiFi-benchmark datasets and results show that our model outperforms existing models.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Badruddoja, S., Dantu, R., et al.: Making smart contracts smarter. In: IEEE International Conference on Blockchain and Cryptocurrency (2021)
Claudia, P., Tudor, C., Marcel, A., et al.: Blockchain based decentralized management of demand response programs in smart energy grids. Sensors 18, 162 (2018)
Dong, C., Li, Y., Tan, L.: A new approach to prevent reentrant attack in solidity smart contracts. In: CCF China Blockchain Conference (2019)
Durieux, T., Ferreira, J., Abreu, R., Cruz, P.: Empirical review of automated analysis tools on 47,587 ethereum smart contracts. In: ACM/IEEE 42nd International Conference on Software Engineering(2019)
Gai, K., Guo, J., Zhu, L., Yu, S.: Blockchain meets cloud computing: a survey. IEEE Comm. Surv. Tutor. (99), 1-1(2020)
Gai, K., Qiu, M., Zhao, H., Tao, L., Zong, Z.: Dynamic energy-aware cloudlet-based mobile cloud computing model for green computing. J. Netw. Comput. Appl. 59, 46–54 (2016)
Gai, K., Wu, Y., et al.: Privacy-preserving energy trading using consortium blockchain in smart grid. IEEE Trans. Indust. Inform. 15,3548–3558 (2019)
Gai, K., Wu, Y., et al.: Differential privacy-based blockchain for industrial internet-of-things. IEEE Trans. Indust. Inform. (99), 1-1 (2020)
Gai, K., Zhang, Y., et al.: Blockchain-enabled service optimizations in supply chain digital twin. IEEE TSC (2022)
Gao, X., Qiu, M.: Energy-based learning for preventing backdoor attack. In: KSEM (3). pp. 706–721 (2022)
Hu, F., Lakdawala, S., et al.: Low-power, intelligent sensor hardware interface for medical data preprocessing. IEEE TITB 13(4), 656–663 (2009)
Jianjun, H., Songming, H., et al.: Hunting vulnerable smart contracts via graph embedding based bytecode matching. IEEE Trans. Inf. Forens. Secur. 16, 2144–2156 (2021)
Li, Y., Gai, K., et al.: Intercrossed access controls for secure financial services on multimedia big data in cloud systems. In: ACM Trans. Multim. Cmput. Commun. Appl.12 (2016)
Li, Y., Song, Y., et al.: Intelligent fault diagnosis by fusing domain adversarial training and maximum mean discrepancy via ensemble learning. IEEE Trans. Inform. J. 17(4), 2833–2841 (2020)
Lu, N., Wang, B., et al.: Neucheck: a more practical ethereum smart contract security analysis tool. Softw. Pract. Exp. 51(7) (2021)
Marta, M., Norberto, M.: Consecuencias penales y tributarias a la modificación fraudulenta de los smart contracts. especial referencia al caso the dao. CEFLegal: revista práctica de derecho. Comentarios y casos prácticos (2020)
Pouyan, M., Yu, W., Reza, S.: Machine learning model for smart contracts security analysis. In: 17th International Conference on Privacy, Security and Trust (2019)
Qiu, H., Kapusta, K., et al.: All-or-nothing data protection for ubiquitous communication: Challenges and perspectives. Inf. Sci. 502, 434–445 (2019)
Qiu, H., Qiu, M., Lu, R.: Secure V2X communication network based on intelligent PKI and edge computing. IEEE Netw. 34(2), 172–178 (2019)
Qiu, H., Zheng, Q., et al.: Topological graph convolutional network-based urban traffic flow and density prediction. IEEE Trans. Intell. Transp. Syst. 22(7), 4560–4569 (2020)
Qiu, M., Qiu, H.: Review on image processing based adversarial example defenses in computer vision. In: IEEE 6th International Conference on BigDataSecurity. pp. 94–99 (2020)
Qiu, M., Qiu, H., et al.: Secure data sharing through untrusted clouds with blockchain-enabled key management. In: 2020 3rd International Conference on Smart BlockChain (SmartBlock), pp. 11–16 (2020)
Szabo, N.: Formalizing and securing relationships on public networks. First Monday (1997)
Xu, Y., Hu, G., You, L., Cao, C.: A novel machine learning-based analysis model for smart contract vulnerability. Secur. Commu. Netw. 2021, 5798033 (2021)
Zhao, H., Su, P., et al.: Gan-enabled code embedding for reentrant vulnerabilities detection. In: 23rd International Conference on Knowledge Engineering and Knowledge Management (2021)
Zhipeng, G., Vinoj, J., Lingxiao, J., et al.: Smartembed: a tool for clone and bug detection in smart contracts through structural code embedding. In: IEEE International Conference on Software Maintenance and Evolution (2019)
Acknowledgment
Natural Science Foundation of Shandong Province (Grant No. ZR2020ZD01).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Zhao, H., Su, P., Qiu, M. (2023). A Novel Machine Learning-Based Model for Reentrant Vulnerabilities Detection. In: Qiu, M., Lu, Z., Zhang, C. (eds) Smart Computing and Communication. SmartCom 2022. Lecture Notes in Computer Science, vol 13828. Springer, Cham. https://doi.org/10.1007/978-3-031-28124-2_27
Download citation
DOI: https://doi.org/10.1007/978-3-031-28124-2_27
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-28123-5
Online ISBN: 978-3-031-28124-2
eBook Packages: Computer ScienceComputer Science (R0)