Skip to main content
SpringerLink
Log in

Typical Contract Graph Feature Enhanced Smart Contract Vulnerability Detection

  • Conference paper
  • First Online:
Pattern Recognition (ACPR 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14407))

Included in the following conference series:

  • 316 Accesses

Abstract

Due to the significant losses caused by vulnerabilities, the security of smart contracts has attracted widespread attention and research. Existing methods for detecting smart contract vulnerabilities can be classified into traditional detection methods and machine learning-based detection methods. Traditional detection methods rely on fixed expert rules, which result in low robustness and inability to identify complex vulnerability patterns. Machine learning-based detection methods have shown better performance than traditional detection methods. However, some mainstream methods have not fully explored the relationship between contract types and vulnerabilities. In this paper, we attempt to construct typical contract graphs using clustering methods to further extract the type features of smart contracts. We concatenate the type features with the overall semantic syntax features of smart contracts, achieving data enhancement of smart contract features. We evaluate our method on an Ethereum smart contract dataset, and our method achieves an accuracy of 89.28% and a recall rate of 89.08% for detecting reentrancy and timestamp vulnerabilities.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 79.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://github.com/Messi-Q/Smart-Contract-Dataset.

References

  1. Sayeed, S., Marco-Gisbert, H., Caira, T.: Smart contract: attacks and protections. IEEE Access 8, 24416–24427 (2020)

    Article  Google Scholar 

  2. Torres, C.F., Schütte, J., State, R.: Osiris: Hunting for integer bugs in ethereum smart contracts. In: Proceedings of the 34th Annual Computer Security Applications Conference, pp. 664–676 (2018)

    Google Scholar 

  3. Luu, L., Chu, D.H., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 254–269 (2016)

    Google Scholar 

  4. Mueller, B.: Mythril-reversing and bug hunting framework for the ethereum blockchain (2017)

    Google Scholar 

  5. Tikhomirov, S., Voskresenskaya, E., Ivanitskiy, I., Takhaviev, R., Marchenko, E., Alexandrov, Y.: Smartcheck: static analysis of ethereum smart contracts. In: Proceedings of the 1st International Workshop on Emerging Trends in Software Engineering for Blockchain, pp. 9–16 (2018)

    Google Scholar 

  6. Jiang, B., Liu, Y., Chan, W.K.: Contractfuzzer: fuzzing smart contracts for vulnerability detection. In: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering, pp. 259–269 (2018)

    Google Scholar 

  7. Gogineni, A.K., Swayamjyoti, S., Sahoo, D., Sahu, K.K., Kishore, R.: Multi-class classification of vulnerabilities in smart contracts using AWD-LSTM, with pre-trained encoder inspired from natural language processing. IOP Sci. Notes 1(3), 035002 (2020)

    Article  Google Scholar 

  8. Zhuang, Y., Liu, Z., Qian, P., Liu, Q., Wang, X., He, Q.: Smart contract vulnerability detection using graph neural network. In: IJCAI, pp. 3283–3290 (2020)

    Google Scholar 

  9. Liu, Z., Qian, P., Wang, X., Zhuang, Y., Qiu, L., Wang, X.: Combining graph neural networks with expert knowledge for smart contract vulnerability detection. IEEE Trans. Knowl. Data Eng. (2021)

    Google Scholar 

  10. Nguyen, H.H., et al.: Mando: multi-level heterogeneous graph embeddings for fine-grained detection of smart contract vulnerabilities. arXiv preprint arXiv:2208.13252 (2022)

  11. Wohrer, M., Zdun, U.: Smart contracts: security patterns in the ethereum ecosystem and solidity. In: 2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE), pp. 2–8. IEEE (2018)

    Google Scholar 

  12. Scarselli, F., Gori, M., Tsoi, A.C., Hagenbuchner, M., Monfardini, G.: The graph neural network model. IEEE Trans. Neural Netw. 20(1), 61–80 (2008)

    Article  Google Scholar 

  13. Kipf, T.N., Welling, M.: Semi-supervised classification with graph convolutional networks. arXiv preprint arXiv:1609.02907 (2016)

  14. Vaswani, A., et al.: Attention is all you need. Adv. Neural Inf. Process. Syst. 30 (2017)

    Google Scholar 

  15. Allamanis, M., Brockschmidt, M., Khademi, M.: Learning to represent programs with graphs. In: International Conference on Learning Representations

    Google Scholar 

  16. Hu, T., et al.: Transaction-based classification and detection approach for ethereum smart contract. Inf. Process. Manag. 58(2), 102462 (2021)

    Google Scholar 

  17. Huang, Y., Kong, Q., Jia, N., Chen, X., Zheng, Z.: Recommending differentiated code to support smart contract update. In: 2019 IEEE/ACM 27th International Conference on Program Comprehension (ICPC), pp. 260–270. IEEE (2019)

    Google Scholar 

  18. Neamtiu, I., Foster, J.S., Hicks, M.: Understanding source code evolution using abstract syntax tree matching. In: Proceedings of the 2005 International Workshop on Mining Software Repositories, pp. 1–5 (2005)

    Google Scholar 

  19. Feist, J., Grieco, G., Groce, A.: Slither: a static analysis framework for smart contracts. In: 2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), pp. 8–15. IEEE (2019)

    Google Scholar 

  20. Liu, C., Liu, H., Cao, Z., Chen, Z., Chen, B., Roscoe, B.: Reguard: finding reentrancy bugs in smart contracts. In: Proceedings of the 40th International Conference on Software Engineering: Companion Proceedings, pp. 65–68 (2018)

    Google Scholar 

  21. Tsankov, P., Dan, A., Drachsler-Cohen, D., Gervais, A., Buenzli, F., Vechev, M.: Securify: practical security analysis of smart contracts. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 67–82 (2018)

    Google Scholar 

  22. Shi, M., Tang, Y., Zhu, X., Wilson, D., Liu, J.: Multi-class imbalanced graph convolutional network learning. In: Proceedings of the Twenty-Ninth International Joint Conference on Artificial Intelligence (IJCAI-20) (2020)

    Google Scholar 

  23. Praitheeshan, P., Pan, L., Yu, J., Liu, J., Doss, R.: Security analysis methods on ethereum smart contract vulnerabilities: a survey. arXiv preprint arXiv:1908.08605 (2019)

Download references

Acknowledgments

This research is founded by the National Key R &D Program of China (No. 2020YFB1006002).

Author information

Authors and Affiliations

  1. School of Information and Communication Engineering, University of Electronic Science and Technology of China, Chengdu, 610000, China

    Chi Jiang, Manhua Shi & Yin Zhang

  2. Shenzhen Institute for Advanced Study, UESTC, University of Electronic Science and Technology of China, Shenzhen, 518000, China

    Yupeng Chen & Yin Zhang

Authors
  1. Chi Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yupeng Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Manhua Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yin Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yin Zhang .

Editor information

Editors and Affiliations

  1. Kyushu Institute of Technology, Kitakyushu, Fukuoka, Japan

    Huimin Lu

  2. The University of Sydney, Sydney, NSW, Australia

    Michael Blumenstein

  3. Yonsei University, Seoul, Korea (Republic of)

    Sung-Bae Cho

  4. Chinese Academy of Sciences, Bejing, China

    Cheng-Lin Liu

  5. Osaka University, Osaka, Ibaraki, Japan

    Yasushi Yagi

  6. Kyushu Institute of Technology, Kitakyushu, Japan

    Tohru Kamiya

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Jiang, C., Chen, Y., Shi, M., Zhang, Y. (2023). Typical Contract Graph Feature Enhanced Smart Contract Vulnerability Detection. In: Lu, H., Blumenstein, M., Cho, SB., Liu, CL., Yagi, Y., Kamiya, T. (eds) Pattern Recognition. ACPR 2023. Lecture Notes in Computer Science, vol 14407. Springer, Cham. https://doi.org/10.1007/978-3-031-47637-2_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-47637-2_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-47636-5

  • Online ISBN: 978-3-031-47637-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation