Abstract
Since the establishment of the global decentralized application platform Ethereum in 2015, decentralized applications based on smart contracts have developed rapidly. While smart contracts are widely used in blockchain, they also face more and more security risks, and smart contract vulnerability detection becomes more and more important. Therefore, aiming at the problems that the existing bytecode-based vulnerability multi-label detection methods use a large number of length violence stages, which may lose key vulnerability information and cause misjudgment, resulting in low accuracy of contract vulnerability detection results and lack of multi-label classification, this paper proposes an intelligent contract vulnerability multi-label detection method based on expert knowledge and pre-training technology. This method combines expert knowledge, Bi-LSTM and attention mechanism, and uses smart contract opcode to construct pre-training language model and multi-label classification model. The experimental results show that the accuracy, precision, recall and F1 score of the proposed scheme are improved, and five types of smart contract vulnerabilities can be accurately identified.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Szabo, N.: Smart contracts: building blocks for digital markets. EXTROPY: J. Transhumanist Thought, (16) 18(2), 28 (1996)
Zhuang, Y., Liu, Z., Qian, P., Liu, Q., Wang, X., He, Q.: Smart contract vulnerability detection using graph neural network. In: IJCAI, pp. 3283–3290 (2020)
Mehar, M.I., et al.: Understanding a revolutionary and flawed grand experiment in blockchain: the DAO attack. J. Cases Inform. Technol. (JCIT) 21(1), 19–32 (2019)
Fu, M., Wu, L., Hong, Z., Feng, W.: Research on vulnerability mining technique for smart contracts. J. Comput. Appl. 39(7), 1959 (2019)
Hu, Z., Tsai, W.-T., Zhang, L.: Smart-contract vulnerability detection method based on deep learning. In: Smart Computing and Communication: 7th International Conference, SmartCom 2022, New York City, NY, USA, November 18–20, 2022, Proceedings, pp. 450–460. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-28124-2_43
Momeni, P., Wang, Y., Samavi, R.: Machine learning model for smart contracts security analysis. In: 2019 17th International Conference on Privacy, Security and Trust (PST), pp. 1–6. IEEE (2019)
Eshghie, M., Artho, C., Gurov, D.: Dynamic vulnerability detection on smart contracts using machine learning. In: Evaluation and Assessment in Software Engineering, pp. 305–312 (2021)
Yu, X., Zhao, H., Hou, B., Ying, Z., Wu, B.: DeeSCVHunter: a deep learning-based framework for smart contract vulnerability detection. In: 2021 International Joint Conference on Neural Networks (IJCNN), pp. 1–8. IEEE (2021)
Alhuzali, H., Ananiadou, S.: SpanEmo: casting multi-label emotion classification as span-prediction. arXiv preprint arXiv:2101.10038 (2021)
Yogarajan, V., Montiel, J., Smith, T., Pfahringer, B.: Seeing the whole patient: using multi-label medical text classification techniques to enhance predictions of medical codes. arXiv preprint arXiv:2004.00430 (2020)
Irving, G., Holden, J.: How blockchain-timestamped protocols could improve the trustworthiness of medical science. F1000Research 5 (2016)
Mikolov, T., Sutskever, I., Chen, K., Corrado, G.S., Dean, J.: Distributed representations of words and phrases and their compositionality. In: Advances in Neural Information Processing Systems, vol. 26 (2013)
Jiang, B., Liu, Y., Chan, W.K.: ContractFuzzer: fuzzing smart contracts for vulnerability detection. In: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering, pp. 259–269 (2018)
Tsankov, P., Dan, A., Drachsler-Cohen, D., Gervais, A., Buenzli, F., Vechev, M.: Securify: practical security analysis of smart contracts. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 67–82 (2018)
Bahdanau, D., Cho, K., Bengio, Y.: Neural machine translation by jointly learning to align and translate. arXiv preprint arXiv:1409.0473 (2014)
Huang, J., Zhou, K., Xiong, A., Li, D.: Smart contract vulnerability detection model based on multi-task learning. Sensors 22(5), 1829 (2022)
Sorower, M.S.: A literature survey on algorithms for multi-label learning. Or. State University, Corvallis 18(1), 25 (2010)
Acknowledgments
This research is funded by the National Key R&D Program of China (No. 2020YFB1006002).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Jiang, C., Sun, G., Shen, J., Yue, B., Zhang, Y. (2024). Multi-label Detection Method for Smart Contract Vulnerabilities Based on Expert Knowledge and Pre-training Technology. In: Tari, Z., Li, K., Wu, H. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2023. Lecture Notes in Computer Science, vol 14491. Springer, Singapore. https://doi.org/10.1007/978-981-97-0808-6_17
Download citation
DOI: https://doi.org/10.1007/978-981-97-0808-6_17
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-97-0807-9
Online ISBN: 978-981-97-0808-6
eBook Packages: Computer ScienceComputer Science (R0)