POSTER: Multi-Block Fusion Mechanism for Multi-label Vulnerability Detection in Smart Contracts
Authors: 
Van Tong, Cuong Dao, Thep Dong, Hai Anh Tran, Duc Tran, Truong X. TranAuthors Info & Claims
Van Tong, Cuong Dao, Thep Dong, Hai Anh Tran, Duc Tran, Truong X. TranAuthors Info & ClaimsPages 1955 - 1957
Abstract
Ethereum smart contracts offer innovative ways to automate transactions and execute agreements within blockchain systems. However, its inherent complexity can lead to exploitable vulnerabilities. With the advent of large language models, many studies put a special focus on identifying vulnerabilities using these models. Nonetheless, language models are ineffective with the lengthy input sequences. To overcome this limitation, this work proposes a novel multi-label vulnerability detection mechanism using pre-trained language model CodeT5+ combined with a unique multi-block fusion. The results demonstrate that the proposed mechanism can achieve up to 0.998 F1-score and require only 0.39 ms of processing time on a collected dataset comprising 421,266 contracts from Ethereum.
References
[1]
TonTon Hsien-De Huang. 2018. Hunting the ethereum smart contract: Color-inspired inspection of potential attacks. arXiv preprint arXiv:1807.01868 (2018).
[2]
Alessandro Mantovani, Luca Compagna, Yan Shoshitaishvili, and Davide Balzarotti. 2022. The Convergence of Source Code and Binary Vulnerability Discovery-A Case Study. In Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security. 602--615.
[3]
Christoph Sendner, Huili Chen, Hossein Fereidooni, Lukas Petzi, Jan König, Jasper Stang, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, and Farinaz Koushanfar. 2023. Smarter Contracts: Detecting Vulnerabilities in Smart Contracts with Deep Transfer Learning. In NDSS.
[4]
Yue Wang, Hung Le, Akhilesh Deepak Gotmare, Nghi DQ Bui, Junnan Li, and Steven CH Hoi. 2023. Codet5+: Open code large language models for code understanding and generation. arXiv preprint arXiv:2305.07922 (2023).
Recommendations
SCVHunter: Smart Contract Vulnerability Detection Based on Heterogeneous Graph Attention Network
ICSE '24: Proceedings of the IEEE/ACM 46th International Conference on Software EngineeringSmart contracts are integral to blockchain's growth, but their vulnerabilities pose a significant threat. Traditional vulnerability detection methods rely heavily on expert-defined complex rules that are labor-intensive and dificult to adapt to the ...
Improving Smart Contract Security with Contrastive Learning-based Vulnerability Detection
ICSE '24: Proceedings of the IEEE/ACM 46th International Conference on Software EngineeringCurrently, smart contract vulnerabilities (SCVs) have emerged as a major factor threatening the transaction security of blockchain. Existing state-of-the-art methods rely on deep learning to mitigate this threat. They treat each input contract as an ...
GPTScan: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis
ICSE '24: Proceedings of the IEEE/ACM 46th International Conference on Software EngineeringSmart contracts are prone to various vulnerabilities, leading to substantial financial losses over time. Current analysis tools mainly target vulnerabilities with fixed control- or data-flow patterns, such as re-entrancy and integer overflow. However, a ...
Comments
Information & Contributors
Information
Published In
July 2024
1987 pages
ISBN:9798400704826
DOI:10.1145/3634737
- Chair:
- Jianying Zhou,
- Co-chair:
- Tony Q. S. Quek,
- Program Chairs:
- Debin Gao,
- Alvaro Cardenas
Copyright © 2024 Copyright held by the owner/author(s).
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the owner/author(s).
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 01 July 2024
Check for updates
Author Tags
Qualifiers
- Poster
Conference
ASIA CCS '24
Sponsor:
ASIA CCS '24: 19th ACM Asia Conference on Computer and Communications Security
July 1 - 5, 2024
Singapore, Singapore
Acceptance Rates
Overall Acceptance Rate 418 of 2,322 submissions, 18%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 87Total Downloads
- Downloads (Last 12 months)87
- Downloads (Last 6 weeks)16
Reflects downloads up to 03 Mar 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in