Proceedings ArticleDOI
Smart Contracts Vulnerability Auditing with Multi-semantics
Zhen Yang,Jacky Keung,Miao Zhang,Yan Xiao,Yangyang Huang,Tik Hui +5 more
- pp 892-901
TLDR
The proposed method for smart contract vulnerability detection is able to analyze multiple semantic contexts and successfully detects more true vulnerabilities with high precision, outperforming that of the baseline approaches.Abstract:
Smart contracts vulnerability auditing is vitally critical to ensure transaction execution in normal on blockchain. The current data-driven approaches normally tokenize smart contracts into a series of sequences according to only one tokenization standard for vulnerability detection purpose, resulting some of the semantic contexts could not be reflected within restricted sequence length. To address this limitation, we generate sequences from smart contracts in three tokenization standards for which we utilize n-gram language model to capture semantic contexts respectively, and finally exploiting our effective combination strategy of Intersection or Union to integrate the audited results from multiple semantic contexts. In order to evaluate the proposed approach, we applied it on over 7200 Ethereum smart contract samples. Experimental result shows our proposed method is capable of detecting vulnerabilities and competitive with the baseline in test sets, with improved precision of over 44% when Intersection is applied in their results, as well as improved Recall measure up by over 300% and F-measure up by 220% when Union is applied. Our proposed method for smart contract vulnerability detection, an important tool for developing quality decentralized software applications, is able to analyze multiple semantic contexts and successfully detects more true vulnerabilities with high precision, outperforming that of the baseline approaches.read more
Citations
More filters
Proceedings ArticleDOI
A Multi-Modal Transformer-based Code Summarization Approach for Smart Contracts
TL;DR: Zhang et al. as mentioned in this paper proposed a Multi-Modal Transformer-based (MMTrans) code summarization approach for smart contracts, which learns the representation of source code from the two heterogeneous modalities of the Abstract Syntax Tree (AST), i.e., Structure-based Traversal (SBT) sequences and graphs.
Journal ArticleDOI
Review of Automated Vulnerability Analysis of Smart Contracts on Ethereum
TL;DR: A systematic literature review (SLR) to assess the state of the art regarding automated vulnerability analysis of smart contracts on Ethereum with a focus on classifications of vulnerabilities, detection methods, security analysis tools, and benchmarks for the assessment of tools.
Posted Content
A Multi-Modal Transformer-based Code Summarization Approach for Smart Contracts
TL;DR: Zhang et al. as mentioned in this paper proposed a Multi-Modal Transformer-based (MMTrans) code summarization approach for smart contracts, which learns the representation of source code from the two heterogeneous modalities of the Abstract Syntax Tree (AST), i.e., Structure-based Traversal (SBT) sequences and graphs.
References
More filters
Book
Foundations of Statistical Natural Language Processing
TL;DR: This foundational text is the first comprehensive introduction to statistical natural language processing (NLP) to appear and provides broad but rigorous coverage of mathematical and linguistic foundations, as well as detailed discussion of statistical methods, allowing students and researchers to construct their own implementations.
Ethereum: A Secure Decentralised Generalised Transaction Ledger
TL;DR: Ethereum as mentioned in this paper is a transactional singleton machine with shared state, which can be seen as a simple application on a decentralised, but singleton, compute resource, and it provides a plurality of resources, each with a distinct state and operating code but able to interact through a message-passing framework with others.
Proceedings Article
KenLM: Faster and Smaller Language Model Queries
TL;DR: KenLM is a library that implements two data structures for efficient language model queries, reducing both time and memory costs and is integrated into the Moses, cdec, and Joshua translation systems.
Proceedings ArticleDOI
Making Smart Contracts Smarter
TL;DR: This paper investigates the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies, and proposes ways to enhance the operational semantics of Ethereum to make contracts less vulnerable.
Posted Content
Making Smart Contracts Smarter.
TL;DR: Oyente as discussed by the authors is a symbolic execution tool to find potential security bugs in the execution of smart contracts based on Ethereum in an open distributed network like those of Bitcoin and Ethereum.
Related Papers (5)
SolAnalyser: A Framework for Analysing and Testing Smart Contracts
Sefa Akca,Ajitha Rajan,Chao Peng +2 more