+高级检索
首页 > 优先出版
PDF HTML阅读 XML下载 导出引用 引用提醒
基于混合风格迁移的智能合约漏洞检测方法
作者:
作者单位:

1.广汽埃安新能源汽车股份有限公司;2.广州城市理工学院;3.广汽能源科技有限公司;4.华南理工大学;5.广州城市理工学院工程研究院

中图分类号:

TP391?


Smart Contract Vulnerability Detection Method Based on MixStyle Transfer
Author:
Affiliation:

1.Gac Aion New Energy Automobile Co., Ltd;2.Guangzhou City University of Technology;3.South China University of Technology;4.Engineering Research Institute, Guangzhou City University of Technology

  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [32]
    • | | | |
  • 文章评论
    摘要:

    研究提出了一种基于混合风格迁移的智能合约漏洞检测方法,旨在解决智能合约新漏洞出现时数据集不足和无法有效检测未知漏洞问题。该方法首先从智能合约源代码中提取抽象语法树,使用图注意力网络来捕获节点间的依赖关系和信息流;然后,采用最大均值差异来实现从旧漏洞到新漏洞的有效知识迁移,从而增加深度学习模型训练的数据量;最后,在分类器中融入MixStyle技术以增强模型的泛化能力并提高对新型漏洞类型的识别准确度。实验结果表明,在四种漏洞类型的检测上,该方法在F1、ACC、MCC指标上优于BLSTM-ATT、BiGAS、Peculiar方法。

    Abstract:

    The study proposes a smart contract vulnerability detection method based on MixStyle transfer, aiming to solve the problem of insufficient datasets and the inability to effectively detect unknown vulnerabilities when new vulnerabilities emerge in smart contracts. The method first extracts the abstract syntax tree from the smart contract source code and uses graph attention network to capture the dependencies and information flow between nodes; then, the Maximum Mean Discrepancy is used to achieve effective knowledge migration from old vulnerabilities to new ones, thus increasing the amount of data for deep learning model training; finally, the MixStyle technique is incorporated into the classifier to enhance the model"s generalization ability and improve the accuracy of identifying novel vulnerability types. The experimental results show that the method outperforms BLSTM-ATT, BiGAS, and Peculiar methods in F1, ACC, and MCC metrics for the detection of the four vulnerability types.

    参考文献
    [1] Tann W J W, Han X J, Gupta S S, et al. Towards safer smart contracts: A sequence learning approach to detecting security threats[J]. arXiv preprint arXiv:1811.06632, 2018.
    [2] Bhargavan K, Delignat-Lavaud A, Fournet C, et al. Formal verification of smart contracts: Short paper[C]//Proceedings of the 2016 ACM workshop on programming languages and analysis for security. 2016: 91-96.
    [3] Luu L, Chu D H, Olickel H, et al. Making smart contracts smarter[C]//Proceedings of the 2016 ACM SIGSAC conference on computer and communications security. 2016: 254-269.
    [4] Tsankov P, Dan A, Drachsler-Cohen D, et al. Securify: Practical security analysis of smart contracts[C]//Proceedings of the 2018 ACM SIGSAC conference on computer and communications security. 2018: 67-82.
    [5] Gao J, Liu H, Liu C, et al. Easyflow: Keep ethereum away from overflow[C]//2019 IEEE/ACM 41st International Conference on Software Engineering: Companion Proceedings (ICSE-Companion). IEEE, 2019: 23-26.
    [6] Nguyen T D, Pham L H, Sun J, et al. sfuzz: An efficient adaptive fuzzer for solidity smart contracts[C]//Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering. 2020: 778-788.
    [7] Choi J, Kim D, Kim S, et al. Smartian: Enhancing smart contract fuzzing with static and dynamic data-flow analyses[C]//2021 36th IEEE/ACM International Conference on Automated Software Engineering (ASE). IEEE, 2021: 227-239.
    [8] Liu Z, Qian P, Yang J, et al. Rethinking smart contract fuzzing: Fuzzing with invocation ordering and important branch revisiting[J]. IEEE Transactions on Information Forensics and Security, 2023, 18: 1237-1251.
    [9] Eshghie M, Artho C, Gurov D. Dynamic vulnerability detection on smart contracts using machine learning[C]//Proceedings of the 25th International Conference on Evaluation and Assessment in Software Engineering. 2021: 305-312.
    [10] Zhuang Y, Liu Z, Qian P, et al. Smart contract vulnerability detection using graph neural networks[C]//Proceedings of the Twenty-Ninth International Conference on International Joint Conferences on Artificial Intelligence. 2021: 3283-3290.
    [11] Liu Z, Qian P, Wang X, et al. Smart contract vulnerability detection: from pure neural network to interpretable graph feature and expert pattern fusion[J]. arXiv preprint
    [12] Zhang L, Chen W, Wang W, et al. Cbgru: A detection method of smart contract vulnerability based on a hybrid model[J]. Sensors, 2022, 22(9): 3577.
    [13] Dai W, Xue G R, Yang Q, et al. Co-clustering based classification for out-of-domain documents[C]//Proceedings of the 13th ACM SIGKDD international conference on Knowledge discovery and data mining. 2007: 210-219.
    [14] Maimaiti M, Liu Y, Luan H, et al. Enriching the transfer learning with pre-trained lexicon embedding for low-resource neural machine translation[J]. Tsinghua Science and Technology, 2021, 27(1): 150-163.
    [15] Lin J, Liang L, Han X, et al. Cross-target transfer algorithm based on the volterra model of SSVEP-BCI[J]. Tsinghua Science and Technology, 2021, 26(4): 505-522.
    [16] Wu Q, Wu H, Zhou X, et al. Online transfer learning with multiple homogeneous or heterogeneous sources[J]. IEEE Transactions on Knowledge and Data Engineering, 2017, 29(7): 1494-1507.
    [17] Zhuang F, Qi Z, Duan K, et al. A comprehensive survey on transfer learning[J]. Proceedings of the IEEE, 2020, 109(1): 43-76.
    [18] Pan S J, Tsang I W, Kwok J T, et al. Domain adaptation via transfer component analysis[J]. IEEE transactions on neural networks, 2010, 22(2): 199-210.
    [19] Jiang J, Zhai C X. Instance weighting for domain adaptation in NLP[C]. ACL, 2007.
    [20] Wang J, Chen Y, Feng W, et al. Transfer learning with dynamic distribution adaptation[J]. ACM Transactions on Intelligent Systems and Technology (TIST), 2020, 11(1): 1-25.
    [21] Zhu Y, Zhuang F, Wang J, et al. Multi-representation adaptation network for cross-domain image classification[J]. Neural Networks, 2019, 119: 214-221.
    [22] Long M, Cao Y, Wang J, et al. Learning transferable features with deep adaptation networks[C]//International conference on machine learning. PMLR, 2015: 97-105.
    [23] Zellinger W, Grubinger T, Lughofer E, et al. Central moment discrepancy (cmd) for domain-invariant representation learning[J]. arXiv preprint arXiv:1702.08811, 2017.
    [24] Sun B, Saenko K. Deep coral: Correlation alignment for deep domain adaptation[C]//Computer Vision–ECCV 2016 Workshops: Amsterdam, The Netherlands, October 8-10 and 15-16, 2016, Proceedings, Part III 14. Springer International Publishing, 2016: 443-450.
    [25] Ganin Y, Ustinova E, Ajakan H, et al. Domain-adversarial training of neural networks[J]. Journal of machine learning research, 2016, 17(59): 1-35.
    [26] Hoffman J, Tzeng E, Park T, et al. Cycada: Cycle-consistent adversarial domain adaptation[C]//International conference on machine learning. Pmlr, 2018: 1989-1998.
    [27] Tzeng E, Hoffman J, Saenko K, et al. Adversarial discriminative domain adaptation[C]//Proceedings of the IEEE conference on computer vision and pattern recognition. 2017: 7167-7176.
    [28] Zhou K, Yang Y, Qiao Y, et al. Mixstyle neural networks for domain generalization and adaptation[J]. International Journal of Computer Vision, 2024, 132(3): 822-836.
    [29] Liu Z, Qian P, Yang J, et al. Rethinking smart contract fuzzing: Fuzzing with invocation ordering and important branch revisiting[J]. IEEE Transactions on Information Forensics and Security, 2023, 18: 1237-1251.
    [30] Qian P, Liu Z, He Q, et al. Towards automated reentrancy detection for smart contracts based on sequential models[J]. IEEE Access, 2020, 8: 19685-19695.
    [31] Zhang L, Li Y, Guo R, et al. A novel smart contract reentrancy vulnerability detection model based on BiGAS[J]. Journal of Signal Processing Systems, 2023: 1-23.
    [32] Wu H, Zhang Z, Wang S, et al. Peculiar: Smart contract vulnerability detection based on crucial data flow graph and pre-training techniques[C]//2021 IEEE 32nd International Symposium on Software Reliability Engineering (ISSRE). IEEE, 2021: 378-389.
    相似文献
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

复制
分享
文章指标
  • 点击次数:123
  • 下载次数: 0
  • HTML阅读次数: 0
  • 引用次数: 0
历史
  • 收稿日期:2024-05-08
  • 最后修改日期:2024-09-03
  • 录用日期:2024-10-05
文章二维码
您是第11723414 位访问者
主管单位:中华人民共和国教育部
主办单位:重庆大学
地址:重庆市沙坪坝正街174号
电话:
重庆大学学报 ® 2025 版权所有