SCcheck: A Novel Graph-Driven and Attention- Enabled Smart Contract Vulnerability Detection Framework for Web 3.0 Ecosystem

【Author】 Cao, Yuanlong; Jiang, Fan; Xiao, Jianmao; Chen, Shaolong; Shao, Xun; Wu, Celimuge

【Source】IEEE TRANSACTIONS ON NETWORK SCIENCE AND ENGINEERING

【影响因子】5.033

【Abstract】With the rapid progress of technology, Web 3.0 has emerged as a transformative force in the digital realm. It is characterized by decentralization, user-centric data ownership, and the implementation of cryptographic techniques. Smart contracts, as a core component of Web 3.0, play a pivotal role in driving its evolution by enabling novel functionalities and various application. However, given the substantial financial significance of smart contracts and their inherent transparency, the accessibility of their source code to all opens potential avenues for attackers to identify and exploit vulnerabilities. Therefore, the detection of security vulnerabilities in smart contracts has become significantly important. Existing smart contract vulnerability detection tools mostly rely on expert-defined rules, leading to high false positive rates. To address this problem, this article proposes an efficient and automated framework that combines Graph and Attention for detecting smart contract vulnerabilities. This framework takes into account the code structure of smart contracts, extracts nodes, and constructs a contract graph, utilizing dataflow to represent the different semantics of variable nodes at different locations. Additionally, a bidirectional multilayer Transformer framework is constructed and trained with our dataset, utilizing the information from the nodes. The framework achieves state-of-the-art levels of Accuracy 92.72%, Recall 82.81%, and F1(score) 87.54%, respectively. These results show that our framework can effectively detect security vulnerabilities in smart contracts and has the potential to improve their security.

【Keywords】Blockchain; Smart Contract; Vulnerability Detection; Transformer; Graph; Attention; Blockchain; Smart Contract; Vulnerability Detection; Transformer; Graph; Attention

【发表时间】2024 SEP

【收录时间】2024-09-24

【文献类型】实验仿真

【主题类别】

区块链治理-技术治理-智能合约漏洞检测