FunFuzz: A Function-Oriented Fuzzer for Smart Contract Vulnerability Detection with High Effectiveness and Efficiency

【Author】 Ye, Mingxi; Nan, Yuhong; Dai, Hong-Ning; Yang, Shuo; luo, Xiapu; Zheng, Zibin

【Source】ACM TRANSACTIONS ON SOFTWARE ENGINEERING AND METHODOLOGY

【影响因子】3.685

【Abstract】With the increasing popularity of Decentralized Applications (DApps) in blockchain, securing smart contracts has been a long-term, high-priority subject in the domain. Among the various research directions for vulnerability detection, fuzzing has received extensive attention because of its high effectiveness. However, with the increasing complexity of smart contracts, existing fuzzers may waste substantial time exploring locations irrelevant to smart contract vulnerabilities. In this article, we present FunFuzz, a function-oriented fuzzer, which is dedicatedly tailored for detecting smart contract vulnerability with high effectiveness and efficiency. The key observation in our research is that most smart contract vulnerabilities exist in specific functions rather than randomly distributed in all program code like other traditional software. To this end, unlike traditional fuzzers which mainly target code coverage, FunFuzz identifies risky functions while pruning non-risky ones in smart contracts. In this way, it significantly narrows down the exploration scope during the fuzzing process. In addition, FunFuzz employs three unique strategies to direct itself toward effectively discovering vulnerabilities specific to smart contracts (e.g., reentrancy, block dependency, and gasless send). Extensive experiments on 170 real-world contracts demonstrate that FunFuzz outperforms state-of-the-art fuzzers in terms of effectiveness and efficiency.

【Keywords】Fuzz testing; smart contract; blockchain; vulnerability detection

【发表时间】2024 SEP

【收录时间】2024-10-20

【文献类型】理论模型

【主题类别】

区块链技术-核心技术-智能合约