ContractGNN: Ethereum Smart Contract Vulnerability Detection Based on Vulnerability Sub-Graphs and Graph Neural Networks

【Author】 Wang, Yichen; Zhao, Xiangfu; He, Long; Zhen, Zixian; Chen, Haiyue

【Source】IEEE TRANSACTIONS ON NETWORK SCIENCE AND ENGINEERING

【影响因子】5.033

【Abstract】Smart contracts have been widely used for their capability of giving blockchain a user-defined logic. In recent years, several smart contract security incidents have resulted in enormous financial losses. Therefore, it is important to detect vulnerabilities in smart contracts before deployment. Machine learning has been used recently in smart contract vulnerability detection. Unfortunately, due to the loss of information during feature extraction, the detection results are unsatisfactory. Hence, we propose a novel approach called ContractGNN, which combines a new concept of a vulnerability sub-graph (VSG) with graph neural networks (GNNs). Compared with traditional methods, checking a VSG is more accurate because the VSG removes irrelevant vertexes in the control flow graph. Furthermore, a VSG can be aggregated and simplified, thus improving the efficiency of message passing in a GNN. Based on aggregated VSGs, we design a new feature extraction method that preserves semantic information, the order of opcode, and control flows of smart contracts. Moreover, we compare a large number of GNN classification models and select the best one to implement ContractGNN. We then test ContractGNN on 48,493 real-world smart contracts, and the experimental results show that ContractGNN outperforms other smart contract vulnerability detection tools, with an average F1 score of 89.70%.

【Keywords】Blockchain; smart contract; vulnerability detection; vulnerability detection; vulnerability sub-graph (VSG); vulnerability sub-graph (VSG); graph neural network (GNN); graph neural network (GNN); graph neural network (GNN)

【发表时间】2024 NOV

【收录时间】2024-11-29

【文献类型】

【主题类别】

--