Smart contract vulnerability detection method based on pre-training and novel timing graph neural network
To address the limitations of current deep learning-based methods in extracting contract bytecode features and representing vulnerability semantics, as well as the shortcomings of the traditional graph neural networks in learning temporal information from contract statements, a method for detecting...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2024-09-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2024163/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | To address the limitations of current deep learning-based methods in extracting contract bytecode features and representing vulnerability semantics, as well as the shortcomings of the traditional graph neural networks in learning temporal information from contract statements, a method for detecting vulnerabilities in contracts was proposed based on pre-trained and temporal graph neural network. Firstly, the pre-trained model was used to transform smart contract bytecode into a vulnerability semantics-aware contract graph structure. Then, combined with a self-attention mechanism, the event-driven temporal graph neural network was designed to extract temporal information during contract execution. Finally, focusing on reentrant vulnerabilities, timestamp dependency vulnerabilities, and Tx.origin authentication vulnerabilities, extensive experiments were conducted on a dataset of 120 932 actual contracts. The results show that the proposed method significantly outperforms existing approaches. |
|---|---|
| ISSN: | 1000-436X |