Litcius/Paper detail

Smart Contract Vulnerability Detection Using Code Representation Fusion

Ben Wang, Hanting Chu, Pengcheng Zhang, Hai Dong

202117 citationsDOI

Abstract

At present, most smart contract vulnerability detection use manually-defined patterns, which is time-consuming and far from satisfactory. To address this issue, researchers attempt to deploy deep learning techniques for automatic vulnerability detection in smart contracts. Nevertheless, current work mostly relies on a single code representation such as AST (Abstract Syntax Tree) or code tokens to learn vulnerability characteristics, which might lead to incompleteness of learned semantics information. In addition, the number of available vulnerability datasets is also insufficient. To address these limitations, first, we construct a dataset covering most typical types of smart contract vulnerabilities, which can accurately indicate the specific row number where a vulnerability may exist. Second, for each single code representation, we propose a novel way called AFS (AST Fuse program Slicing) to fuse code characteristic information. AFS can fuse the structured information of AST with program slicing information and detect vulnerabilities by learning new vulnerability characteristic information.

Topics & Concepts

Program slicingComputer scienceVulnerability (computing)Code (set theory)SyntaxFuse (electrical)Representation (politics)Vulnerability assessmentSemantics (computer science)Construct (python library)SlicingArtificial intelligenceComputer securityProgramming languageWorld Wide WebEngineeringPsychological resiliencePsychotherapistPsychologyLawPolitical scienceElectrical engineeringSet (abstract data type)PoliticsBlockchain Technology Applications and SecurityCybercrime and Law Enforcement StudiesCrime, Illicit Activities, and Governance