Smart Contract Vulnerability Detection Scheme Based on BiLSTM and Attention Mechanism

doi:10.3969/j.issn.1671-1122.2022.09.006

Abstract

Abstract:

Aiming at the low detection accuracy of the traditional smart contract vulnerability detection scheme and the single type of vulnerability detected by the deep learning scheme, this paper proposed a smart contract vulnerability detection scheme based on bi-directional long short-term memory (BiLSTM) network and attention mechanism. Firstly, the word2vec word embedding technology was used to train the data to obtain the word vector representation of the opcode. Secondly, the word vector was passed into BiLSTM to extract sequence features, and an attention mechanism was introduced to give different weights to different features to highlight key features. Finally, the activation function was normalized to realize the detection and identification of smart contract vulnerabilities. This paper collected 3,000 smart contracts in Ethereum and used them to evaluate the model. The experimental results show that compared with the deep learning model and traditional tools, the scheme in this paper has improved the precision rate, recall rate and F1 score, and can accurately identify four kinds of type of smart contract vulnerabilities, the accuracy rate reached 86.34%.

Key words: BiLSTM, blockchain, smart contract, attention mechanism, vulnerability detection

CLC Number:

TP309

ZHANG Guanghua, LIU Yongsheng, WANG He, YU Naiwen. Smart Contract Vulnerability Detection Scheme Based on BiLSTM and Attention Mechanism[J]. Netinfo Security, 2022, 22(9): 46-54.

Figures/Tables 12

References 29

[1]	SZABO N. Smart Contracts: Building Blocks for Digital Markets[J]. EXTROPY: The Journal of Transhumanist Thought, 1996, 18(2): 28-30.
[2]	HU Tianyuan, LI Zecheng, LI Bixin, et al. Contractual Security and Privacy Security of Smart Contract: A System Mapping Study[J]. Chinese Journal of Computers, 2021, 44(12): 2485-2514.
	胡甜媛, 李泽成, 李必信, 等. 智能合约的合约安全和隐私安全研究综述[J]. 计算机学报, 2021, 44(12): 2485-2514.
[3]	YANG Zheng, LEI Hang. Lolisa: Formal Syntax and Semantics for a Subset of the Solidity Programming Language in Mathematical Tool Coq[EB/OL]. (2018-05-27)[2022-05-25]. https://arxiv.org/abs/1803.09885.
[4]	MEHAR M I, SHIER C L, GIAMBATTISTA A, et al. Understanding a Revolutionary and Flawed Grand Experiment in Blockchain: The DAO Attack[J]. Journal of Cases on Information Technology (JCIT), 2019, 21(1): 19-32.
[5]	PALLADINO S. The Parity Wallet Hack Explained[EB/OL]. (2017-07-19)[2022-05-25]. https://blog.openzeppelin.com/on-the-parity-wallet-multisig-hack-405a8c12e8f7.
[6]	HESSENAUER S. Batch Overflow Bug on Ethereum ERC20 Token Contracts and SafeMath[EB/OL]. (2018-04-26)[2022-05-25]. http://blog.matryx.ai/batch-overflow-bug-on-ethereum-erc20-token-contracts-and-safemath-f9ebcc137434.
[7]	LUU L, CHU D H, OLICKEL H, et al. Making Smart Contracts Smarter[C]// ACM. 2016 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2016: 254-269.
[8]	NIKOLIC I, KOLLURI A, SERGEY I, et al. Finding the Greedy, Prodigal, and Suicidal Contracts at Scale[C]// ACM. 34th Annual Computer Security Applications Conference. New York: ACM, 2018: 653-663.
[9]	TORRES C F, SCHÜTTE J, STATE R. Osiris: Hunting for Integer Bugs in Ethereum Smart Contracts[C]// ACM. 34th Annual Computer Security Applications Conference. New York: ACM, 2018: 664-676.
[10]	MUELLER B. MYTHRIL: A Framework for Bug Hunting on the Ethereum Blockchain[EB/OL]. (2017-07-11)[2022-05-25]. https://mythx.io/.
[11]	TSANKOV P, DAN A, DRACHSLER C D, et al. Securify: Practical Security Analysis of Smart Contracts[C]// ACM. 2018 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2018: 67-82.
[12]	JIANG Bo, LIU Ye, CHAN W K. Contractfuzzer: Fuzzing Smart Contracts for Vulnerability Detection[C]// IEEE. 2018 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE). New York: IEEE, 2018: 259-269.
[13]	HE Jingxuan, BALUNOVIĆ M, AMBROLADZE N, et al. Learning to Fuzz from Symbolic Execution with Application to Smart Contracts[C]// ACM. 2019 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2019: 531-548.
[14]	NGUYEN T D, PHAM L H, SUN Jun, et al. sFuzz: An Efficient Adaptive Fuzzer for Solidity Smart Contracts[C]// ACM. ACM/IEEE 42nd International Conference on Software Engineering. New York: ACM, 2020: 778-788.
[15]	LIANAN. VaaS: Automated Formal Verification Platform for Smart Contract[EB/OL]. (2019-07-03)[2022-05-11]. https://www.lianantech.com/.
[16]	AMANI S, BÉGEL M, BORTIN M, et al. Towards Verifying Ethereum Smart Contract Bytecode in Isabelle/HOL[C]// ACM. 7th ACM SIGPLAN International Conference on Certified Programs and Proofs. New York: ACM, 2018: 66-77.
[17]	FEIST J, GRIECO G, GROCE A. Slither: A Static Analysis Framework for Smart Contracts[C]// IEEE. 2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain(WETSEB). New York: IEEE, 2019: 8-15.
[18]	TIKHOMIROV S, VOSKRESENSKAYA E, IVANITSKIY I, et al. Smartcheck: Static Analysis of Ethereum Smart Contracts[C]// ACM. 1st International Workshop on Emerging Trends in Software Engineering for Blockchain. New York: ACM, 2018: 9-16.
[19]	QIAN Peng, LIU Zhenguang, HE Qinming, et al. Towards Automated Reentrancy Detection for Smart Contracts Based on Sequential Models[J]. IEEE Access, 2020(8): 19685-19695.
[20]	TANN W J W, HAN Xingjie, GUPTA S S, et al. Towards Safer Smart Contracts: A Sequence Learning Approach to Detecting Security Threats[EB/OL]. (2018-11-16)[2022-05-25]. https://arxiv.org/abs/1811.06632v3.
[21]	SUN Yuhang, GU Lize. Attention-Based Machine Learning Model for Smart Contract Vulnerability Detection[EB/OL]. (2021-01-15)[2022-05-25]. https://iopscience.iop.org/article/10.1088/1742-6596/1820/1/012004.
[22]	WANG Wei, SONG Jingjing, XU Guangquan, et al. Contractward: Automated Vulnerability Detection Models for Ethereum Smart Contracts[J]. IEEE Transactions on Network Science and Engineering, 2020, 8(2): 1133-1144.
[23]	YU Xingxin, ZHAO Haoyue, HOU Botao, et al. DeeSCVHunter: A Deep Learning-Based Framework for Smart Contract Vulnerability Detection[C]// IEEE. 2021 International Joint Conference on Neural Networks (IJCNN). New York: IEEE, 2021: 1-8.
[24]	MIKOLOV T, CHEN Kai, CORRADO G, et al. Efficient Estimation of Word Representations in Vector Space[EB/OL]. (2013-01-16)[2022-05-25]. https://arxiv.org/abs/1301.3781.
[25]	HOCHREITER S, SCHMIDHUBER J. Long Short-Term Memory[J]. Neural Computation, 1997, 9(8): 1735-1780.
[26]	BAHDANAU D, CHO K, BENGIO Y. Neural Machine Translation by Jointly Learning to Align and Translate[EB/OL]. (2014-09-01)[2022-05-25]. https://arxiv.org/abs/1409.0473v7.
[27]	ALBERT E, GORDILLO P, LIVSHITS B, et al. Ethir: A Framework for High-Level analysis of Ethereum Bytecode[C]// Springer. International Symposium on Automated Technology for Verification and Analysis. Heidelberg: Springer, 2018: 513-520.
[28]	ZAREMBA W, SUTSKEVER I, VINYALS O. Recurrent Neural Network Regularization[EB/OL]. (2014-09-08)[2022-05-25]. https://arxiv.org/abs/1409.2329.
[29]	KIM Y. Convolutional Neural Networks for Sentence Classification[EB/OL]. (2014-08-25)[2022-05-25]. https://arxiv.org/abs/1408.5882v2.

操作码	整数溢出漏洞	可重入漏洞	以太币锁定漏洞
PUSH MEMLOGICY PUSH…	1	0	1
PUSH MSTORE MEMORY PUSH JUMPI…	0	0	1
PUSH PUSH MEMLOGICY PUSH…	0	1	0

参数	含义	值
Lr	初始学习率	0.001
Batch_size	每个批次的训练样本数量	128
Num_hiddens	隐藏层特征数量	128
Embed_size	词向量维度	250
Eopch	训练轮次	60
Dropout	减少过拟合	0.5
SEQUENCE_LENGTH	输入序列长度	2300

漏洞类型	精确率	召回率	F1值
整数溢出漏洞	94.92%	91.50%	93.18%
以太币锁定漏洞	87.95%	79.76%	83.65%
时间戳依赖漏洞	83.08%	73.97%	78.26%
可重入漏洞	93.18%	76.39%	65.48%

模型		RNN^[28]	LSTM^[26]	TextCNN^[29]	本文模型
整数溢出漏洞	精确率	85.64%	86.60%	86.16%	94.92%
	召回率	86.22%	89.09%	90.52%	91.50%
	F1值	85.93%	87.82%	88.29%	93.18%
可重入漏洞	精确率	75.00%	69.39%	64.86%	76.39%
	召回率	27.55%	36.69%	54.23%	65.48%
	F1值	40.30%	47.86%	59.07%	70.51%
以太币锁定漏洞	精确率	65.62%	69.84%	74.58%	87.95%
	召回率	46.26%	58.15%	53.44%	79.76%
	F1值	54.26%	63.46%	62.26%	83.65%

模型		SmartCheck^[18]	Mythril^[10]	Slither^[17]	本文模型
整数溢出漏洞	精确率	33.33%	74.64%	—	94.92%
	召回率	30.30%	77.94%	—	91.50%
	F1值	31.74%	75.82%	—	93.18%
可重入漏洞	精确率	39.40%	52.30%	35.48%	76.39%
	召回率	41.25%	49.69%	42.31%	65.48%
	F1值	40.59%	50.98%	38.59%	70.51%
以太币锁定漏洞	精确率	85.18%	—	59.18%	87.95%
	召回率	26.13%	—	56.86%	79.76%
	F1值	39.98%	—	57.99%	83.65%