We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
OC-Detector: Detecting Smart Contract Vulnerabilities Based on Clustering Opcode Instructions.
- Authors
Gu, Xiguo; Zheng, Liwei; Yang, Huiwen; Liu, Shifan; Cui, Zhanqi
- Abstract
Smart contracts are programs running on blockchain. In recent years, due to the persistent occurrence of security-related accidents in smart contracts, the effective detection of vulnerabilities in smart contracts has received extensive attention from researchers and engineers. Machine learning-based vulnerability detection techniques have the advantage that they do not need expert rules for determining vulnerabilities. However, existing approaches cannot identify vulnerabilities when the versions of smart contract compilers are updated. In this paper, we propose OC-Detector (Opcode Clustering Detector), a smart contract vulnerability detection approach based on clustering opcode instructions. OC-Detector learns the characteristics of opcode instructions to cluster them and replaces opcode instructions belonging to the same cluster with the ID of the cluster. After that, the similarity between the contract under analysis and contracts in the vulnerability database is calculated to identify vulnerabilities. The experimental results demonstrate that OC-Detector improves the F1 value of detecting vulnerabilities from 0.04 to 0.40 compared to DC-Hunter, Securify, SmartCheck and Osiris. Additionally, compared to DC-Hunter, the F1 value is improved by 0.27 when detecting vulnerabilities in smart contracts compiled by different versions of compilers.
- Subjects
CONTRACTS; BLOCKCHAINS; DATABASES; RESEARCH personnel; DETECTORS; ENGINEERS
- Publication
International Journal of Software Engineering & Knowledge Engineering, 2023, Vol 33, Issue 11/12, p1673
- ISSN
0218-1940
- Publication type
Article
- DOI
10.1142/S0218194023410061