kth.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Dynamic Vulnerability Detection on Smart Contracts Using Machine Learning
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Theoretical Computer Science, TCS.ORCID iD: 0000-0002-0069-0588
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Theoretical Computer Science, TCS.ORCID iD: 0000-0002-3656-1614
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Theoretical Computer Science, TCS.ORCID iD: 0000-0002-0074-8786
2021 (English)In: Proceedings Of Evaluation And Assessment In Software Engineering (EASE 2021), Association for Computing Machinery (ACM) , 2021, p. 305-312Conference paper, Published paper (Refereed)
Abstract [en]

In this work we propose Dynamit, a monitoring framework to detect reentrancy vulnerabilities in Ethereum smart contracts. The novelty of our framework is that it relies only on transaction metadata and balance data from the blockchain system; our approach requires no domain knowledge, code instrumentation, or special execution environment. Dynamit extracts features from transaction data and uses a machine learning model to classify transactions as benign or harmful. Therefore, not only can we find the contracts that are vulnerable to reentrancy attacks, but we also get an execution trace that reproduces the attack. Using a random forest classifier, our model achieved more than 90 percent accuracy on 105 transactions, showing the potential of our technique.

Place, publisher, year, edition, pages
Association for Computing Machinery (ACM) , 2021. p. 305-312
Keywords [en]
Smart Contracts, Vulnerability Detection, Machine Learning for Dynamic Software Analysis, Ethereum, Blockchain
National Category
Computer Sciences Computer Systems
Identifiers
URN: urn:nbn:se:kth:diva-308789DOI: 10.1145/3463274.3463348ISI: 000744470000036Scopus ID: 2-s2.0-85108912066OAI: oai:DiVA.org:kth-308789DiVA, id: diva2:1637509
Conference
Conference on Evaluation and Assessment in Software Engineering (EASE), JUN 21-24, 2021, Norwegian Univ Sci & Technol, ELECTR NETWORK
Note

Part of proceedings: ISBN 978-1-4503-9053-8

QC 20220214

Available from: 2022-02-14 Created: 2022-02-14 Last updated: 2023-01-18Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Eshghie, MojtabaArtho, CyrilleGurov, Dilian

Search in DiVA

By author/editor
Eshghie, MojtabaArtho, CyrilleGurov, Dilian
By organisation
Theoretical Computer Science, TCS
Computer SciencesComputer Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 229 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf