Presentation | 2021-03-05 Learning Contract-Wide Code Representations for Vulnerability Detection on Ethereum Smart Contracts Nami Ashizawa, Naoto Yanai, Jason Paul Cruz, Singo Okamura, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | Ethereum smart contracts are programs that run on the Ethereum blockchain, and many smart contract vulnerabilities have been discovered in the past decade. Many security analysis tools have been created to detect such vulnerabilities, but their performance decreases drastically when target codes are rewritten. We have proposed Eth2Vec, a machine-learning-based static analysis tool for vulnerability detection in smart contracts, so far. In this paper, we confirm that Eth2Vec can precisely extract features and detect vulnerabilities in deployed contracts through learning vulnerable contracts. We conduct experiments with existing open databases, such as Etherscan, and our results show that Eth2Vec outperforms a recent model based on support vector machine in terms of well-known metrics, i.e., precision, recall, and F1-score. We also show the robustness of Eth2Vec against code rewrites, i.e., it can detect vulnerabilities even in rewritten codes. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | Ethereum / Smart contract / Blockchain / Natural language processing / Neural network / Static analysis |
Paper # | IT2020-156,ISEC2020-86,WBS2020-75 |
Date of Issue | 2021-02-25 (IT, ISEC, WBS) |
Conference Information | |
Committee | WBS / IT / ISEC |
---|---|
Conference Date | 2021/3/4(2days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | Online |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | Joint Meeting of WBS, IT, and ISEC |
Chair | Masanori Hamamura(Kochi Univ. of Tech.) / Tadashi Wadayama(Nagoya Inst. of Tech.) / Shoichi Hirose(Univ. of Fukui) |
Vice Chair | Takashi Shono(INTEL) / Masahiro Fujii(Utsunomiya Univ.) / Tetsuya Kojima(Tokyo Kosen) / Tetsuya Izu(Fujitsu Labs.) / Noboru Kunihiro(Tsukuba Univ.) |
Secretary | Takashi Shono(Okayama Univ. of Science) / Masahiro Fujii(National Defence Academy) / Tetsuya Kojima(Yamaguchi Univ.) / Tetsuya Izu(Saga Univ.) / Noboru Kunihiro(Tsukuba Univ.) |
Assistant | Duong Quang Thang(NAIST) / Masafumi Moriyama(NICT) / Masayuki Kinoshita(Chiba Univ. of Tech.) / Takahiro Ohta(Senshu Univ.) / Kazuki Yoneyama(Ibaraki Univ.) |
Paper Information | |
Registration To | Technical Committee on Wideband System / Technical Committee on Information Theory / Technical Committee on Information Security |
---|---|
Language | ENG-JTITLE |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Learning Contract-Wide Code Representations for Vulnerability Detection on Ethereum Smart Contracts |
Sub Title (in English) | |
Keyword(1) | Ethereum |
Keyword(2) | Smart contract |
Keyword(3) | Blockchain |
Keyword(4) | Natural language processing |
Keyword(5) | Neural network |
Keyword(6) | Static analysis |
1st Author's Name | Nami Ashizawa |
1st Author's Affiliation | Osaka University(Osaka Univ.) |
2nd Author's Name | Naoto Yanai |
2nd Author's Affiliation | Osaka University(Osaka Univ.) |
3rd Author's Name | Jason Paul Cruz |
3rd Author's Affiliation | Osaka University(Osaka Univ.) |
4th Author's Name | Singo Okamura |
4th Author's Affiliation | National Institute of Technology, Nara College(NITNC) |
Date | 2021-03-05 |
Paper # | IT2020-156,ISEC2020-86,WBS2020-75 |
Volume (vol) | vol.120 |
Number (no) | IT-410,ISEC-411,WBS-412 |
Page | pp.pp.273-280(IT), pp.273-280(ISEC), pp.273-280(WBS), |
#Pages | 8 |
Date of Issue | 2021-02-25 (IT, ISEC, WBS) |