| 摘 要: 智能合约控制着区块链上巨额资产的流动,因此确保其安全性至关重要。基于此,提出一种基于数据 流图和混合深度学习模型的方法,即DFG-HDP,用于检测智能合约的漏洞。该方法首先对智能合约源码进行清洗 和变量规范;其次从源码中提取数据流特征,将其与源码结合作为输入;最后将不同的词嵌入模型与不同的深度学 习模型结合,对输入进行学习检测。实验结果表明,该方法在智能合约漏洞检测中的F1值高达89.90%,优于之前 的漏洞检测方法CBGRU。这一结果证明了该方法的有效性和优越性 |
| 关键词: 智能合约;漏洞检测;数据流图;混合模型 |
|
中图分类号: TP309
文献标识码: A
|
| 基金项目: “浙江省尖兵”“领雁”研发攻关计划项目资助(2022C01094);激光与物质相互作用国家重点实验室开发基础研究课题资助(SKLLIM2113);浙江省重点研发“尖兵”攻关计划项目(2023C01119 |
|
| Vulnerability Detection of Smart Contracts Based on Data Flow Graph and Hybrid Network Model |
|
DING Shiqi, CHEN Zhengkui, HUANG Hai
|
(School of Computer Science and Technology, Zhejiang Sci-Tech University, Hangzhou 310019, China)
939753807@qq.com; chenzk@zstu.edu.cn; haihuang1005@gmail.com
|
| Abstract: Smart contracts control the flow of substantial assets on the blockchain, making their security crucial. Accordingly, this paper proposes a method called DFG-HDP (Data Flow Graph and Hybrid Deep Learning Model) for detecting vulnerabilities in smart contracts. This method first cleans and normalizes variables in the smart contract source code. Secondly, it extracts data flow features from the source code and combines them with the source code for input. Finally, it integrates various word embedding models with different deep learning models to learn and detect vulnerabilities from the input. Experimental results indicate that this method achieves an F1 score of 89.90% in smart contract vulnerability detection, outperforming the previous vulnerability detection method CBGRU. This result demonstrates the effectiveness and superiority of the proposed method. |
| Keywords: smart contracts; vulnerability detection; data flow graph; hybrid model |
