An Attention-based Wide and Deep Neural Network for Reentrancy Vulnerability Detection in Smart Contracts

IF 3.7 2区计算机科学 Q1 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Journal of Systems and Software Pub Date : 2025-02-03 DOI:10.1016/j.jss.2025.112361

Samuel Banning Osei , Rubing Huang , Zhongchen Ma

{"title":"An Attention-based Wide and Deep Neural Network for Reentrancy Vulnerability Detection in Smart Contracts","authors":"Samuel Banning Osei , Rubing Huang , Zhongchen Ma","doi":"10.1016/j.jss.2025.112361","DOIUrl":null,"url":null,"abstract":"<div><div>In recent years, smart contracts have become integral to blockchain applications, offering decentralized, transparent, and tamper-proof execution of agreements. However, vulnerabilities in smart contracts pose significant security risks, leading to financial losses. This paper presents an Attention-based Wide and Deep Neural Network (AWDNN) for Reentrancy vulnerability Detection in Ethereum smart contracts. By emphasizing crucial smart contract features, AWDNN enhances its precision in identifying complex vulnerability patterns. Our approach includes three phases: code optimization, vectorization, and vulnerability detection. We streamline smart contract code by removing extraneous components and extracting key fragments. These fragments are transformed into vectors that capture the smart contract’s semantic features, and subsequently subjected through the wide and deep neural network to detect vulnerabilities. Experimental results show that our model performs well compared to existing tools. Future work aims to detect additional vulnerabilities and incorporate advanced vectorization techniques to enhance efficiency.</div></div>","PeriodicalId":51099,"journal":{"name":"Journal of Systems and Software","volume":"223 ","pages":"Article 112361"},"PeriodicalIF":3.7000,"publicationDate":"2025-02-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Systems and Software","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0164121225000299","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

Abstract

In recent years, smart contracts have become integral to blockchain applications, offering decentralized, transparent, and tamper-proof execution of agreements. However, vulnerabilities in smart contracts pose significant security risks, leading to financial losses. This paper presents an Attention-based Wide and Deep Neural Network (AWDNN) for Reentrancy vulnerability Detection in Ethereum smart contracts. By emphasizing crucial smart contract features, AWDNN enhances its precision in identifying complex vulnerability patterns. Our approach includes three phases: code optimization, vectorization, and vulnerability detection. We streamline smart contract code by removing extraneous components and extracting key fragments. These fragments are transformed into vectors that capture the smart contract’s semantic features, and subsequently subjected through the wide and deep neural network to detect vulnerabilities. Experimental results show that our model performs well compared to existing tools. Future work aims to detect additional vulnerabilities and incorporate advanced vectorization techniques to enhance efficiency.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Systems and Software 工程技术-计算机：理论方法

CiteScore

8.60

自引率

5.70%

发文量

193

审稿时长

16 weeks

期刊介绍： The Journal of Systems and Software publishes papers covering all aspects of software engineering and related hardware-software-systems issues. All articles should include a validation of the idea presented, e.g. through case studies, experiments, or systematic comparisons with other approaches already in practice. Topics of interest include, but are not limited to: •Methods and tools for, and empirical studies on, software requirements, design, architecture, verification and validation, maintenance and evolution •Agile, model-driven, service-oriented, open source and global software development •Approaches for mobile, multiprocessing, real-time, distributed, cloud-based, dependable and virtualized systems •Human factors and management concerns of software development •Data management and big data issues of software systems •Metrics and evaluation, data mining of software development resources •Business and economic aspects of software development processes The journal welcomes state-of-the-art surveys and reports of practical experience for all of these topics.