A Comprehensive Survey of Smart Contracts Vulnerability Detection Tools: Techniques and Methodologies

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications Pub Date : 2025-02-18 DOI:10.1016/j.jnca.2025.104142

Niosha Hejazi, Arash Habibi Lashkari

{"title":"A Comprehensive Survey of Smart Contracts Vulnerability Detection Tools: Techniques and Methodologies","authors":"Niosha Hejazi, Arash Habibi Lashkari","doi":"10.1016/j.jnca.2025.104142","DOIUrl":null,"url":null,"abstract":"<div><div>The widespread use of blockchain technology has highlighted smart contracts as crucial components in digital transactions. However, their susceptibility to vulnerabilities poses significant challenges to security and dependability. This survey presents a comprehensive evaluation of 256 smart contracts analysis tools, categorized by methodologies such as fuzzing, machine learning, symbolic execution, and formal verification. Through theoretical and practical assessments, this paper offers insights into the current landscape of smart contracts vulnerability detection tools. Additionally, the paper systematically evaluates selected tools based on real-world datasets. The results show that while many tools perform well, they do not fully cover all vulnerability types accurately, highlighting the need for improved integration of detection methodologies. The findings aim to bridge gaps in existing methods, guiding future improvements for enhancing the security of blockchain applications.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"237 ","pages":"Article 104142"},"PeriodicalIF":7.7000,"publicationDate":"2025-02-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Network and Computer Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1084804525000396","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

The widespread use of blockchain technology has highlighted smart contracts as crucial components in digital transactions. However, their susceptibility to vulnerabilities poses significant challenges to security and dependability. This survey presents a comprehensive evaluation of 256 smart contracts analysis tools, categorized by methodologies such as fuzzing, machine learning, symbolic execution, and formal verification. Through theoretical and practical assessments, this paper offers insights into the current landscape of smart contracts vulnerability detection tools. Additionally, the paper systematically evaluates selected tools based on real-world datasets. The results show that while many tools perform well, they do not fully cover all vulnerability types accurately, highlighting the need for improved integration of detection methodologies. The findings aim to bridge gaps in existing methods, guiding future improvements for enhancing the security of blockchain applications.

查看原文本刊更多论文

智能合约漏洞检测工具的综合调查：技术和方法

区块链技术的广泛使用突显出智能合约是数字交易的关键组成部分。然而，它们易受漏洞的影响，对安全性和可靠性提出了重大挑战。本调查对256种智能合约分析工具进行了全面评估，按模糊测试、机器学习、符号执行和形式化验证等方法进行了分类。通过理论和实践评估，本文提供了对智能合约漏洞检测工具的当前前景的见解。此外，本文系统地评估了基于现实世界数据集的选择工具。结果表明，虽然许多工具表现良好，但它们并不能完全准确地覆盖所有漏洞类型，这突出了改进检测方法集成的必要性。研究结果旨在弥补现有方法的不足，指导未来改进区块链应用程序的安全性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Network and Computer Applications 工程技术-计算机：跨学科应用

CiteScore

21.50

自引率

3.40%

发文量

142

审稿时长

37 days

期刊介绍： The Journal of Network and Computer Applications welcomes research contributions, surveys, and notes in all areas relating to computer networks and applications thereof. Sample topics include new design techniques, interesting or novel applications, components or standards; computer networks with tools such as WWW; emerging standards for internet protocols; Wireless networks; Mobile Computing; emerging computing models such as cloud computing, grid computing; applications of networked systems for remote collaboration and telemedicine, etc. The journal is abstracted and indexed in Scopus, Engineering Index, Web of Science, Science Citation Index Expanded and INSPEC.