{"title":"Multiclass vulnerability and clone detection in Ethereum smart contracts using Block-wise Abstract Syntax Tree based Federated Graph Neural Networks","authors":"Shruti Sharma, Ankur Ratmele, Abhay Deep Seth","doi":"10.1016/j.compeleceng.2025.110220","DOIUrl":null,"url":null,"abstract":"<div><div>Smart contracts on blockchain networks autonomously execute applications based on predefined conditions, making their security-critical due to the potential for significant financial losses from vulnerabilities. Current vulnerability detection algorithms commonly rely on expert-defined rules, which are prone to errors and insufficient for identifying complex vulnerability patterns. Given the immutability of smart contracts post-deployment, ensuring security before deployment is essential. This research presents Block-wise Abstract Syntax Tree based Federated Graph Neural Networks (BAST-FeGNN), a novel approach combining block-wise abstract syntax tree and Federated Graph Neural Networks (FeGNN) to detect code clones and multiclass vulnerabilities in Ethereum smart contracts. The BAST-FeGNN method operates in three stages: it first extracts security-related patterns from the base code using an abstract syntax tree; then, it constructs and normalizes a contract graph using FeGNN to capture critical nodes, analyze data and control flows. This integration of graph-based feature extraction with pattern matching allows precise detection of vulnerabilities like access control issues, reentrancy, and unchecked calls, as well as identifying code clones. Finally, the method pools these features for comprehensive vulnerability detection. BAST-FeGNN significantly enhances vulnerability detection accuracy and scalability, outperforming existing models with an accuracy of 95.35%, recall of 95.58%, F1-score of 95.80%, and precision of 96.10%, making it a robust solution for securing blockchain applications.</div></div>","PeriodicalId":50630,"journal":{"name":"Computers & Electrical Engineering","volume":"123 ","pages":"Article 110220"},"PeriodicalIF":4.0000,"publicationDate":"2025-03-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Electrical Engineering","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0045790625001636","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0
Abstract
Smart contracts on blockchain networks autonomously execute applications based on predefined conditions, making their security-critical due to the potential for significant financial losses from vulnerabilities. Current vulnerability detection algorithms commonly rely on expert-defined rules, which are prone to errors and insufficient for identifying complex vulnerability patterns. Given the immutability of smart contracts post-deployment, ensuring security before deployment is essential. This research presents Block-wise Abstract Syntax Tree based Federated Graph Neural Networks (BAST-FeGNN), a novel approach combining block-wise abstract syntax tree and Federated Graph Neural Networks (FeGNN) to detect code clones and multiclass vulnerabilities in Ethereum smart contracts. The BAST-FeGNN method operates in three stages: it first extracts security-related patterns from the base code using an abstract syntax tree; then, it constructs and normalizes a contract graph using FeGNN to capture critical nodes, analyze data and control flows. This integration of graph-based feature extraction with pattern matching allows precise detection of vulnerabilities like access control issues, reentrancy, and unchecked calls, as well as identifying code clones. Finally, the method pools these features for comprehensive vulnerability detection. BAST-FeGNN significantly enhances vulnerability detection accuracy and scalability, outperforming existing models with an accuracy of 95.35%, recall of 95.58%, F1-score of 95.80%, and precision of 96.10%, making it a robust solution for securing blockchain applications.
期刊介绍:
The impact of computers has nowhere been more revolutionary than in electrical engineering. The design, analysis, and operation of electrical and electronic systems are now dominated by computers, a transformation that has been motivated by the natural ease of interface between computers and electrical systems, and the promise of spectacular improvements in speed and efficiency.
Published since 1973, Computers & Electrical Engineering provides rapid publication of topical research into the integration of computer technology and computational techniques with electrical and electronic systems. The journal publishes papers featuring novel implementations of computers and computational techniques in areas like signal and image processing, high-performance computing, parallel processing, and communications. Special attention will be paid to papers describing innovative architectures, algorithms, and software tools.