Shuai Zhang, Meng Wang, Yi Liu, Yuhan Zhang, Bin Yu
{"title":"基于路径间数据依赖的智能合约多事务序列漏洞检测","authors":"Shuai Zhang, Meng Wang, Yi Liu, Yuhan Zhang, Bin Yu","doi":"10.1109/QRS57517.2022.00068","DOIUrl":null,"url":null,"abstract":"Smart contracts are commonly used to build finance-related decentralized applications. If a smart contract vulnerability is exploited by an attacker, the contract owner may suffer financial losses. We focus on a particular class of smart contract vulnerabilities that require a specific sequence of multiple transactions to trigger, which we call multi-transaction sequence vulnerabilities. Due to the combinatorial explosion problem caused by the huge number of possible transaction sequences, the efficiency and scalability for existing security analyzers to detect multi-transaction sequence vulnerabilities are limited. To alleviate the problem, we propose a vulnerability detection approach based on symbolic execution and inter-path data dependency. In the approach, we first traverse paths in a contract, and record read and write operations of each path. Then, we selectively execute paths which are conducive to discovering vulnerabilities during the subsequent detection process according to inter-path data dependencies. By pruning out most paths that are not relevant to vulnerabilities, we improve the efficiency and scalability of detecting multi-transaction sequence vulnerabilities. We evaluate our approach on 442 contracts collected from CVE reports and 104 contracts with Ether leakage and suicide defects. The experimental results show that our approach reaches an average 2x speedup comparing to Mythril.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Multi-Transaction Sequence Vulnerability Detection for Smart Contracts based on Inter-Path Data Dependency\",\"authors\":\"Shuai Zhang, Meng Wang, Yi Liu, Yuhan Zhang, Bin Yu\",\"doi\":\"10.1109/QRS57517.2022.00068\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Smart contracts are commonly used to build finance-related decentralized applications. If a smart contract vulnerability is exploited by an attacker, the contract owner may suffer financial losses. We focus on a particular class of smart contract vulnerabilities that require a specific sequence of multiple transactions to trigger, which we call multi-transaction sequence vulnerabilities. Due to the combinatorial explosion problem caused by the huge number of possible transaction sequences, the efficiency and scalability for existing security analyzers to detect multi-transaction sequence vulnerabilities are limited. To alleviate the problem, we propose a vulnerability detection approach based on symbolic execution and inter-path data dependency. In the approach, we first traverse paths in a contract, and record read and write operations of each path. Then, we selectively execute paths which are conducive to discovering vulnerabilities during the subsequent detection process according to inter-path data dependencies. By pruning out most paths that are not relevant to vulnerabilities, we improve the efficiency and scalability of detecting multi-transaction sequence vulnerabilities. We evaluate our approach on 442 contracts collected from CVE reports and 104 contracts with Ether leakage and suicide defects. The experimental results show that our approach reaches an average 2x speedup comparing to Mythril.\",\"PeriodicalId\":143812,\"journal\":{\"name\":\"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/QRS57517.2022.00068\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/QRS57517.2022.00068","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Multi-Transaction Sequence Vulnerability Detection for Smart Contracts based on Inter-Path Data Dependency
Smart contracts are commonly used to build finance-related decentralized applications. If a smart contract vulnerability is exploited by an attacker, the contract owner may suffer financial losses. We focus on a particular class of smart contract vulnerabilities that require a specific sequence of multiple transactions to trigger, which we call multi-transaction sequence vulnerabilities. Due to the combinatorial explosion problem caused by the huge number of possible transaction sequences, the efficiency and scalability for existing security analyzers to detect multi-transaction sequence vulnerabilities are limited. To alleviate the problem, we propose a vulnerability detection approach based on symbolic execution and inter-path data dependency. In the approach, we first traverse paths in a contract, and record read and write operations of each path. Then, we selectively execute paths which are conducive to discovering vulnerabilities during the subsequent detection process according to inter-path data dependencies. By pruning out most paths that are not relevant to vulnerabilities, we improve the efficiency and scalability of detecting multi-transaction sequence vulnerabilities. We evaluate our approach on 442 contracts collected from CVE reports and 104 contracts with Ether leakage and suicide defects. The experimental results show that our approach reaches an average 2x speedup comparing to Mythril.