SCScan:基于svm的区块链智能合约漏洞扫描系统

2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) Pub Date : 2020-12-01 DOI:10.1109/TrustCom50675.2020.00221

Xiaohan Hao, Wei Ren, Wenwen Zheng, Tianqing Zhu

{"title":"SCScan:基于svm的区块链智能合约漏洞扫描系统","authors":"Xiaohan Hao, Wei Ren, Wenwen Zheng, Tianqing Zhu","doi":"10.1109/TrustCom50675.2020.00221","DOIUrl":null,"url":null,"abstract":"The application of blockchain has moved beyond cryptocurrencies, to applications such as credentialing and smart contracts. The smart contract allows ones to achieve fair exchange for values without relying on a centralized entity. However, as the smart contract can be automatically executed with token transfers, an attacker can seek to exploit vulnerabilities in smart contracts for illicit profits. Thus, this paper proposes a support vector machine (SVM)-based scanning system for vulnerabilities on smart contracts. Our evaluation on Ethereum demonstrate that we achieve a identification rate of over 90% based on several popular attacks.","PeriodicalId":221956,"journal":{"name":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"SCScan: A SVM-based Scanning System for Vulnerabilities in Blockchain Smart Contracts\",\"authors\":\"Xiaohan Hao, Wei Ren, Wenwen Zheng, Tianqing Zhu\",\"doi\":\"10.1109/TrustCom50675.2020.00221\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The application of blockchain has moved beyond cryptocurrencies, to applications such as credentialing and smart contracts. The smart contract allows ones to achieve fair exchange for values without relying on a centralized entity. However, as the smart contract can be automatically executed with token transfers, an attacker can seek to exploit vulnerabilities in smart contracts for illicit profits. Thus, this paper proposes a support vector machine (SVM)-based scanning system for vulnerabilities on smart contracts. Our evaluation on Ethereum demonstrate that we achieve a identification rate of over 90% based on several popular attacks.\",\"PeriodicalId\":221956,\"journal\":{\"name\":\"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/TrustCom50675.2020.00221\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TrustCom50675.2020.00221","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

摘要

区块链的应用已经超越了加密货币，进入了认证和智能合约等应用领域。智能合约允许人们在不依赖中心化实体的情况下实现公平的价值交换。然而，由于智能合约可以通过令牌传输自动执行，攻击者可以寻求利用智能合约中的漏洞来获取非法利润。为此，本文提出了一种基于支持向量机(SVM)的智能合约漏洞扫描系统。我们对以太坊的评估表明，基于几种流行的攻击，我们实现了超过90%的识别率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

SCScan: A SVM-based Scanning System for Vulnerabilities in Blockchain Smart Contracts

The application of blockchain has moved beyond cryptocurrencies, to applications such as credentialing and smart contracts. The smart contract allows ones to achieve fair exchange for values without relying on a centralized entity. However, as the smart contract can be automatically executed with token transfers, an attacker can seek to exploit vulnerabilities in smart contracts for illicit profits. Thus, this paper proposes a support vector machine (SVM)-based scanning system for vulnerabilities on smart contracts. Our evaluation on Ethereum demonstrate that we achieve a identification rate of over 90% based on several popular attacks.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)

自引率

0.00%

发文量