Software Weakness Detection in Solidity Smart Contracts Using Control and Data Flow Analysis: A Novel Approach with Graph Neural Networks

Smart contracts on blockchain platforms are susceptible to security issues that can lead to significant financial losses. This study converts the Solidity code into abstract syntax trees and generates control flow graphs and data flow graphs. These graphs train a graph convolutional network model to...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	Electronics (Basel) 2024-08, Vol.13 (16), p.3162
Hauptverfasser:	Seo, Aria, Kim, Young-Tak, Yang, Ji Seok, Lee, YangSun, Son, Yunsik
Format:	Artikel
Sprache:	eng
Schlagworte:	Artificial intelligence Artificial neural networks Blockchain Contracts Data analysis Data flow analysis Data integrity Energy consumption Flow graphs Graph neural networks Graphs Investment analysis Neural networks Programming languages Robust control Security Software Trees (mathematics)
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

Beschreibung
Zusammenfassung:	Smart contracts on blockchain platforms are susceptible to security issues that can lead to significant financial losses. This study converts the Solidity code into abstract syntax trees and generates control flow graphs and data flow graphs. These graphs train a graph convolutional network model to detect security weaknesses. The proposed system outperforms traditional tools, achieving higher accuracy, recall, precision, and F1 scores when detecting weaknesses such as integer overflow/underflow, reentrancy, delegate call to the untrusted callee, and time-based issues. This study demonstrates that leveraging control and data flow analysis with graph neural networks significantly enhances smart contract security and provides a robust and reliable solution.
ISSN:	2079-9292 2079-9292
DOI:	10.3390/electronics13163162