Research And Implementation Of Smart Contract Vulnerability Detection Based On Machine Learning

Smart contracts based on Ethereum have received a lot of attention in recent years.Due to the neglect of the security of smart contracts in the early stage,various security vulnerabilities also appeared,which resulted in economic losses of up to tens of billions and destroyed the ecological stability of the contract layer on the blockchain.Therefore,how to detect contract loopholes effectively and efficiently has become a new but crucial problem.Today's intelligent automation contract audit method,has better performance in accuracy and universality,but its due to the complexity of analysis methods,detection time is relatively long,and to some extent,can't get rid of experts and scholars and the technology level of developers and code audit experience,the dependence of low degree of automation.With the continuous expansion of the scale of smart contract,the existing smart contract audit technology can no longer meet the requirements in terms of scale,efficiency and scalability.In this paper,we pay more attention to the efficiency and automation of the smart contract code audit method,and propose a method to detect blockchain smart contract vulnerabilities using machine learning technology.The main research results of this paper are as follows:(1)Inspired by natural language processing(NLP),the Angle methods of feature vector-quantization,feature extraction and natural language text classification of word embedding in NLP scenes are extended to smart contract vulnerability detection.Based on the research of contract binary bytecode preprocessing and word embedding technology,a feature vectorial model based on smart contract bytecode level is proposed to preliminarily construct feature vectors containing context relations in opcode instruction sequences from contract binary bytecode.Based on the specific scene of smart contract code,the corresponding deactivation table and the analysis method of sensitive word segmentation are proposed,and the vectorization model of word frequency statistics in the global scope is introduced to establish the mapping table between opcodes and feature vectors.(2)Through the study of machine learning technology,the improved ATT-TextCNN feature extraction and classification model is proposed.In view of the problem that TextCNN is easy to overfit,the model is adjusted to improve the overfitting problem by adding dropout mechanism and expanding the parameters of pooling layer.Based on text convolutional neural network(TextCNN)and Attention Mechanism,an improved ATT-TextCNN model was proposed to realize the classification detection of smart contract vulnerability code text.To realize the further feature extraction of opcode sequence and the realization of vulnerability classification.The application of Chinese text classification algorithm in NLP field to smart contract vulnerability detection field is realized.(3)We train the model with a dataset of real-world smart contracts running on Ethereum and evaluate the model.Experimental results show that the method is effective and efficient.In this paper,machine learning technology is used to realize the rapid detection of smart contract code and reduce the need for expert manpower.At the same time,we adjust the threshold value of the model to reduce the missing rate,so that it can be used as a fast pre-filter of the traditional symbolic analysis tools.Combined with the traditional automatic audit method,the detection speed can be improved under the premise of maintaining high accuracy.