Detection Of Malicious Smart Contract In Ethereum Based On Graph Classification

Ethereum is currently the hottest public blockchain platform.It can not only complete the basic functions of the blockchain,but also support a rich variety of smart contracts.A smart contract is equivalent to a distributed application running on the blockchain.Issuers can use smart contracts to implement various functions in Ethereum.Ethereum also provides a Turing-complete language EVM for developers to implement various business logic.With the development in recent years,the number of smart contracts has exploded.While smart contracts bring convenience to people's work and life,its security issues have also begun to enter people's field of vision.In addition to the security vulnerabilities and network attacks of smart contracts,some smart contracts can bring harm to its users.Most of the current research focuses on smart contract vulnerability mining or vulnerability analysis,etc.,and there is less analysis of malicious behavior of smart contract itself.However,in reality,many criminal acts can use smart contracts as the carrier,and criminals use smart contracts to achieve fund-raising,fraud and other illegal and criminal activities.For ordinary users,there is less information about the smart contract that can be obtained,and it is difficult to distinguish between true and false,and it is also difficult to predict the security of the smart contract before using it.Therefore,some methods are urgently needed to detect and identify these illegal contracts.At present,there are not many researches on anti-fraud and anti-money laundering in Ethereum,and there are few researches on malicious behaviors of smart contracts.The main research is the research on the Ponzi scheme in Ethereum and the method of honeypot contract.At present,many methods rely on the analysis of the source code of the smart contract.However,in reality,most of the smart contracts do not disclose the source code.On the other hand,the data in Ethereum lacks labels,making it difficult to conduct large-scale training,and the accuracy of some methods needs to be improved.To this end,this article mainly focuses on the research of malicious smart contracts that may have illegal behaviors in Ethereum,and mainly discusses the classification and detection methods of two types of malicious contracts of Ponzi scheme smart contracts and air token smart contracts.In this article,on the one hand,on the basis of predecessors,a Ponzi scheme smart contract classification method based on graph neural network is proposed to improve the accuracy of classification;on the other hand,an air token analysis method based on image element estimation is proposed,which makes up for There is a gap in Ethereum air currency detection.The main research content of this paper includes the following three aspects:(1)Ponzi scheme is a very classic fraud method.Nowadays,some criminals have combined this kind of scam and smart contract to form the Ponzi scheme smart contract in Ethereum.The logic function of this type of contract is often different from that of the general contract.This article proposes a method of attribute control flow graph plus graph neural network for this problem.This article disassembles the bytecode of the smart contract in Ethereum,and then uses the jump relationship of the code segment to construct the program control flow graph.This article classifies the instruction functions in the Ethereum virtual machine and counts the number of times each type of instruction appears in the code segment as the attributes of the nodes in the control flow graph.Finally,a message-passing framework is used to construct a graph neural network,and a 9-layer graph neural network is proposed to complete the classification task.Experiments show that this model has a good classification effect and has a certain degree of versatility.(2)Air token smart contract is a kind of token contract in Ethereum.This kind of token often has no entity,and the issuer collects money and swindles under the banner of token.The issuing and trading mode of this kind of token is often different from that of normal token.This paper analyzes the transaction mode of token,and constructs token Ethernet transfer diagram.In this paper,we use the method of graphic element analysis to study the difference of pattern distribution of subgraphs.In this paper,HM sampling algorithm is used to estimate the proportion of each element in the graph,and this is used as the representation vector of the graph to complete the classification task.This paper uses distance weighted KNN algorithm to achieve token classification task.The contract of website closing is regarded as air token contract,and the importance of different elements is analyzed by random forest model.Finally,in the air currency,the trading mode presents a significant star structure,the direction of the edge converges to the center.(3)In order to deploy the analysis algorithm studied in this article,this article introduces the design and implementation of a malicious smart contract detection system.The system is based on the flask framework,the Neo4 j graph database and the go-Ethereum Ethereum client.It can realize the graphical modeling of the Ethereum transaction records,and can realize the user's control of the transaction network,the contract code and the high frequency in the transaction network.Visual display of primitives.