Research On Smart Contract Vulnerability Detection Based On Fuzz And Deep Reinforcement Learning

With the widespread adoption of smart contracts,smart contracts from various fields now hold virtual currencies worth more than one trillion US dollars,and have led to a large number of security attacks.Due to the automation,immutability,and decentralization of smart contracts,security audits are required before deploying them to reduce the occurrence of vulnerabilities.Current research on smart contract vulnerability detection mainly includes static and dynamic detection methods,but static detection methods have the problem of high false positive rates,while dynamic detection methods,such as fuzz testing,have not fully considered the characteristics of smart contracts.Therefore,the problem of smart contract vulnerability detection has become a focus of research and practical work in the field of blockchain security.There are still several problems with using fuzz testing for smart contract vulnerability detection:(1)too much testing cost is spent around the initial state of the contract,so vulnerabilities triggered by deep states cannot be discovered;(2)it tends to randomly generate function call sequences,ignoring the data dependency between functions;(3)it does not consider the relationship between the function call sequence and the branch conditions,resulting in a low probability of seeds entering the target branch.Considering the importance and challenges of smart contract vulnerability detection,the efficiency of fuzz testing technology for detecting vulnerabilities,and the excellent learning ability of deep reinforcement learning models,this paper adopts a deep reinforcement learningbased dynamic detection scheme for smart contract vulnerabilities based on fuzz testing.The main contributions of this paper are as follows:(1)A smart contract fuzz testing method is designed and implemented by combining the characteristics of smart contracts,and the seed format,seed selection module,and seed mutation module are redefined.(2)A multi-level coverage strategy is designed and implemented to comprehensively consider the function coverage,condition coverage,and data coverage during seed execution,more accurately describing the seed execution process.(3)A deep reinforcement learning model for selecting mutation strategies is designed and implemented,and the automated process of the fuzz testing method is designed based on the training process of the deep reinforcement learning model.This paper implements a smart contract vulnerability detection method MCSCF based on fuzz testing and deep reinforcement learning,and evaluates the effectiveness of MCSCF through 25 CVE platform-vulnerable contracts and 7,536 smart contracts published on the Ethereum platform.The experimental results show that:(i)When MCSCF is used for vulnerability search experiments using contracts published on Ethereum,it detects 14.8% more vulnerable contracts than the current mainstream tool s Fuzz;(ii)MCSCF has an 8% higher coverage rate than s Fuzz in detecting integer overflow and bad random source dependency vulnerabilities in CVE-vulnerable contracts;(iii)Through hyperparameter analysis experiments and ablation experiments,the effectiveness of the hyperparameter settings,the designed multilevel coverage strategy,and the deep reinforcement learning model in MCSCF are verified.