| With the development of technology,the use of smart contracts is becoming more and more popular,and smart contracts are increasingly used to create and execute high-value business transactions.Blockchain-based smart contracts provide append-only,non-repudiation,and transparency to their execution,preventing double spending or breach of contract.At the same time,like traditional software programs,smart contracts may still contain programming errors or vulnerabilities caused by programmers intentionally or unintentionally.Once deployed to the blockchain,smart contracts with vulnerabilities are irreversible unless they self-destruct.While smart contracts bring credibility advantages,they also bring a certain degree of security risks.Some malicious attackers try to destroy the blockchain ecology through the loopholes in smart contracts,causing system crashes and causing serious economic losses to users.Losses have attracted increasing attention from industry and academia.Therefore,it is imperative to ensure the security of smart contracts through vulnerability detection tools before the early development and deployment of smart contract codes.Existing research on smart contract vulnerability detection methods mainly includes formal analysis methods,hard logic rules defined by experts,static analysis,and dynamic analysis.Traditional detection methods rely heavily on rules defined by experts,resulting in low accuracy and poor scalability,machine learning-based methods cannot effectively capture the grammatical and semantic information contained in smart contracts.With the development of deep learning technology,some studies have proposed to convert source code into graph data and detect vulnerabilities through graph neural network.Due to the novelty and complexity of smart contracts,the method of smart contract vulnerability detection based on deep learning is still lacking.Based on this,this paper applies the graph neural network to the vulnerability detection of smart contracts.The main research contents are as follows:(1)Build a smart contract semantic map.In order to completely preserve the semantic information contained in the smart contract,this paper composes it from two aspects of source code and bytecode.For the smart contract source code,convert it into the corresponding abstract syntax tree AST,CFG and DFG,and add the control flow and data flow to the semantic graph;for the smart contract bytecode data,convert the bytecode into an operation code and Grouped in basic blocks,the control flow in opcodes is added to the semantic graph as control edges.(2)Vectorize the semantic graph of the smart contract.The Fast Text model is used to vectorize the node features,and the One-Hot coding is used to complete the vectorized representation of the edge feature information,and the semantic graph is vectorized to prepare for the subsequent training of the vulnerability detection model.(3)Training graph neural network model.In this paper,the self-attention mechanism is integrated in the graph isomorphic network to learn vulnerability features and detect them.Through training and detection on the collected vulnerability data set,and comparing the existing smart contract vulnerability detection method with the method in this paper,the effectiveness of the scheme in this paper is verified. |
PDF Full Text Request