Research On Smart Contract Vulnerability Detection Method Based On Deep Learning

Blockchain is a decentralized database that realizes remote peer-to-peer value transfer by integrating core technologies such as cryptography,distributed consensus mechanism,and smart contracts.The emergence of blockchain technology provides a reliable execution environment for smart contracts.Smart contracts are computer programs deployed on the blockchain that can be executed automatically.Each network node calls the API interface of smart contracts to enable the Ethernet virtual machine to run the contract code for the execution of smart contracts.Smart contracts have been widely used in a variety of real-world scenarios in recent years,such as healthcare,Internet of Things,finance,supply chain,etc.The high value held by smart contracts in various fields has attracted a large number of hackers to attack them,and the security and reliability of smart contracts have been questioned by frequent security incidents,and the detection of vulnerabilities in smart contracts has become an urgent problem in blockchain security.A large number of researchers have studied this issue and obtained some results,but most of the existing methods have the disadvantages of single feature type,few detection categories,and high false alarm rate.To address these problems,this paper conducts an in-depth study of smart contract vulnerability detection technology based on deep learning.The main research contents of the paper are as follows:(1)In order to solve the problem of single feature type extracted by existing machine learning-based smart contract vulnerability detection methods,a hybrid feature extraction method that incorporates smart contract source code and opcode is proposed.The source code is transformed into an abstract syntax tree that can better represent the internal logic structure of the code,the path context vector is extracted by analyzing the path information of the abstract syntax tree,and then the high-dimensional path context features are compressed and aggregated using the fully connected layer and the attention layer network to extract the source code features,respectively.At the same time,the simplified opcodes are extracted by Word2 Vec model.Finally,the hybrid feature matrix of the smart contract is obtained by connecting the source code features and the opcode features.The results of the comparison with other four feature extraction methods on our constructed dataset show that the hybrid feature extraction method has the best performance in all metrics compared to other methods.(2)Most of the existing smart contract vulnerability detection methods perform binary operation,which can only achieve one kind of vulnerability identification,and the identification accuracy is low.However,in reality,a smart contract may contain multiple vulnerabilities,so the vulnerability detection of smart contracts is a multi-label learning problem.In this paper,we propose a multi-label vulnerability detection model combining Bidirectional Long ShortTerm Memory(Bi-LSTM)and attention mechanism,in which the Bi-LSTM layer is responsible for achieving further semantic information extraction before and after features on the hybrid feature matrix,and the attention layer weights the important features processing,which enhances the generalization ability of the model.The experimental results show that the model has the best overall performance among all the compared models and achieves the goal of detecting multiple vulnerabilities at the same time,which proves the effectiveness of the proposed model for multiple vulnerability detection tasks of smart contracts.