A Study On The Detection And Identification Of DeFi Application Attacks

The proposal of blockchain has brought new technological developments,especially promoting the hotness of various types of decentralized applications running on smart contracts.Among them,the decentralized finance(De Fi)application based on Ethereum is one of the most economically valuable blockchain-related applications today and has high research value.However,decentralized financial applications are also the most severely attacked area among current blockchain applications,bringing huge economic losses to users and platforms.Existing research on related security issues mainly uses transaction execution detection and smart contract vulnerability analysis,but lacks attack detection methods targeting the characteristics of decentralized financial applications,while the detection range of related research on attacks is narrow and poor in real-time.For this reason,this thesis proposes a method for attack detection and identification,which combines transaction execution and vulnerability analysis,and integrates common features in the attacks to detect and determine attacks on decentralized financial applications at the level of Ethereum virtual machines.Firstly,this thesis proposes the concept of core data structure after studying the common features of various attacks to represent the user’s digital assets at the bytecode level,and based on the Ethereum virtual machine,the process of code execution is mapped to a sequence of opcodes,and the detection is achieved by obtaining the abnormal changes in the digital assets during the code execution.Secondly,this thesis analyzes the causes of anomalous changes in assets.In order to automate the determination of a large number of closed source items involved in the detection that cannot be analyzed manually,this thesis uses an improved LSTM model that includes a pre-interaction mechanism and an attention mechanism,and finally implements the identification of the causes of anomalous changes in digital assets at the smart contract bytecode level through machine learning.In this thesis,by replaying 10 million blocks of data in the Ethereum mainnet,containing about 860 million transactions,a total of 1006702 suspicious transactions are obtained,involving 110 types of De Fi applications and 3312 types of digital tokens.This thesis designs experiments to verify the accuracy of the detection module,and the results show that the accuracy of detecting abnormal asset changes for suspicious transactions reaches 99%.The thesis constructs a relevant dataset for determination model training based on the manual analysis results,and the final obtained model achieves an average accuracy of 90.22%,while the pre-interaction and attention mechanisms used in the paper make the model effectiveness improved.The experimental results show that the attack detection and identification scheme proposed in this thesis achieves better results and is able to achieve detection based on the transaction execution method for De Fi application characteristics,and further achieves differentiation of the causes of abnormal changes in digital assets based on the smart contract vulnerability method to achieve multi-classification detection.