A Study on Smart Contract Vulnerability Detection Based on Transfer Learning
Keywords:
Smart Contracts, Vulnerability Classification, Ethereum, Deep Learning, Convolutional Neural Network (CNN), Blockchain, Vulnerabilities Re-entrancy Attacks, Integer Overflow, Denial of Service (DoS)Abstract
This paper provides an analysis of the security threats which are present in blockchain smart contracts, namely the vulnerabilities that include re-entrancy, integer overflow, denial of service, and access control. Using various detection tools like Mythril, Slither, Oyente, and Securify, along with their limitations (false positives) and emphasizes the need for fortitude in security measures, since only growing levels of awareness will bolster further development of blockchain solutions. It classifies smart contract vulnerabilities using a three-module technique based on data from the Ethereum documentation and the Smart Contract Dataset repository. The method comprises extracting bytecode from Solidity files, creating images, and building three deep learning models: CNN, XCEPTION, and EfficientNet-B2. The Convolutional Neural Network (CNN) is the most effective technique, with an overall accuracy of 71 percent. XCEPTION and EfficientNet-B2 yield similar accuracy rates of 69 and 75 percent, respectively. The work contributes to our understanding of smart contract security and aims to reduce vulnerabilities in Ethereum smart contracts.
Downloads
References
Abdelaziz, T., Hobor, A., 2023. Smart Learning to Find Dumb Contracts (Extended Version). https://doi.org/10.48550/ARXIV.2304.10726
Cai, J., Li, B., Zhang, J., Sun, X., Chen, B., 2022. Combine Sliced Joint Graph with Graph Neural Networks for Smart Contract Vulnerability Detection. SSRN Journal. https://doi.org/10.2139/ssrn.4074767
Casucci, A., Mazzitelli, C., Tsiplakis, V., D’Arienzo, L., Breschi, L., Ferrari, M., 2023. Digital Impressions in Edentulous Patients: A Systematic Review for Clinical Evidence. Int J Prosthodont 36, 486–497. https://doi.org/10.11607/ijp.7483
Chen, J.V., Chotimapruek, W., Ha, Q.-A., Widjaja, A.E., 2021. Investigating Female Customer’s Impulse Buying in Facebook B2C Social Commerce: An Experimental Study. Contemporary Management Research 17, 65–96. https://doi.org/10.7903/cmr.20448
Clack, C.D., Bakshi, V.A., Braine, L., 2016. Smart Contract Templates: foundations, design landscape and research directions. https://doi.org/10.48550/ARXIV.1608.00771
Eshghie, M., Artho, C., Gurov, D., 2021. Dynamic Vulnerability Detection on Smart Contracts Using Machine Learning, in: Evaluation and Assessment in Software Engineering. Presented at the EASE 2021: Evaluation and Assessment in Software Engineering, ACM, Trondheim Norway, pp. 305–312. https://doi.org/10.1145/3463274.3463348
Fadele Ayotunde Alaba, Hakeem Adewale Sulaimon, Madu Ifeyinwa Marisa, Owamoyo Najeem, 2023. Smart Contracts Security Application and Challenges: A Review. Cloud Computing and Data Science 15–41. https://doi.org/10.37256/ccds.5120233271
Gohil, M.R., Maduskar, S.S., Gajria, V., Mangrulkar, R., 2021. Blockchain and Its Applications in Healthcare:, in: Ben Mnaouer, A., Fourati, L.C. (Eds.), Advances in Information Security, Privacy, and Ethics. IGI Global, pp. 271–294. https://doi.org/10.4018/978-1-7998-5839-3.ch012
He, D., Deng, Z., Zhang, Y., Chan, S., Cheng, Y., Guizani, N., 2020. Smart Contract Vulnerability Analysis and Security Audit. IEEE Network 34, 276–282. https://doi.org/10.1109/MNET.001.1900656
Jiang, B., Liu, Y., Chan, W.K., 2018. ContractFuzzer: fuzzing smart contracts for vulnerability detection, in: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering. Presented at the ASE ’18: 33rd ACM/IEEE International Conference on Automated Software Engineering, ACM, Montpellier France, pp. 259–269. https://doi.org/10.1145/3238147.3238177
Khan, S.N., Loukil, F., Ghedira-Guegan, C., Benkhelifa, E., Bani-Hani, A., 2021. Blockchain smart contracts: Applications, challenges, and future trends. Peer-to-Peer Netw. Appl. 14, 2901–2925. https://doi.org/10.1007/s12083-021-01127-0
Liao, J.-W., Tsai, T.-T., He, C.-K., Tien, C.-W., 2019. SoliAudit: Smart Contract Vulnerability Assessment Based on Machine Learning and Fuzz Testing, in: 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS). Presented at the 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS), IEEE, Granada, Spain, pp. 458–465. https://doi.org/10.1109/IOTSMS48152.2019.8939256
Liu, H., Mohd, Yasin, M., Ruan, Q., 2023. A study on how social media influences on impulsive buying. Expert Systems. https://doi.org/10.1111/exsy.13448
Macrinici, D., Cartofeanu, C., Gao, S., 2018. Smart contract applications within blockchain technology: A systematic mapping study. Telematics and Informatics 35, 2337–2354. https://doi.org/10.1016/j.tele.2018.10.004
Mezina, A., Ometov, A., 2023. Detecting Smart Contract Vulnerabilities with Combined Binary and Multiclass Classification. Cryptography 7, 34. https://doi.org/10.3390/cryptography7030034
Sharad Mangrulkar, R., Vijay Chavan, P., 2024. Ethereum Blockchain, in: Blockchain Essentials. Apress, Berkeley, CA, pp. 123–166. https://doi.org/10.1007/978-1-4842-9975-3_4
Sun, S., Cao, Z., Zhu, H., Zhao, J., 2020. A Survey of Optimization Methods From a Machine Learning Perspective. IEEE Trans. Cybern. 50, 3668–3681. https://doi.org/10.1109/TCYB.2019.2950779
Turakhia, A., Date, C., Correia, C., Mangrulkar, R., Williams, I., Mahalle, P., 2023. Improving Product Traceability and Security in Supply Chain Management using BlockChain, in: 2023 International Conference on Advanced Computing Technologies and Applications (ICACTA). Presented at the 2023 International Conference on Advanced Computing Technologies and Applications (ICACTA), IEEE, Mumbai, India, pp. 1–6. https://doi.org/10.1109/ICACTA58201.2023.10393309
Wohrer, M., Zdun, U., 2018. Smart contracts: security patterns in the ethereum ecosystem and solidity, in: 2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE). Presented at the 2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE), IEEE, Campobasso, pp. 2–8. https://doi.org/10.1109/IWBOSE.2018.8327565
Zhuang, Y., Liu, Z., Qian, P., Liu, Q., Wang, X., He, Q., 2020. Smart Contract Vulnerability Detection using Graph Neural Network, in: Proceedings of the Twenty-Ninth International Joint Conference on Artificial Intelligence. Presented at the Twenty-Ninth International Joint Conference on Artificial Intelligence and Seventeenth Pacific Rim International Conference on Artificial Intelligence {IJCAI-PRICAI-20}, International Joint Conferences on Artificial Intelligence Organization, Yokohama, Japan, pp. 3283–3290. https://doi.org/10.24963/ijcai.2020/454
Downloads
Published
How to Cite
Issue
Section
License

This work is licensed under a Creative Commons Attribution 4.0 International License.
You are free to:
- Share — copy and redistribute the material in any medium or format
- Adapt — remix, transform, and build upon the material for any purpose, even commercially.
Terms:
- Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
- No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.