A Study on Smart Contract Vulnerability Detection Based on Transfer Learning

Authors

  • Sayali M. Poojari
  • Swapnil S. Sonawane

Keywords:

Smart Contracts, Vulnerability Classification, Ethereum, Deep Learning, Convolutional Neural Network (CNN), Blockchain, Vulnerabilities Re-entrancy Attacks, Integer Overflow, Denial of Service (DoS)

Abstract

This paper provides an analysis of the security threats which are present in blockchain smart contracts, namely the vulnerabilities that include re-entrancy, integer overflow, denial of service, and access control. Using various detection tools like Mythril, Slither, Oyente, and Securify, along with their limitations (false positives) and emphasizes the need for fortitude in security measures, since only growing levels of awareness will bolster further development of blockchain solutions. It classifies smart contract vulnerabilities using a three-module technique based on data from the Ethereum documentation and the Smart Contract Dataset repository. The method comprises extracting bytecode from Solidity files, creating images, and building three deep learning models: CNN, XCEPTION, and EfficientNet-B2. The Convolutional Neural Network (CNN) is the most effective technique, with an overall accuracy of 71 percent. XCEPTION and EfficientNet-B2 yield similar accuracy rates of 69 and 75 percent, respectively. The work contributes to our understanding of smart contract security and aims to reduce vulnerabilities in Ethereum smart contracts.

Downloads

Download data is not yet available.

References

Abdelaziz, T., Hobor, A., 2023. Smart Learning to Find Dumb Contracts (Extended Version). https://doi.org/10.48550/ARXIV.2304.10726

Cai, J., Li, B., Zhang, J., Sun, X., Chen, B., 2022. Combine Sliced Joint Graph with Graph Neural Networks for Smart Contract Vulnerability Detection. SSRN Journal. https://doi.org/10.2139/ssrn.4074767

Casucci, A., Mazzitelli, C., Tsiplakis, V., D’Arienzo, L., Breschi, L., Ferrari, M., 2023. Digital Impressions in Edentulous Patients: A Systematic Review for Clinical Evidence. Int J Prosthodont 36, 486–497. https://doi.org/10.11607/ijp.7483

Chen, J.V., Chotimapruek, W., Ha, Q.-A., Widjaja, A.E., 2021. Investigating Female Customer’s Impulse Buying in Facebook B2C Social Commerce: An Experimental Study. Contemporary Management Research 17, 65–96. https://doi.org/10.7903/cmr.20448

Clack, C.D., Bakshi, V.A., Braine, L., 2016. Smart Contract Templates: foundations, design landscape and research directions. https://doi.org/10.48550/ARXIV.1608.00771

Eshghie, M., Artho, C., Gurov, D., 2021. Dynamic Vulnerability Detection on Smart Contracts Using Machine Learning, in: Evaluation and Assessment in Software Engineering. Presented at the EASE 2021: Evaluation and Assessment in Software Engineering, ACM, Trondheim Norway, pp. 305–312. https://doi.org/10.1145/3463274.3463348

Fadele Ayotunde Alaba, Hakeem Adewale Sulaimon, Madu Ifeyinwa Marisa, Owamoyo Najeem, 2023. Smart Contracts Security Application and Challenges: A Review. Cloud Computing and Data Science 15–41. https://doi.org/10.37256/ccds.5120233271

Gohil, M.R., Maduskar, S.S., Gajria, V., Mangrulkar, R., 2021. Blockchain and Its Applications in Healthcare:, in: Ben Mnaouer, A., Fourati, L.C. (Eds.), Advances in Information Security, Privacy, and Ethics. IGI Global, pp. 271–294. https://doi.org/10.4018/978-1-7998-5839-3.ch012

He, D., Deng, Z., Zhang, Y., Chan, S., Cheng, Y., Guizani, N., 2020. Smart Contract Vulnerability Analysis and Security Audit. IEEE Network 34, 276–282. https://doi.org/10.1109/MNET.001.1900656

Jiang, B., Liu, Y., Chan, W.K., 2018. ContractFuzzer: fuzzing smart contracts for vulnerability detection, in: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering. Presented at the ASE ’18: 33rd ACM/IEEE International Conference on Automated Software Engineering, ACM, Montpellier France, pp. 259–269. https://doi.org/10.1145/3238147.3238177

Khan, S.N., Loukil, F., Ghedira-Guegan, C., Benkhelifa, E., Bani-Hani, A., 2021. Blockchain smart contracts: Applications, challenges, and future trends. Peer-to-Peer Netw. Appl. 14, 2901–2925. https://doi.org/10.1007/s12083-021-01127-0

Liao, J.-W., Tsai, T.-T., He, C.-K., Tien, C.-W., 2019. SoliAudit: Smart Contract Vulnerability Assessment Based on Machine Learning and Fuzz Testing, in: 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS). Presented at the 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS), IEEE, Granada, Spain, pp. 458–465. https://doi.org/10.1109/IOTSMS48152.2019.8939256

Liu, H., Mohd, Yasin, M., Ruan, Q., 2023. A study on how social media influences on impulsive buying. Expert Systems. https://doi.org/10.1111/exsy.13448

Macrinici, D., Cartofeanu, C., Gao, S., 2018. Smart contract applications within blockchain technology: A systematic mapping study. Telematics and Informatics 35, 2337–2354. https://doi.org/10.1016/j.tele.2018.10.004

Mezina, A., Ometov, A., 2023. Detecting Smart Contract Vulnerabilities with Combined Binary and Multiclass Classification. Cryptography 7, 34. https://doi.org/10.3390/cryptography7030034

Sharad Mangrulkar, R., Vijay Chavan, P., 2024. Ethereum Blockchain, in: Blockchain Essentials. Apress, Berkeley, CA, pp. 123–166. https://doi.org/10.1007/978-1-4842-9975-3_4

Sun, S., Cao, Z., Zhu, H., Zhao, J., 2020. A Survey of Optimization Methods From a Machine Learning Perspective. IEEE Trans. Cybern. 50, 3668–3681. https://doi.org/10.1109/TCYB.2019.2950779

Turakhia, A., Date, C., Correia, C., Mangrulkar, R., Williams, I., Mahalle, P., 2023. Improving Product Traceability and Security in Supply Chain Management using BlockChain, in: 2023 International Conference on Advanced Computing Technologies and Applications (ICACTA). Presented at the 2023 International Conference on Advanced Computing Technologies and Applications (ICACTA), IEEE, Mumbai, India, pp. 1–6. https://doi.org/10.1109/ICACTA58201.2023.10393309

Wohrer, M., Zdun, U., 2018. Smart contracts: security patterns in the ethereum ecosystem and solidity, in: 2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE). Presented at the 2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE), IEEE, Campobasso, pp. 2–8. https://doi.org/10.1109/IWBOSE.2018.8327565

Zhuang, Y., Liu, Z., Qian, P., Liu, Q., Wang, X., He, Q., 2020. Smart Contract Vulnerability Detection using Graph Neural Network, in: Proceedings of the Twenty-Ninth International Joint Conference on Artificial Intelligence. Presented at the Twenty-Ninth International Joint Conference on Artificial Intelligence and Seventeenth Pacific Rim International Conference on Artificial Intelligence {IJCAI-PRICAI-20}, International Joint Conferences on Artificial Intelligence Organization, Yokohama, Japan, pp. 3283–3290. https://doi.org/10.24963/ijcai.2020/454

Downloads

Published

2025-05-31

How to Cite

1.
M. Poojari S, S. Sonawane S. A Study on Smart Contract Vulnerability Detection Based on Transfer Learning. J Neonatal Surg [Internet]. 2025May31 [cited 2025Oct.23];14(7):1007-11. Available from: https://www.jneonatalsurg.com/index.php/jns/article/view/6831