<p>The security vulnerabilities in smart contracts can potentially lead to severe economic losses, making the effective detection and prevention of these vulnerabilities a critical issue that urgently needs to be addressed. Existing deep learning methods mainly rely on single-dimensional analysis of smart contract source code, which struggles to comprehensively capture the complex semantic and structural information of contracts, resulting in low accuracy in vulnerability detection. To address this, this paper proposes BGSCVul, a smart contract vulnerability detection method that combines semantic features and graph features. Firstly, by analyzing the data flow and control flow graphs of smart contracts, critical graph structural information is extracted. Subsequently, multi-scale residual graph convolution networks (MSR-GCN) were utilized to extract graph features. Meanwhile, the source code of the smart contracts is converted into an input stream, normalized, and then subjected to word-segmentation processing. Following this, a Fully Connected Feedforward Neural Network (FFNN) is used to extract key semantic information. Finally, the graph features and semantic features are fused to form the final detection vector, which is then fed into a Sigmoid classifier to generate the final detection result. This paper conducts performance tests on multiple standard datasets. The test results demonstrate that BGSCVul improves accuracy by approximately 3–10% compared to existing methods, demonstrating its effectiveness in the vulnerability detection of smart contracts.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

BGSCVul: a hybrid graph-semantic approach for smart contract vulnerability detection

  • Jing Long,
  • Zhifei Yan,
  • Xin Tang,
  • Ruxin Chen,
  • Kuanching Li

摘要

The security vulnerabilities in smart contracts can potentially lead to severe economic losses, making the effective detection and prevention of these vulnerabilities a critical issue that urgently needs to be addressed. Existing deep learning methods mainly rely on single-dimensional analysis of smart contract source code, which struggles to comprehensively capture the complex semantic and structural information of contracts, resulting in low accuracy in vulnerability detection. To address this, this paper proposes BGSCVul, a smart contract vulnerability detection method that combines semantic features and graph features. Firstly, by analyzing the data flow and control flow graphs of smart contracts, critical graph structural information is extracted. Subsequently, multi-scale residual graph convolution networks (MSR-GCN) were utilized to extract graph features. Meanwhile, the source code of the smart contracts is converted into an input stream, normalized, and then subjected to word-segmentation processing. Following this, a Fully Connected Feedforward Neural Network (FFNN) is used to extract key semantic information. Finally, the graph features and semantic features are fused to form the final detection vector, which is then fed into a Sigmoid classifier to generate the final detection result. This paper conducts performance tests on multiple standard datasets. The test results demonstrate that BGSCVul improves accuracy by approximately 3–10% compared to existing methods, demonstrating its effectiveness in the vulnerability detection of smart contracts.