Exploring Machine Learning Techniques for the Detection and Multi-Label Classification of Smart Contract Vulnerabilities
摘要
This study enhances blockchain security by developing a comprehensive machine learning framework that automates the detection and classification of smart contract vulnerabilities. Our main innovation is the systematic transformation of the unlabeled BCCC-VulSCs-2023 dataset into a multi-label classification resource. We achieve this transformation through automated vulnerability labeling using the Oyente tool, which enables the simultaneous detection of seven different types of vulnerabilities. We employ a robust methodology that utilizes traditional machine learning algorithms, including Random Forest, Gradient Boosting, Decision Tree, Logistic Regression, and Gaussian Naive Bayes. This approach is further enhanced by advanced feature selection techniques, such as Recursive Feature Elimination (RFE) and Principal Component Analysis (PCA), along with thorough hyperparameter optimization. Our method demonstrates significant improvements over existing approaches. In binary classification, the optimized Random Forest classifier achieves an accuracy of 92.8% and an F1-score of 92.9% when combined with RFE. Furthermore, it exhibits satisfactory multi-label performance, with a precision of 72.6% across various vulnerability categories. These results highlight the potential of interpretable machine learning models for effective smart contract security auditing. Such models could reduce financial risks and promote trust in the blockchain ecosystem through automated vulnerability assessments.