Smart contracts are now a key element in decentralized applications, facilitating automated and trustless execution of agreements within blockchain ecosystems. However, these contracts remain susceptible to various security vulnerabilities, particularly reentrancy attacks, underscoring the need for effective detection mechanisms. In this paper, we propose a novel hybrid machine learning (ML) approach for detecting reentrancy vulnerabilities in smart contracts. To label the smart contracts for the presence of vulnerabilities, we utilized two widely recognized vulnerability detection tools, Oyente and Securify, ensuring accurate and consistent classification. Our method integrates Long Short-Term Memory (LSTM) networks, which capture long-range dependencies within the tokenized and embedded smart contract code using Word2Vec, and N-gram analysis, which extracts opcode-level execution patterns. Additionally, Synthetic Minority Over-sampling Technique (SMOTE) is applied to address class imbalance. By combining these feature extraction techniques, the model captures both sequential and operational aspects of the contracts. The fused features are then classified using XGBoost, achieving an accuracy of 92.06%, with a sensitivity of 93.50% and a specificity of 92.86%.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Hybrid N-Gram and LSTM Feature-Based Model for Detecting Smart Contract Vulnerabilities

  • G. Shankar,
  • M. Nandhini

摘要

Smart contracts are now a key element in decentralized applications, facilitating automated and trustless execution of agreements within blockchain ecosystems. However, these contracts remain susceptible to various security vulnerabilities, particularly reentrancy attacks, underscoring the need for effective detection mechanisms. In this paper, we propose a novel hybrid machine learning (ML) approach for detecting reentrancy vulnerabilities in smart contracts. To label the smart contracts for the presence of vulnerabilities, we utilized two widely recognized vulnerability detection tools, Oyente and Securify, ensuring accurate and consistent classification. Our method integrates Long Short-Term Memory (LSTM) networks, which capture long-range dependencies within the tokenized and embedded smart contract code using Word2Vec, and N-gram analysis, which extracts opcode-level execution patterns. Additionally, Synthetic Minority Over-sampling Technique (SMOTE) is applied to address class imbalance. By combining these feature extraction techniques, the model captures both sequential and operational aspects of the contracts. The fused features are then classified using XGBoost, achieving an accuracy of 92.06%, with a sensitivity of 93.50% and a specificity of 92.86%.