CN110866255A - Intelligent contract vulnerability detection method - Google Patents
Intelligent contract vulnerability detection method Download PDFInfo
- Publication number
- CN110866255A CN110866255A CN201911080006.3A CN201911080006A CN110866255A CN 110866255 A CN110866255 A CN 110866255A CN 201911080006 A CN201911080006 A CN 201911080006A CN 110866255 A CN110866255 A CN 110866255A
- Authority
- CN
- China
- Prior art keywords
- intelligent contract
- overflow
- arithmetic
- input data
- judging
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
Abstract
The invention provides an intelligent contract vulnerability detection method, and relates to the technical field of block chains. The method comprises the steps of slicing input data for calling an intelligent contract into a plurality of data units, and marking each data unit as a stain; in the running process of the intelligent contract, tracking the marked stain on an EVM layer; judging whether the tracked stain participates in arithmetic operation or not, and if not, judging that the intelligent contract is safe; if yes, further judging whether the result of the arithmetic operation overflows, if not, judging that the intelligent contract has a potential arithmetic overflow vulnerability, calling the input data of the intelligent contract to generate new input data, and judging again; if overflow occurs, further judging whether the overflow of the result of the arithmetic operation is protected; and finally judging whether the intelligent contract is safe or not according to the judgment result. The method can be used for monitoring the block chain system and finding the intelligent contract with the security vulnerability in time.
Description
Technical Field
The invention relates to the technical field of block chains, in particular to an intelligent contract vulnerability detection method.
Background
The Block chain technology is a new application mode of computer technologies such as distributed computing, a P2P network, cryptography, a consensus mechanism and the like, data are combined into blocks (Block) in a Transaction (Transaction) form and are connected in a chain structure to form consensus in the distributed network. Due to the characteristics of tamper resistance, traceability and the like, the method has attracted wide attention and application in numerous fields such as finance, credit investigation, product traceability and the like.
Intelligent contracts are executable code on a blockchain through which developers can implement complex functionality. Intelligent contracts run in specific environments, of which Ethernet Virtual Machine (EVM) is the most common one, and are applied to many block chain platforms such as ethernet, superhedger Burrow, etc.
Since the data unit is fixed to 256 bits in the EVM, bits out of the range of the data unit are directly discarded when an arithmetic operation is performed, thereby causing an arithmetic overflow problem. For example, the american chain (BecToken) suffered an arithmetic overflow attack in 2018, month 4, resulting in two malicious accounts being wrongly ported to a large number of tokens.
The SafeMath function library is the most common protection mechanism at present, and the intelligent contract is protected by checking the results of arithmetic operations such as addition, subtraction, multiplication and the like, and exception is thrown out when arithmetic overflow occurs, so that the wrong operation result is avoided.
The existing detection method and tools for the intelligent contract overflow vulnerability are few, and the method mainly comprises the following steps:
oyente, by the university of national Singapore, detects vulnerabilities through a symbol-based execution method. For the detection of arithmetic overflow holes, Oyente has the following disadvantages: (1) only the intelligent contract of the active code can be detected, and the closed-source intelligent contract cannot be detected; (2) the SafeMath library of functions cannot be identified, thus resulting in a large number of false positives.
SmartCheck, introduced by the university of Lusenberg and Russian SmartDec corporation, detects arithmetic spillover vulnerabilities through a method of feature matching. SmartCheck suffers from the following disadvantages: (1) matching can only be performed at the source code level; (2) the feature matching condition is too simple, and the false alarm rate is extremely high; (3) input data that may trigger a vulnerability cannot be provided.
In arithmetic overflow vulnerability detection, the following difficulties mainly exist:
1. because a large number of intelligent contracts are closed-source, namely source codes are not disclosed, detection needs to be carried out at a binary system level;
2. due to the existence of the SafeMath mechanism, a large amount of false reports are caused, so that the detection is needed;
3. there is a need to trigger potential vulnerabilities, i.e., smart contracts that have never been attacked historically, and there may also be vulnerabilities that need to be detected and provided input data that can trigger the vulnerabilities.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide an intelligent contract vulnerability detection method aiming at the deficiencies of the prior art, so as to achieve the purposes of being able to detect arithmetic overflow vulnerability at the source code and binary system level, being able to automatically generate input data capable of triggering vulnerability, having a lower false alarm rate, etc.
In order to solve the technical problems, the technical scheme adopted by the invention is as follows: an intelligent contract vulnerability detection method comprises the following steps:
step 1, taking input data of an intelligent contract and a calling intelligent contract as input of an intelligent contract vulnerability detection method, judging whether the intelligent contract is a source code, if so, compiling the intelligent contract into a binary system, and then executing step 2, otherwise, directly executing step 2;
step 2, slicing input data for calling the intelligent contract into a plurality of data units, and marking each data unit as a stain;
step 3, tracking a stain transmission process; in the process of running the intelligent contract, marked stains are tracked in an EVM layer, namely: when the EVM operates the data marked as the taint, synchronously operating the taint; when the taint participates in the operation, the operation result is marked as the taint;
step 4, when tracking that stains participate in arithmetic operation, if the result of the arithmetic operation overflows, executing step 5; if the result of the arithmetic operation does not overflow, judging that the intelligent contract has a potential arithmetic overflow vulnerability, and executing the step 6;
step 5, identifying a protection mechanism; matching the non-running codes in the intelligent contract through the binary code features of the SafeMath function library, and if the non-running codes are matched, protecting overflow of the arithmetic operation result; if not, the overflow of the result of the arithmetic operation there is unprotected; judging whether the input data for calling the intelligent contract is generated in the step 6, if so, continuing to judge according to the step 6, and if not, executing the step 8;
step 6, triggering potential bugs; for potential arithmetic overflow loopholes, sequentially setting each data unit of input data for calling the intelligent contract as 0 and a maximum value to generate new input data, and then, for each newly generated input data, re-executing the steps 1-5 and collecting detection results; if at least 1 result in the detection results is unprotected arithmetic overflow, judging that the intelligent sum is about triggerable potential arithmetic overflow, otherwise, judging that the intelligent sum is triggerable potential arithmetic overflow;
step 7, if no stain participates in arithmetic operation until the operation of the intelligent contract is finished, the intelligent contract is safe; judging whether the input data for calling the intelligent contract is generated in the step 6, if so, continuing to judge according to the step 6, and if not, executing the step 8;
step 8, for the intelligent contract of unprotected arithmetic overflow and triggerable potential arithmetic overflow, judging that the intelligent contract is unsafe, and giving input data capable of triggering overflow; and judging that the intelligent contract is safe for the intelligent contract which has no taint to participate in arithmetic operation, protected arithmetic overflow and potential arithmetic overflow which is not triggered.
Adopt the produced beneficial effect of above-mentioned technical scheme to lie in: according to the intelligent contract vulnerability detection method, the taint propagation process is tracked, the protection mechanism is identified, the potential vulnerability is triggered and the arithmetic overflow vulnerability in the intelligent contract is detected through the dynamic analysis on the EVM layer. Since the detection is performed at the EVM level, it is possible to detect both smart contracts that provide source code and smart contracts that are closed source. Since the implementation mode of the SafeMath mechanism is very limited, and the features can be enumerated, the false alarm rate can be greatly reduced by identifying the features. After the potential overflow vulnerability is found, the potential vulnerability can be effectively triggered by generating new input data, and corresponding input data is provided. The method can be applied to the field of intelligent contract security audit, guides developers to repair security vulnerabilities of intelligent contracts in the development and test processes, can also be used for monitoring the block chain system, finds intelligent contracts with security vulnerabilities in time, gives early warning to risks, and plays an important role in improving the security of the block chain intelligent contracts.
Drawings
FIG. 1 is a diagram of an intelligent contract in the form of 3 source codes provided by an embodiment of the present invention;
fig. 2 is a schematic process diagram of an intelligent contract vulnerability detection method according to an embodiment of the present invention.
Detailed Description
The following detailed description of embodiments of the present invention is provided in connection with the accompanying drawings and examples. The following examples are intended to illustrate the invention but are not intended to limit the scope of the invention.
In this embodiment, as an example, the combination of the three intelligent contracts sample1, sample2, sample3 and the corresponding input data shown in fig. 1 is used, and the intelligent contract vulnerability detection method of the present invention is used to perform vulnerability detection on the three intelligent contracts.
An intelligent contract vulnerability detection method is shown in fig. 2, and comprises the following steps:
step 1, taking an intelligent contract and input data (usually contained in a transaction) for calling the intelligent contract as the input of an intelligent contract vulnerability detection method, judging whether the intelligent contract is a source code, if so, compiling the intelligent contract into a binary system, and then executing step 2, otherwise, directly executing step 2;
step 2, slicing input data for calling the intelligent contract into a plurality of data units, and marking each data unit as a stain;
in this embodiment, the format of the input data is 32-bit function signature and a plurality of 256-bit input parameters. In the input data of the intelligent contract Sample1, expressed in a 16-system form, 0xb3de648b is a function signature, and 0x0000000000000000000000000000000000000000000000000000000000000000 is an input parameter a. In the intelligent contract Sample2, input data 0 xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffb is an input parameter a, and input data 0x 000000000000000000000000000000000001 is an input parameter b. In the intelligent contract Sample3, the input data:
0x 00000000000000000000000000000000000000000000000000000000000000000001 is the input parameter a, and 0x 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000001 is the input parameter b. . Each input parameter is marked as a taint in the EVM.
Step 3, tracking a stain transmission process; in the process of running the intelligent contract, the taint is tracked on an EVM layer, namely: when the EVM operates the data marked as the taint, synchronously operating the taint; when a taint participates in an operation, the result of the operation is also marked as taint. For example, when running the DUP1 instruction in an intelligent contract, the EVM copies the data at the top of the stack to a copy and pushes it on the top of the stack. Meanwhile, if the stack top data is a taint, the data pressed into the stack top after copying is also a taint, otherwise the data pressed into the stack top after copying is not a taint.
Step 4, when tracking that stains participate in arithmetic operation, if the result of the arithmetic operation overflows, executing step 5; if the result of the arithmetic operation does not overflow, judging that the intelligent contract has a potential arithmetic overflow vulnerability, and executing the step 6;
in this embodiment, in the intelligent contract Sample2, the action 256 c is operated as a + b; in the corresponding ADD instruction, since a and b participating in the operation are both dirty and the operation result is 0, an overflow occurs, and step 7 is executed. In the intelligent contract Sample3, run to return a + b; in the corresponding ADD instruction, although the taint participates in the calculation, the operation result is 2, and no overflow occurs, so that step 6 is executed. In this step, besides the ADD instruction, the SUB, MUL, EXP, ADDMOD, MULMOD may all overflow.
Step 5, identifying a protection mechanism; matching the non-running codes in the intelligent contract through the binary code features of the SafeMath function library, and if the non-running codes are matched, protecting overflow of the arithmetic operation result; if not, the overflow of the result of the arithmetic operation there is unprotected; judging whether the input data for calling the intelligent contract is generated in the step 6, if so, continuing to judge according to the step 6, and if not, executing the step 8;
in this embodiment, after the overflow occurs in the intelligent contract Sample2, the overflow is protected because the overflow matches the feature of SafeMath (i.e., require (c ═ a); corresponding binary), and step 8 is executed.
Step 6, triggering potential bugs; for a potential arithmetic overflow vulnerability, sequentially setting each data unit of input data for calling an intelligent contract to be 0 and a maximum value (namely 256 bits are all 1), generating new input data, then executing the steps 1-5 again for each newly generated input data, and collecting a detection result; if at least 1 result in the detection results is unprotected arithmetic overflow, judging that the intelligent sum is about triggerable potential arithmetic overflow, otherwise, judging that the intelligent sum is triggerable potential arithmetic overflow;
in this embodiment, the intelligent contract Sample3 generates
0x13d1aa2e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000、
0x13d1aa2effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000000000000000000000000000000000000000000000000000、
0x13d1aa2e0000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff、
0x13d1aa2effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
Four sets of input data, and steps 1-5 are performed on the four sets of input data, the first three sets each being a potential arithmetic overflow and the fourth set being an unprotected arithmetic overflow. After the test results are collected, the sum is determined to be about a potential arithmetic overflow that can be triggered.
Step 7, if no stain participates in arithmetic operation until the operation of the intelligent contract is finished, the intelligent contract is safe; judging whether the input data for calling the intelligent contract is generated in the step 6, if so, continuing to judge according to the step 6, and if not, executing the step 8;
in this embodiment, no taint in the intelligent contract Sample1 participates in the arithmetic operation, so the intelligent contract is safe to execute step 8.
Step 8, for the intelligent contract of unprotected arithmetic overflow and triggerable potential arithmetic overflow, judging that the intelligent contract is unsafe, and giving input data capable of triggering overflow; and judging that the intelligent contract is safe for the intelligent contract which has no taint to participate in arithmetic operation, protected arithmetic overflow and potential arithmetic overflow which is not triggered.
Therefore, in the present embodiment, Sample1 and Sample2 are determined to be safe, and Sample3 is determined to be unsafe, and a detection report is generated based on the detection result. In this embodiment, the input data and the detection results of vulnerability detection on the three intelligent contracts in fig. 2 are shown in table 1:
table 1 input data and detection result for vulnerability detection of three intelligent contracts
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; such modifications and substitutions do not depart from the spirit of the corresponding technical solutions and scope of the present invention as defined in the appended claims.
Claims (2)
1. An intelligent contract vulnerability detection method is characterized by comprising the following steps: the method comprises the following steps:
step 1, taking input data of an intelligent contract and a calling intelligent contract as input of an intelligent contract vulnerability detection method, judging whether the intelligent contract is a source code, if so, compiling the intelligent contract into a binary system, and then executing step 2, otherwise, directly executing step 2;
step 2, slicing input data for calling the intelligent contract into a plurality of data units, and marking each data unit as a stain;
step 3, tracking a stain transmission process; in the running process of the intelligent contract, tracking the marked stain on an EVM layer;
step 4, when tracking that stains participate in arithmetic operation, if the result of the arithmetic operation overflows, executing step 5; if the result of the arithmetic operation does not overflow, judging that the intelligent contract has a potential arithmetic overflow vulnerability, and executing the step 6;
step 5, identifying a protection mechanism; matching the non-running codes in the intelligent contract through the binary code features of the SafeMath function library, and if the non-running codes are matched, protecting overflow of the arithmetic operation result; if not, the overflow of the result of the arithmetic operation there is unprotected; judging whether the input data for calling the intelligent contract is generated in the step 6, if so, continuing to judge according to the step 6, and if not, executing the step 8;
step 6, triggering potential bugs; for potential arithmetic overflow loopholes, sequentially setting each data unit of input data for calling the intelligent contract as 0 and a maximum value, and then, for each generated input data, re-executing the steps 1-5 and collecting detection results; if at least 1 result in the detection results is unprotected arithmetic overflow, judging that the intelligent sum is about triggerable potential arithmetic overflow, otherwise, judging that the intelligent sum is triggerable potential arithmetic overflow;
step 7, if no stain participates in arithmetic operation until the operation of the intelligent contract is finished, the intelligent contract is safe; judging whether the input data for calling the intelligent contract is generated in the step 6, if so, continuing to judge according to the step 6, and if not, executing the step 8;
step 8, for the intelligent contract of unprotected arithmetic overflow and triggerable potential arithmetic overflow, judging that the intelligent contract is unsafe, and giving input data capable of triggering overflow; and judging that the intelligent contract is safe for the intelligent contract which has no taint to participate in arithmetic operation, protected arithmetic overflow and potential arithmetic overflow which is not triggered.
2. The intelligent contract vulnerability detection method according to claim 1, characterized in that: step 3, the specific method for tracking the marked stain on the EVM layer comprises the following steps: when the EVM operates the data marked as the taint, synchronously operating the taint; when a taint participates in an operation, the result of the operation is also marked as taint.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911080006.3A CN110866255B (en) | 2019-11-07 | 2019-11-07 | Intelligent contract vulnerability detection method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911080006.3A CN110866255B (en) | 2019-11-07 | 2019-11-07 | Intelligent contract vulnerability detection method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110866255A true CN110866255A (en) | 2020-03-06 |
| CN110866255B CN110866255B (en) | 2022-04-12 |
Family
ID=69654627
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911080006.3A Active CN110866255B (en) | 2019-11-07 | 2019-11-07 | Intelligent contract vulnerability detection method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110866255B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111680290A (en) * | 2020-06-02 | 2020-09-18 | 浙江大学 | Code pile inserting frame system based on Ether house virtual machine |
| CN112417435A (en) * | 2020-10-15 | 2021-02-26 | 北京八分量信息科技有限公司 | Trusted computing white list executed in community environment |
| CN114048464A (en) * | 2022-01-12 | 2022-02-15 | 北京大学 | Ether house intelligent contract security vulnerability detection method and system based on deep learning |
| CN116361816A (en) * | 2023-06-01 | 2023-06-30 | 江西农业大学 | Intelligent contract vulnerability detection method, system, storage medium and equipment |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108536445A (en) * | 2018-03-28 | 2018-09-14 | 成都链安科技有限公司 | Increasingly automated Formal Verification system and method towards block chain intelligence contract |
| CN109460657A (en) * | 2018-10-15 | 2019-03-12 | 杭州安恒信息技术股份有限公司 | A kind of safety detection method overflowed based on intelligent contract code value |
| CN109933991A (en) * | 2019-03-20 | 2019-06-25 | 杭州拜思科技有限公司 | A kind of method, apparatus of intelligence contract Hole Detection |
| CN109948345A (en) * | 2019-03-20 | 2019-06-28 | 杭州拜思科技有限公司 | A kind of method, the system of intelligence contract Hole Detection |
| CN110175454A (en) * | 2019-04-19 | 2019-08-27 | 肖银皓 | A kind of intelligent contract safety loophole mining method and system based on artificial intelligence |
| CN110309660A (en) * | 2019-07-09 | 2019-10-08 | 佛山市伏宸区块链科技有限公司 | A kind of the automation auditing system and method for intelligence contract code |
| CN110399730A (en) * | 2019-07-24 | 2019-11-01 | 上海交通大学 | Inspection method, system and the medium of intelligent contract loophole |
-
2019
- 2019-11-07 CN CN201911080006.3A patent/CN110866255B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108536445A (en) * | 2018-03-28 | 2018-09-14 | 成都链安科技有限公司 | Increasingly automated Formal Verification system and method towards block chain intelligence contract |
| CN109460657A (en) * | 2018-10-15 | 2019-03-12 | 杭州安恒信息技术股份有限公司 | A kind of safety detection method overflowed based on intelligent contract code value |
| CN109933991A (en) * | 2019-03-20 | 2019-06-25 | 杭州拜思科技有限公司 | A kind of method, apparatus of intelligence contract Hole Detection |
| CN109948345A (en) * | 2019-03-20 | 2019-06-28 | 杭州拜思科技有限公司 | A kind of method, the system of intelligence contract Hole Detection |
| CN110175454A (en) * | 2019-04-19 | 2019-08-27 | 肖银皓 | A kind of intelligent contract safety loophole mining method and system based on artificial intelligence |
| CN110309660A (en) * | 2019-07-09 | 2019-10-08 | 佛山市伏宸区块链科技有限公司 | A kind of the automation auditing system and method for intelligence contract code |
| CN110399730A (en) * | 2019-07-24 | 2019-11-01 | 上海交通大学 | Inspection method, system and the medium of intelligent contract loophole |
Non-Patent Citations (4)
| Title |
|---|
| 付梦琳等: "智能合约安全漏洞挖掘技术研究", 《计算机应用》 * |
| 毕晓冰: "区块链智能合约安全开发技术研究与实现", 《计算机软件及计算机应用》 * |
| 陈力波等: "ERC20智能合约整数溢出系列漏洞披露", 《信息技术与网络安全》 * |
| 零时科技: "以太坊智能合约漏洞实战详解:整数溢出攻击", 《HTTPS://WWW.JIANSHU.COM/P/1620779EE75E?FROM=MESSAGE》 * |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111680290A (en) * | 2020-06-02 | 2020-09-18 | 浙江大学 | Code pile inserting frame system based on Ether house virtual machine |
| WO2021243740A1 (en) * | 2020-06-02 | 2021-12-09 | 浙江大学 | Code instrumentation framework system based on ethereum virtual machine |
| CN111680290B (en) * | 2020-06-02 | 2023-04-11 | 浙江大学 | Code pile inserting frame system based on Ether house virtual machine |
| CN112417435A (en) * | 2020-10-15 | 2021-02-26 | 北京八分量信息科技有限公司 | Trusted computing white list executed in community environment |
| CN114048464A (en) * | 2022-01-12 | 2022-02-15 | 北京大学 | Ether house intelligent contract security vulnerability detection method and system based on deep learning |
| CN114048464B (en) * | 2022-01-12 | 2022-03-15 | 北京大学 | Ether house intelligent contract security vulnerability detection method and system based on deep learning |
| CN116361816A (en) * | 2023-06-01 | 2023-06-30 | 江西农业大学 | Intelligent contract vulnerability detection method, system, storage medium and equipment |
| CN116361816B (en) * | 2023-06-01 | 2023-08-11 | 江西农业大学 | Intelligent contract vulnerability detection method, system, storage medium and equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110866255B (en) | 2022-04-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110866255B (en) | Intelligent contract vulnerability detection method | |
| KR102306568B1 (en) | Processor trace-based enforcement of control flow integrity in computer systems | |
| Gao et al. | Easyflow: Keep ethereum away from overflow | |
| KR102307534B1 (en) | Systems and methods for tracking malicious behavior across multiple software entities | |
| Ren et al. | Empirical evaluation of smart contract testing: What is the best choice? | |
| Samreen et al. | A survey of security vulnerabilities in ethereum smart contracts | |
| Gonzalez et al. | Anomalicious: Automated detection of anomalous and potentially malicious commits on github | |
| US10198309B2 (en) | Unexpected event detection during execution of an application | |
| Aurangzeb et al. | On the classification of Microsoft-Windows ransomware using hardware profile | |
| EP3531324B1 (en) | Identification process for suspicious activity patterns based on ancestry relationship | |
| Zhang et al. | Identifying and analyzing pointer misuses for sophisticated memory-corruption exploit diagnosis | |
| You et al. | Android implicit information flow demystified | |
| Qiu et al. | A framework for understanding dynamic anti-analysis defenses | |
| Pundir et al. | RanStop: A hardware-assisted runtime crypto-ransomware detection technique | |
| Sadeghi et al. | Mining the categorized software repositories to improve the analysis of security vulnerabilities | |
| Yagemann et al. | Validating the integrity of audit logs against execution repartitioning attacks | |
| Wang et al. | Branch obfuscation using code mobility and signal | |
| Thummapudi et al. | Detection of Ransomware Attacks using Processor and Disk Usage Data | |
| Liao et al. | Smartstate: Detecting state-reverting vulnerabilities in smart contracts via fine-grained state-dependency analysis | |
| Chenet et al. | A survey of hardware-based malware detection approach | |
| Thevenon et al. | iMRC: Integrated Monitoring & Recovery Component, a Solution to Guarantee the Security of Embedded Systems. | |
| Abusnaina et al. | Burning the adversarial bridges: Robust windows malware detection against binary-level mutations | |
| Nappa et al. | POW-HOW: An enduring timing side-channel to evade online malware sandboxes | |
| Yin et al. | A malware detection system based on heterogeneous information network | |
| Parhizkari et al. | Timely Identification of Victim Addresses in DeFi Attacks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |