CN113326050A - Intelligent contract vulnerability detection method based on combination of neural network and dynamic fuzzy test - Google Patents

Intelligent contract vulnerability detection method based on combination of neural network and dynamic fuzzy test Download PDF

Info

Publication number
CN113326050A
CN113326050A CN202110766018.2A CN202110766018A CN113326050A CN 113326050 A CN113326050 A CN 113326050A CN 202110766018 A CN202110766018 A CN 202110766018A CN 113326050 A CN113326050 A CN 113326050A
Authority
CN
China
Prior art keywords
path
intelligent contract
detection
contract
test
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110766018.2A
Other languages
Chinese (zh)
Other versions
CN113326050B (en
Inventor
刘振广
刘灵凤
钱鹏
徐小俊
武思凡
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Gongshang University
Original Assignee
Zhejiang Gongshang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Gongshang University filed Critical Zhejiang Gongshang University
Priority to CN202110766018.2A priority Critical patent/CN113326050B/en
Publication of CN113326050A publication Critical patent/CN113326050A/en
Application granted granted Critical
Publication of CN113326050B publication Critical patent/CN113326050B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/41Compilation
    • G06F8/42Syntactic analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/044Recurrent networks, e.g. Hopfield networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/045Combinations of networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/08Learning methods
    • G06N3/084Backpropagation, e.g. using gradient descent

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Computational Linguistics (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Artificial Intelligence (AREA)
  • Biomedical Technology (AREA)
  • Biophysics (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Mining & Analysis (AREA)
  • Evolutionary Computation (AREA)
  • General Health & Medical Sciences (AREA)
  • Molecular Biology (AREA)
  • Mathematical Physics (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The invention discloses an intelligent contract vulnerability detection method based on combination of a neural network and dynamic fuzzy test, which comprises the steps of carrying out static analysis on intelligent contract vulnerabilities by constructing a feedforward neural network model, marking function execution paths with vulnerabilities, using SIF to carry out instrumentation processing on the function execution paths with vulnerabilities, guiding a fuzzy detector to carry out dynamic fuzzy detection on the function execution paths with vulnerabilities by utilizing a forward-looking analysis method, constructing a feedback mechanism based on a control flow and an intelligent contract state, guiding the fuzzy detector to generate an effective test case through feedback information, and carrying out strategic dynamic fuzzy detection. Compared with the traditional intelligent contract vulnerability detection tool, the invention provides a new scheme, effectively improves the conditions of misjudgment, missing report and the like of the traditional single static detection or dynamic analysis method, and has good practical value and good reference significance.

Description

Intelligent contract vulnerability detection method based on combination of neural network and dynamic fuzzy test
Technical Field
The invention belongs to the technical field of block chain intelligent contract security, and particularly relates to an intelligent contract vulnerability detection method based on combination of a neural network and a dynamic fuzzy test.
Background
An intelligent contract is a computer protocol for propagating, verifying or executing contracts in an informatization mode, and the intelligent contract quickly becomes the focus of industry attention by the characteristics of decentralization, no need of third party intervention and the like. Until now, smart contracts deployed on various blockchain platforms have dominated digital currency in excess of 100 billion dollars in value; it is worth mentioning that smart contracts allow users to conduct digital currency transactions without third party intervention, and that these transactions are irreversible.
Smart contracts are easily targeted for hacking because they manipulate vast amounts of money. For example, in 2016 The DAO attack event, an attacker steals an ethernet coin worth nearly $ 6000 million with The reentrant vulnerability of The DAO contract; in 2018, in a catena loophole event, an attacker infinitely copies tokens by utilizing an integer overflow loophole of a catena BEC contract, so that the value evaporation of the BEC tokens is zeroed. The intelligent contract vulnerability not only causes huge economic loss to users, but also destroys the trust foundation of the public for the intelligent contract. Therefore, it is urgent to develop an accurate intelligent contract vulnerability detection tool.
Most of intelligent contract vulnerability detection tools at the present stage are based on static source code or byte code analysis, however, due to the lack of dynamic interaction with an external contract, the static analysis method often has the situation of missing report or false report; the dynamic analysis method has the advantages of high automation degree, good usability, low false alarm rate and the like, and can execute and cover a deeper execution path by generating a test case to dynamically execute a program.
The core idea of the conventional dynamic analysis method is to provide a large number of test samples for a program and monitor abnormal behaviors in a contract execution process to find a contract bug. However, most test cases are often randomly generated, which results in high redundancy of the test cases, low path coverage and difficulty in processing different execution paths in a balanced manner, for example, Echidna [ Echidna, a smart fuzzer for ethernet. rail of Bits Blog, mar.2018] provides a complete intelligent contract fuzzy testing framework for fabs, which can analyze and simulate execution of intelligent contract source codes and generate random transaction data meeting contract calling specifications to perform fuzzy testing on contracts, but does not deeply discuss a more effective seed generation strategy. The method comprises the steps of generating random transactions by randomly generating call parameters, transaction amount and transaction sending address, carrying out offline vulnerability detection by recording instruction logs during intelligent contract execution, and randomly generating test cases by the ContractFuzzer [ Bo J, Ye L, Chan W K.
Disclosure of Invention
In view of the above, the invention provides an intelligent contract vulnerability detection method based on a combination of a neural network and a dynamic fuzzy test, which can effectively improve the conditions of misjudgment, missing report and the like of the traditional single static detection or dynamic analysis method and improve the accuracy of intelligent contract vulnerability detection.
An intelligent contract vulnerability detection method based on combination of a neural network and dynamic fuzzy test comprises the following steps:
(1) establishing a program execution flow graph of an intelligent contract, and extracting a function execution path in the program execution flow graph;
(2) constructing a vulnerability detection model based on a feedforward neural network and training the vulnerability detection model to automatically mark a function execution path which may have a vulnerability in a detected contract;
(3) using an intelligent contract instrumentation frame SIF to instrumentation branch positions of function execution paths with possible bugs, and collecting the execution path information of a program in the process of fuzzy test; aiming at different test cases, acquiring function execution paths corresponding to the tested contracts, analyzing the different function execution paths by using a look-ahead analysis method, and distributing different weights to the test cases;
(4) allocating detection resources for a test case for executing dynamic fuzzy detection according to the weight, monitoring whether a function execution path of a contract is abnormal in the dynamic fuzzy detection process, recording test data and information of the abnormal operation, and outputting a dynamic fuzzy detection log;
(5) and analyzing the detection log, and optimizing the fuzzy detector to generate an effective test case.
Further, the specific implementation manner of the step (1) is as follows: the method comprises the steps of constructing an intelligent contract source code data set by taking an intelligent Ethernet contract as an object, converting intelligent contract source codes into a corresponding program execution flow graph by using an automatic extraction tool, extracting corresponding function execution paths according to function execution flow information stored in the program execution flow graph, converting all the function execution paths into vector forms input by a neural network, and dividing the vector forms into a training set and a testing set.
Further, the specific implementation manner of the step (2) is as follows: firstly, label is carried out on the function execution path in the training set: marking the execution path with holes as 1 and the execution path without holes as 0; then constructing a vulnerability detection model based on a feedforward neural network, inputting a training set function execution path into the model in a vector form, taking label corresponding to the function execution path as a truth label of model output, and training the model; and finally, inputting the test set function execution path into the trained model in a vector form, and outputting and judging whether the corresponding function execution path has a bug.
Further, the specific implementation manner of the step (3) is as follows: firstly compiling an intelligent contract to generate a corresponding abstract syntax tree AST, traversing the AST by utilizing SIF (Scale invariant feature transform), namely defining different structural body record node information according to AST nodes of different types of functions, instantiating each node, executing a path for a function possibly having a vulnerability in the contract, collecting node information related to the path, and inserting an assertion statement into the front of a related node to be used as an additional node for analysis and detection; secondly, converting the modified AST into an intelligent contract source code again, performing dynamic fuzzy test on the intelligent contract, and collecting control flow and data flow information of a program in the test process to obtain dynamic information of a function execution path; aiming at the problems of high repetition rate, low case execution efficiency, uneven resource distribution and the like of test cases, analyzing each test case added into a fuzzy detector by using a look-ahead analysis method, and distributing weights by the fuzzy detector according to path hash values and segmentation node sets corresponding to the test cases: when the times of executing the hash value of the corresponding path by the test case is less than a set threshold value, a higher weight is distributed to the test case; and when the times that the test case passes through the segmentation nodes on the corresponding path are less than a set threshold value, distributing higher weight to the test case.
Further, the concrete implementation process of analyzing the test case by using the look-ahead analysis method is as follows: giving a group of test cases, interacting with the detected contracts to obtain function execution paths corresponding to different test cases, continuously iterating each segmentation node (namely a point of a function execution path branch) on the function execution path, judging whether the function execution path prefix is a non-target path prefix by prefix inference and suffix check at the segmentation node, calculating a hash value and a segmentation node set of the path, and finally recording the path hash value, the segmentation node set, the test cases and path identifiers corresponding to the test cases obtained by prospective analysis into the path set; the prefix inference is to abstract and interpret all possible inputs of the segmented nodes and infer postconditions; and the suffix check is to check whether the suffix path can not reach the target position according to the postcondition given by prefix deduction, and if all the target positions can not be reached, the hash value and the segmentation node set of the path are calculated and returned.
Further, the specific implementation manner of the step (4) is as follows: firstly, according to the weight proportion of the test cases, distributing different detection resources for the test cases executing dynamic fuzzy detection, namely, the detection resources distributed with high weight are more, and the detection resources distributed with low weight are less; generating different test case inputs by a mutation method in the dynamic fuzzy detection process, collecting currently input path information, comparing the currently input path information with paths in a path set, and updating the set if the current path is not in the set; and then recording contract states including contract balances and participant balances before and after execution of each test case, and defining different predictions for detection aiming at different vulnerability types.
Further, for a reentrant vulnerability, whether the vulnerability exists is judged by a subinterpretation rentrancycall and a CallAgentWithValue, wherein the subinterpretation renternancale, namely an original function call, appears more than once in a nested call chain starting from the subinterpretation renternarycall, and the subintergentwthvalue comprises the following three rules:
a. the Ethernet currency sent by the function call is greater than 0;
b. the called function has enough Gas to execute complex codes, namely, the function calling is not carried out through the Send function or the Transfer function;
c. the called contract is specified by the original contract caller, rather than being hard-coded in the original contract.
Further, the specific implementation manner of the step (5) is as follows: according to a detection log generated in the dynamic fuzzy detection process, data stream information and contract state information are acquired and analyzed and fed back to a fuzzy detector to guide the fuzzy detector to generate an effective test case, and the method specifically comprises the following two parts:
data flow directs function call order: if two functions operate a certain variable (such as account balance) in the intelligent contract at the same time in the test case, exchanging the positions of the two functions;
intelligent contract state guidance input generation: in most cases, the execution of the test case depends on the state of the contract (such as the balance of the contract), for example, in a reentrant vulnerability, as long as the number of the Ethernet coins stored in the contract is larger than that of the Ethernet coins taken out, the vulnerability can be successfully detected; thus, the contract run state during the blur detection process may be recorded into the dynamic dictionary, after which the function input is generated from the state in the dictionary.
The method comprises the steps of constructing a feedforward neural network model to carry out static analysis on intelligent contract vulnerabilities, labeling function execution paths with vulnerabilities, using SIF to carry out instrumentation processing on the function execution paths with vulnerabilities, guiding a fuzzy detector to carry out dynamic fuzzy detection on the function execution paths with vulnerabilities by using a look-ahead analysis method, constructing a feedback mechanism based on a control flow and an intelligent contract state, guiding the fuzzy detector to generate an effective test case through feedback information, and carrying out strategic dynamic fuzzy detection. Compared with the traditional intelligent contract vulnerability detection tool, the invention provides a new scheme, effectively improves the conditions of misjudgment, missing report and the like of the traditional single static detection or dynamic analysis method, has good practical value and good reference significance, and has the following 4 main beneficial technical effects and innovativeness:
1. the invention provides a vulnerability detection model based on a feedforward neural network, which takes a function execution path vector as input to carry out security vulnerability model training and marks out an execution path which may have a vulnerability.
2. The invention provides a method for inserting piles into execution paths with possible bugs by utilizing SIF, and allocates different test resources for different branch test cases by using a forward-looking analysis method in the dynamic fuzzy test process, so that a fuzzifier is effectively guided to reach a target position for testing, and the efficiency of the dynamic fuzzy test is improved.
3. The feedback mechanism provided by the invention guides the fuzzy detector to generate reasonable input through data flow, control flow and intelligent contract state, so that the fuzzy test can more easily reach the path with the vulnerability.
4. The invention provides a vulnerability detection method combining a neural network and dynamic fuzzy test, which can carry out dynamic fuzzy test on different function execution paths in a targeted manner according to the static analysis result of a neural network model, and provides a new idea for intelligent contract vulnerability detection.
Drawings
FIG. 1 is a schematic flow chart of an intelligent contract vulnerability detection method according to the present invention.
FIG. 2 is a schematic diagram of an intelligent contract vulnerability detection architecture according to the present invention.
Fig. 3 is a schematic diagram illustrating simulation for reentrant vulnerability detection in an embodiment of the present invention.
Detailed Description
In order to more specifically describe the present invention, the following detailed description is provided for the technical solution of the present invention with reference to the accompanying drawings and the specific embodiments.
The invention relates to a dynamic intelligent contract vulnerability detection method based on combination of a neural network and dynamic fuzzy test, which mainly converts an intelligent contract into a contract execution flow graph by means of an automatic extraction tool, further extracts a function execution path in the contract execution flow graph, converts the function execution path into a vector form by using a vector conversion tool, constructs a feedforward neural network model to perform vulnerability detection on the intelligent contract, and performs instrumentation on an execution path possibly having vulnerabilities by using SIF (scale invariant feature) and a dynamic fuzzy test; in the dynamic fuzzy test process, aiming at different test cases, acquiring a function execution path corresponding to a detected contract; analyzing different function execution paths by using a look-ahead analysis method, and distributing different test weights; monitoring the function or path executed in the fuzzy test process, analyzing the abnormal function or execution path to output the bug detection result, and feeding back the generated data stream and contract state information to the fuzzifier to generate the input conforming to the actual situation in the dynamic detection process according to the dynamic fuzzy detection log, wherein the process is shown in fig. 1.
As shown in FIG. 2, the intelligent contract vulnerability detection mainly comprises a static detection stage and a fuzzy test stage.
Firstly, in a static detection stage, taking an Etherhouse intelligent contract as a research object, collecting the intelligent contract, constructing an intelligent contract data set, converting the intelligent contract data set into a contract execution flow graph by using an automatic extraction tool, extracting an execution path in a control flow graph, and converting the execution path into a vector form by using a vector conversion tool.
And then, carrying out vulnerability detection on the intelligent contract by utilizing the feedforward neural network model, and giving out an execution path which may have the vulnerability.
Furthermore, the intelligent contract is compiled and converted into an AST form, SIF is used for instrumentation of paths with possible problems according to vulnerability analysis results given by the feedforward neural network model, and execution path information of the program is collected in the fuzzy test process. Aiming at different test cases, acquiring function execution paths corresponding to the tested contracts, analyzing the different function execution paths by using a lookup head method to obtain corresponding LIDs and SPs of the test cases, and distributing different test weights to the different test cases to find the optimal test case; the LID is a hash value calculated by a target-free path prefix, and the SP is a point where a function execution path generates branches.
Finally, monitoring the execution path or function execution of the contract in the fuzzy test process by using a dynamic fuzzy detector, recording test data and abnormal information which generate abnormity, and outputting a dynamic detection log; and detecting log information generated in the fuzzy test process, acquiring data stream and intelligent contract state and feeding back to a fuzzy detector, wherein the fuzzy detector generates input more conforming to the actual situation through analysis.
In this example, the reentrant vulnerability shown in fig. 3 is taken as an example, and the specific detection process is as follows:
(1) given a test contract, the control flow graph is converted into a control flow graph by using a control flow graph conversion tool, an execution path in the control flow graph is extracted, and the execution path is converted into a path vector form by using a vector conversion tool and serves as a model input.
(2) Inputting the path vector into a vulnerability detection model for detection, and marking out an execution path and a function which may have a vulnerability.
(3) According to the detection result of the vulnerability model, firstly compiling the intelligent contract to generate a corresponding abstract syntax tree AST, and recording the relevant information of each node; and then, modifying corresponding nodes in the AST by using SIF according to the result of vulnerability detection, inserting related assertion statements into a path with the vulnerability as additional nodes for analysis and detection, and converting the modified AST into an intelligent contract source code again.
(4) In the fuzz testing process, a transaction sequence is given: despoit (3) - > within (5), executing the transaction sequence to obtain a corresponding path pi, continuously iterating all SPs on the path, deducing prefixes at the SPs to obtain a postcondition, checking whether suffixes of the path cannot reach a target position according to the postcondition, and finally calculating to obtain the LID and the SPs of the path.
(5) And the fuzzifier assigns a weight value of 2 to the test case according to the LID and the SPs obtained by analyzing the path pi by the lookahead.
(6) Distributing test resources according to the weight distributed to the test case, performing fuzzy test, generating different inputs through the variation of the test case in the test process, collecting the currently input path information, comparing the currently input path information with the paths in the PIDs, and updating the set if the paths do not exist in the set; wherein the PID is a path identifier corresponding to the test case.
(7) Recording the execution state of the test case in the test process, carrying out prediction detection, feeding back detection log information to the fuzzifier when no leak is detected.
(8) According to the log information generated by the dynamic fuzzy detection, the fuzzifier finds that the balance of the account of the current attacker is 3 and the taken-out Ethernet currency is 5 by analyzing the state of the intelligent contract in the test process, so that the test fails; and reducing the number of taken out Ethernet coins according to the feedback information fuzzifier, generating a new test case despoit (3) - > withdaw (2), and then performing dynamic fuzzification test, and obtaining that the contract has reentrant bugs through prediction detection.
The embodiments described above are presented to enable a person having ordinary skill in the art to make and use the invention. It will be readily apparent to those skilled in the art that various modifications to the above-described embodiments may be made, and the generic principles defined herein may be applied to other embodiments without the use of inventive faculty. Therefore, the present invention is not limited to the above embodiments, and those skilled in the art should make improvements and modifications to the present invention based on the disclosure of the present invention within the protection scope of the present invention.

Claims (8)

1. An intelligent contract vulnerability detection method based on combination of a neural network and dynamic fuzzy test comprises the following steps:
(1) establishing a program execution flow graph of an intelligent contract, and extracting a function execution path in the program execution flow graph;
(2) constructing a vulnerability detection model based on a feedforward neural network and training the vulnerability detection model to automatically mark a function execution path which may have a vulnerability in a detected contract;
(3) using an intelligent contract instrumentation frame SIF to instrumentation branch positions of function execution paths with possible bugs, and collecting the execution path information of a program in the process of fuzzy test; aiming at different test cases, acquiring function execution paths corresponding to the tested contracts, analyzing the different function execution paths by using a look-ahead analysis method, and distributing different weights to the test cases;
(4) allocating detection resources for a test case for executing dynamic fuzzy detection according to the weight, monitoring whether a function execution path of a contract is abnormal in the dynamic fuzzy detection process, recording test data and information of the abnormal operation, and outputting a dynamic fuzzy detection log;
(5) and analyzing the detection log, and optimizing the fuzzy detector to generate an effective test case.
2. The intelligent contract vulnerability detection method of claim 1, wherein: the specific implementation manner of the step (1) is as follows: the method comprises the steps of constructing an intelligent contract source code data set by taking an intelligent Ethernet contract as an object, converting intelligent contract source codes into a corresponding program execution flow graph by using an automatic extraction tool, extracting corresponding function execution paths according to function execution flow information stored in the program execution flow graph, converting all the function execution paths into vector forms input by a neural network, and dividing the vector forms into a training set and a testing set.
3. The intelligent contract vulnerability detection method of claim 2, wherein: the specific implementation manner of the step (2) is as follows: firstly, label is carried out on the function execution path in the training set: marking the execution path with holes as 1 and the execution path without holes as 0; then constructing a vulnerability detection model based on a feedforward neural network, inputting a training set function execution path into the model in a vector form, taking label corresponding to the function execution path as a truth label of model output, and training the model; and finally, inputting the test set function execution path into the trained model in a vector form, and outputting and judging whether the corresponding function execution path has a bug.
4. The intelligent contract vulnerability detection method of claim 1, wherein: the specific implementation manner of the step (3) is as follows: firstly compiling an intelligent contract to generate a corresponding abstract syntax tree AST, traversing the AST by utilizing SIF (Scale invariant feature transform), namely defining different structural body record node information according to AST nodes of different types of functions, instantiating each node, executing a path for a function possibly having a vulnerability in the contract, collecting node information related to the path, and inserting an assertion statement into the front of a related node to be used as an additional node for analysis and detection; secondly, converting the modified AST into an intelligent contract source code again, performing dynamic fuzzy test on the intelligent contract, and collecting control flow and data flow information of a program in the test process to obtain dynamic information of a function execution path; and finally, analyzing each test case added into the fuzzy detector by using a look-ahead analysis method, and distributing weights by the fuzzy detector according to the path hash value and the segmentation node set corresponding to the test case: when the times of executing the hash value of the corresponding path by the test case is less than a set threshold value, a higher weight is distributed to the test case; and when the times that the test case passes through the segmentation nodes on the corresponding path are less than a set threshold value, distributing higher weight to the test case.
5. The intelligent contract vulnerability detection method of claim 4, wherein: the concrete implementation process of analyzing the test case by using the look-ahead analysis method comprises the following steps: giving a group of test cases, interacting with the detected contracts to obtain function execution paths corresponding to different test cases, continuously iterating each segmentation node on the function execution paths, judging whether the function execution path prefix is a non-target path prefix or not at the segmentation node by prefix inference and suffix check, calculating a hash value and a segmentation node set of the path, and finally recording the path hash value, the segmentation node set, the test cases and path identifiers corresponding to the test cases obtained by prospective analysis into the path set; the prefix inference is to abstract and interpret all possible inputs of the segmented nodes and infer postconditions; and the suffix check is to check whether the suffix path can not reach the target position according to the postcondition given by prefix deduction, and if all the target positions can not be reached, the hash value and the segmentation node set of the path are calculated and returned.
6. The intelligent contract vulnerability detection method of claim 1, wherein: the specific implementation manner of the step (4) is as follows: firstly, according to the weight proportion of the test cases, distributing different detection resources for the test cases executing dynamic fuzzy detection, namely, the detection resources distributed with high weight are more, and the detection resources distributed with low weight are less; generating different test case inputs by a mutation method in the dynamic fuzzy detection process, collecting currently input path information, comparing the currently input path information with paths in a path set, and updating the set if the current path is not in the set; and then recording contract states including contract balances and participant balances before and after execution of each test case, and defining different predictions for detection aiming at different vulnerability types.
7. The intelligent contract vulnerability detection method of claim 6, wherein: for the reentrant vulnerability, judging whether the vulnerability exists through a subinterpretation ReentrenceCall and a CallAgentWithValue, wherein the subinterpretation ReentrenceCall, namely an original function call, appears more than once in a nested call chain starting from the subinterval, and the subintermentWithValue comprises the following three rules:
a. the Ethernet currency sent by the function call is greater than 0;
b. the called function has enough Gas to execute complex codes, namely, the function calling is not carried out through the Send function or the Transfer function;
c. the called contract is specified by the original contract caller, rather than being hard-coded in the original contract.
8. The intelligent contract vulnerability detection method of claim 1, wherein: the specific implementation manner of the step (5) is as follows: according to a detection log generated in the dynamic fuzzy detection process, data stream information and contract state information are acquired and analyzed and fed back to a fuzzy detector to guide the fuzzy detector to generate an effective test case, and the method specifically comprises the following two parts:
data flow directs function call order: if two functions simultaneously operate a certain variable in the intelligent contract in the test case, exchanging the positions of the two functions;
intelligent contract state guidance input generation: and recording the contract running state in the fuzzy detection process into the dynamic dictionary, and then generating function input according to the state in the dictionary.
CN202110766018.2A 2021-07-07 2021-07-07 Intelligent contract vulnerability detection method based on combination of neural network and dynamic fuzzy test Active CN113326050B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110766018.2A CN113326050B (en) 2021-07-07 2021-07-07 Intelligent contract vulnerability detection method based on combination of neural network and dynamic fuzzy test

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110766018.2A CN113326050B (en) 2021-07-07 2021-07-07 Intelligent contract vulnerability detection method based on combination of neural network and dynamic fuzzy test

Publications (2)

Publication Number Publication Date
CN113326050A true CN113326050A (en) 2021-08-31
CN113326050B CN113326050B (en) 2023-10-17

Family

ID=77425851

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110766018.2A Active CN113326050B (en) 2021-07-07 2021-07-07 Intelligent contract vulnerability detection method based on combination of neural network and dynamic fuzzy test

Country Status (1)

Country Link
CN (1) CN113326050B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113836009A (en) * 2021-09-14 2021-12-24 广东新安怀科技发展有限公司 Intelligent contract fuzzy test method and system based on reinforcement learning
CN114077742A (en) * 2021-11-02 2022-02-22 清华大学 Intelligent software vulnerability mining method and device
CN114117426A (en) * 2021-11-16 2022-03-01 中国人民解放军国防科技大学 WEB application vulnerability detection method and system
CN114996126A (en) * 2022-05-17 2022-09-02 电子科技大学 Vulnerability detection method and system for EOSIO intelligent contract
CN115033883A (en) * 2022-04-27 2022-09-09 浙江大学 Intelligent contract vulnerability detection method and system based on policy-type fuzzy
CN115659358A (en) * 2022-12-28 2023-01-31 北京邮电大学 Intelligent contract fuzzy test method and device
CN118094570A (en) * 2024-04-24 2024-05-28 北京航空航天大学 Intelligent contract fuzzy test method based on large language model and reinforcement learning

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110399730A (en) * 2019-07-24 2019-11-01 上海交通大学 Inspection method, system and the medium of intelligent contract loophole
KR20200094618A (en) * 2019-01-30 2020-08-07 주식회사 린아레나 Method for auditing source code using smart contract similarity analysis and apparatus thereof
US20200372154A1 (en) * 2019-05-21 2020-11-26 Jaroona Chain Ou Blockchain security
CN112035842A (en) * 2020-08-17 2020-12-04 杭州云象网络技术有限公司 Intelligent contract vulnerability detection interpretability method based on codec
CN112035841A (en) * 2020-08-17 2020-12-04 杭州云象网络技术有限公司 Intelligent contract vulnerability detection method based on expert rules and serialized modeling

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20200094618A (en) * 2019-01-30 2020-08-07 주식회사 린아레나 Method for auditing source code using smart contract similarity analysis and apparatus thereof
US20200372154A1 (en) * 2019-05-21 2020-11-26 Jaroona Chain Ou Blockchain security
CN110399730A (en) * 2019-07-24 2019-11-01 上海交通大学 Inspection method, system and the medium of intelligent contract loophole
CN112035842A (en) * 2020-08-17 2020-12-04 杭州云象网络技术有限公司 Intelligent contract vulnerability detection interpretability method based on codec
CN112035841A (en) * 2020-08-17 2020-12-04 杭州云象网络技术有限公司 Intelligent contract vulnerability detection method based on expert rules and serialized modeling

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
倪远东;张超;殷婷婷;: "智能合约安全漏洞研究综述", 信息安全学报, no. 03 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113836009A (en) * 2021-09-14 2021-12-24 广东新安怀科技发展有限公司 Intelligent contract fuzzy test method and system based on reinforcement learning
CN114077742A (en) * 2021-11-02 2022-02-22 清华大学 Intelligent software vulnerability mining method and device
CN114117426A (en) * 2021-11-16 2022-03-01 中国人民解放军国防科技大学 WEB application vulnerability detection method and system
CN115033883A (en) * 2022-04-27 2022-09-09 浙江大学 Intelligent contract vulnerability detection method and system based on policy-type fuzzy
CN114996126A (en) * 2022-05-17 2022-09-02 电子科技大学 Vulnerability detection method and system for EOSIO intelligent contract
CN114996126B (en) * 2022-05-17 2024-02-23 电子科技大学 Vulnerability detection method and system for EOSIO intelligent contracts
CN115659358A (en) * 2022-12-28 2023-01-31 北京邮电大学 Intelligent contract fuzzy test method and device
CN118094570A (en) * 2024-04-24 2024-05-28 北京航空航天大学 Intelligent contract fuzzy test method based on large language model and reinforcement learning
CN118094570B (en) * 2024-04-24 2024-07-09 北京航空航天大学 Intelligent contract fuzzy test method based on large language model and reinforcement learning

Also Published As

Publication number Publication date
CN113326050B (en) 2023-10-17

Similar Documents

Publication Publication Date Title
CN113326050A (en) Intelligent contract vulnerability detection method based on combination of neural network and dynamic fuzzy test
CN108647520B (en) Intelligent fuzzy test method and system based on vulnerability learning
CN110096439B (en) Test case generation method for solidity language
CN110737899A (en) machine learning-based intelligent contract security vulnerability detection method
Sun et al. Mutation testing for integer overflow in ethereum smart contracts
CN114996126B (en) Vulnerability detection method and system for EOSIO intelligent contracts
CN112492059A (en) DGA domain name detection model training method, DGA domain name detection device and storage medium
CN112506564B (en) Method, system and medium for establishing control flow graph
CN115455435A (en) Intelligent contract fuzzy test method and device, storage medium and electronic equipment
CN106874762B (en) Android malicious code detecting method based on API dependence graph
CN115270131A (en) Java anti-serialization vulnerability detection method and system
CN112685738A (en) Malicious confusion script static detection method based on multi-stage voting mechanism
CN113836009A (en) Intelligent contract fuzzy test method and system based on reinforcement learning
CN115098863A (en) Intelligent contract reentry vulnerability detection method based on static and dynamic analysis
He et al. Firmware vulnerabilities homology detection based on clonal selection algorithm for IoT devices
CN116702157B (en) Intelligent contract vulnerability detection method based on neural network
CN110096873A (en) It is derived by the automatic bait that patch converts
CN117633804A (en) Electric power Internet of things terminal vulnerability mining method based on stain dynamic energy regulation analysis
CN114285587A (en) Domain name identification method and device and domain name classification model acquisition method and device
Yuriiovych et al. Zero-day polymorphic cyberattacks detection using fuzzy inference system
Periyasamy et al. Prediction of future vulnerability discovery in software applications using vulnerability syntax tree (PFVD-VST).
CN115391787A (en) AFL seed optimization method and system based on generation countermeasure network
Andrijasa et al. Towards Automatic Exploit Generation for Identifying Re-Entrancy Attacks on Cross-Contract
He et al. GraphSA: Smart Contract Vulnerability Detection Combining Graph Neural Networks and Static Analysis
Zhang et al. Machine Learning-based Fuzz Testing Techniques: A Survey

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant