CN117077147A - Intelligent contract vulnerability detection method based on characteristic enhancement of typical contract graph - Google Patents
Intelligent contract vulnerability detection method based on characteristic enhancement of typical contract graph Download PDFInfo
- Publication number
- CN117077147A CN117077147A CN202311080426.8A CN202311080426A CN117077147A CN 117077147 A CN117077147 A CN 117077147A CN 202311080426 A CN202311080426 A CN 202311080426A CN 117077147 A CN117077147 A CN 117077147A
- Authority
- CN
- China
- Prior art keywords
- contract
- intelligent
- contracts
- intelligent contract
- graph
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 37
- 238000000034 method Methods 0.000 claims abstract description 21
- 230000006870 function Effects 0.000 claims description 34
- 238000012512 characterization method Methods 0.000 claims description 9
- 239000013598 vector Substances 0.000 claims description 9
- 238000013527 convolutional neural network Methods 0.000 claims description 7
- 230000004913 activation Effects 0.000 claims description 5
- 238000005096 rolling process Methods 0.000 claims description 4
- 238000012549 training Methods 0.000 claims description 4
- 238000011176 pooling Methods 0.000 claims description 3
- 238000012216 screening Methods 0.000 claims description 3
- 238000010276 construction Methods 0.000 claims description 2
- 238000010586 diagram Methods 0.000 claims description 2
- 238000013528 artificial neural network Methods 0.000 abstract description 6
- 239000000284 extract Substances 0.000 abstract description 3
- 238000010801 machine learning Methods 0.000 description 10
- 238000005516 engineering process Methods 0.000 description 5
- 238000011161 development Methods 0.000 description 4
- 238000004458 analytical method Methods 0.000 description 3
- 238000013461 design Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 238000012360 testing method Methods 0.000 description 2
- 241000366596 Osiris Species 0.000 description 1
- 230000002411 adverse Effects 0.000 description 1
- 230000004931 aggregating effect Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000003058 natural language processing Methods 0.000 description 1
- 238000010606 normalization Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/22—Matching criteria, e.g. proximity measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/23—Clustering techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/24—Classification techniques
- G06F18/241—Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/042—Knowledge-based neural networks; Logical representations of neural networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/0464—Convolutional networks [CNN, ConvNet]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Artificial Intelligence (AREA)
- Evolutionary Computation (AREA)
- Life Sciences & Earth Sciences (AREA)
- Software Systems (AREA)
- Computing Systems (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Biomedical Technology (AREA)
- Bioinformatics & Computational Biology (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Evolutionary Biology (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Computer Security & Cryptography (AREA)
- Biophysics (AREA)
- Computational Linguistics (AREA)
- General Health & Medical Sciences (AREA)
- Molecular Biology (AREA)
- Mathematical Physics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses an intelligent contract vulnerability detection method based on characteristic enhancement of a typical contract graph, which is applied to the field of blockchain safety supervision and aims to detect the vulnerability of an intelligent contract deployed on a blockchain system so as to correct in time and avoid loss. On the basis of carrying out graph structure modeling on intelligent contract source codes and extracting integral semantic grammar characteristics, the invention clusters contracts with similar functional categories through an unsupervised clustering method to obtain a typical contract graph, further extracts category characteristics of intelligent contracts from the typical contract graph, and splices the category characteristics with the integral semantic grammar characteristics of the contracts to realize data enhancement of the contract characteristics. According to the method, based on the splicing characteristics, the simple classified neural network is used for detecting the loopholes, the accuracy of detecting the loopholes of the intelligent contracts can be effectively improved, and the characteristics of the intelligent contracts are fully utilized, so that the method can be used for detecting and exploring the loopholes of unknown classes.
Description
Technical Field
The invention relates to a blockchain security technology, and is characterized by an intelligent contract vulnerability detection technology based on characteristic enhancement of a typical contract graph.
Background
The blockchain is a distributed ledger technique and can realize the functions of information exchange, value transmission, cooperation management and the like on a decentralised network. Due to the characteristics of decentralization, non-tampering, traceability and the like, the block chain technology is initially applied to the field of digital currency, and is widely applied to the fields of finance, logistics, entertainment and the like along with the continuous development of the technology. An intelligent contract is a special computer program that runs on a blockchain and automatically executes the contract contents. However, there are some security risks and design flaws in smart contracts that may cause the contract to perform incorrectly or be utilized by an attacker. With serious consequences. These heavy property loss events exacerbate society's challenge to blockchain technical safety and also have prompted the development of intelligent contract safety research. Since smart contracts are non-tamper-evident, it is extremely difficult to make changes to smart contracts deployed onto blockchains, and detecting vulnerabilities in contracts before deployment of the contracts becomes critical.
Currently, a plurality of detection schemes exist for vulnerabilities of intelligent contracts. Traditional detection methods detect vulnerabilities by means of code analysis, industry developers have developed many vulnerability detection tools using related methods, such as Osiris, oyente and mythrel based on symbolic execution, smartcheck based on program analysis, contract Fuzzer based on fuzzy test, etc. While these tools are effective in detecting vulnerabilities of smart contracts, they rely on rules formulated by experts, which are merely artificial summaries of known vulnerability patterns and cannot cover some complex patterns. Therefore, the conventional detection method has a large limitation on various intelligent contract conditions.
With the rapid development of machine learning technology, researchers in many disciplines began to apply machine learning methods to solve the problems in the respective fields. For vulnerability detection of intelligent contracts, many researchers have also proposed corresponding machine learning methods. Such as Goginini, ajay K, et al, "Multi-Class classification of vulnerabilities in Smart Contracts using AWD-LSTM, with pre-trained encoder inspired from natural language processing," IOP SciNotes 1.3 (2020): 035002 multiple classification of smart contracts using AWD-LSTM based on smart contract opcodes; zhuang, yuan, et al, "Smart Contract Vulnerability Detection using Graph Neural network," IJCAI.2020 converts the intelligent contract source code into a graph to extract the grammar and semantic features of the intelligent contract, and detects the contract vulnerability by using the graph neural network; liu, zhenguang, et al, "Combining graph neural networks with expert knowledge for smart contract vulnerability detection," IEEE Transactions on Knowledge and Data Engineering (2021) proposes the detection of smart contract vulnerabilities in combination with a graph neural network and expert knowledge; nguyen, hoang H., et al, "MANDO: multi-Level Heterogeneous Graph Embeddings for Fine-Grained Detection of Smart Contract Vulnerailies." arXiv preprint arXiv:2208.13252 (2022) more accurately captures code semantics in smart contracts by converting source code into a heterogeneous contract graph representation represented by a control flow graph and call graph containing different types of nodes and connections, and utilizing a Multi-path heterogram attention network. However, the above scheme still has the following problems:
(1) The traditional intelligent contract vulnerability detection method based on code analysis depends on rules formulated by experts, and the expert rules are only artificial summary of known vulnerability patterns, and have larger limitation on various intelligent contract vulnerability conditions.
(2) The contact vulnerability detection method utilizing machine learning does not fully mine the contact of the contract category and the contract vulnerability.
(3) Vulnerability detection methods using intelligent contract graph structures often require normalization of the contract graph, which results in loss of some information of the contract, which may adversely affect the vulnerability detection.
Disclosure of Invention
The invention aims to solve the technical problem of providing a set of machine learning contract vulnerability detection method which fully utilizes intelligent contract features.
The technical scheme adopted for solving the technical problems is that an intelligent contract vulnerability detection method based on characteristic enhancement of typical contract graphs is characterized in that firstly, intelligent contract source codes are modeled as graphs, and a time sequence message propagation network is used for extracting the whole semantic grammar characteristics of intelligent contracts; further calculating grammar similarity between intelligent contracts by using an identifier sequence matching algorithm, and constructing a typical contract graph by taking the similarity between contracts as a standard with a connection relationship and taking the whole semantic grammar characteristic of the contracts as a node; then, the graph rolling network and a self-attention mechanism are used for extracting intelligent contract category characteristics contained in the typical contract graph, and the intelligent contract category characteristics are spliced with the whole semantic grammar characteristics of the contract, so that the enhancement of contract characteristic data is realized; based on the enhanced feature data, a convolutional neural network is used for completing the two classification tasks of intelligent contract vulnerability detection.
The method specifically comprises the following steps:
generating and encoding an intelligent contract graph: screening risk functions, variables and callback functions from the intelligent contract source codes, determining calling relations among the risk functions, the variables and the callback functions, taking the risk functions, the variables and the callback functions as nodes, and generating an intelligent contract graph by taking characterization of different calling relations as edges; encoding the relation types of the nodes and the edges in the intelligent contract graph to obtain node characteristics and edge type characteristics;
semantic grammar characterization: updating node characteristics by using a time sequence of edges by using a time sequence message propagation network, and adding all node characteristics at the final moment to obtain semantic grammar representation of the intelligent contract;
calculating similarity values among intelligent contracts; calculating a similarity value between every two intelligent contracts;
typical contract diagram construction steps: after the similarity values among all intelligent contracts are obtained, two intelligent contracts which are larger than the similarity threshold value are regarded as having a connection relationship by setting the similarity threshold value; then, the semantic grammar of the intelligent contracts is used as a node, the connection relation among the intelligent contracts is used as an edge, and the intelligent contracts with the connection relation are constructed into a typical contract graph; extracting the characteristics of each node in the typical contract graph through a graph rolling network, and carrying out maximum pooling treatment on the characteristics to obtain typical contract characterization;
typical contracts based on the attention mechanism characterize the update step: inputting the representation of the representative contract to be updated and the representation of the other representative contract into a cosine function, outputting a cosine similarity result of the representation of the representative contract to be updated and the representation of the other representative contract by the cosine function, taking the cosine similarity result as the attention coefficients of the representation of the two representative contracts, normalizing the attention coefficients, and using the normalized result for representing the importance coefficient of the representative contract to be updated of the other representative contract; after importance degree coefficients of all typical contracts to be updated are obtained, weighting and summing all importance degree coefficients to be updated typical contract representations, inputting the weighted and summed result into an activation function, and taking the output result of the activation function as an updated typical contract representation;
the intelligent contract final characterization generating step: the semantic grammar representation of the intelligent contract to be detected and the updated typical contract representation are spliced to obtain the intelligent contract final representation;
and (3) a loophole detection step: and finally, the intelligent contract to be detected is characterized and input into a convolutional neural network for completing vulnerability detection training, and the convolutional neural network outputs a classification result of whether the vulnerability exists.
On the premise that the time sequence message propagation network is utilized to extract the whole semantic grammar characteristics of the contracts, the method clusters the contracts with similar function categories through an unsupervised clustering method to obtain a typical contract graph, then utilizes the graph convolution network and a self-attention mechanism to extract the characteristics containing contract category information from the typical contract graph, and then splices the contract category characteristics with the whole semantic grammar characteristics of the contracts, thereby realizing the full utilization of the contract characteristics and optimizing the effect of the machine learning model on the detection of the contract loopholes.
The invention has the beneficial effects that:
(1) Effectiveness. Aiming at the defect of insufficient development of the current intelligent contract vulnerability detection research on contract characteristics, the invention provides a method for constructing an intelligent contract graph to extract contract category characteristics so as to enhance contract characteristic data.
(2) And (5) comprehensively. According to the method, more comprehensive intelligent contract characteristics are considered, so that the machine learning model can learn more information related to the contract loopholes, and therefore unknown loopholes can be identified.
Drawings
Fig. 1 is a schematic view of a scenario provided by an embodiment of the present invention.
FIG. 2 is a flow chart of an intelligent contract vulnerability detection method based on typical contract graph feature enhancement of the present invention.
Detailed Description
The following description of the embodiments of the invention is presented in conjunction with the accompanying drawings to provide a better understanding of the invention to those skilled in the art. It is to be expressly noted that in the description below, detailed descriptions of known functions and designs are omitted here as perhaps obscuring the present invention.
The intelligent block chain contract deployment scene applied by the invention is shown in figure 1: blockchain smart contract deployment is the process of deploying smart contract source code onto a blockchain network. Before determining a proper blockchain platform and completing the writing of the intelligent contract source codes and further implementing deployment, testing the intelligent contract is required to ensure that the functions and logic of the intelligent contract are correct, and checking the intelligent contract source codes to detect whether the intelligent contract source codes contain vulnerabilities which can be utilized and attacked. The smart contracts are non-tamper-evident once deployed, so detecting and verifying the smart contracts before they are deployed is critical to the assurance of blockchain security.
The specific steps are shown in fig. 2:
(1) For the intelligent contract source codes, screening risk functions, variables and callback functions from the intelligent contract source codes, wherein the risk functions are screened through expert rules; after the calling relations among the risk functions, the variables and the callback functions are determined, the contracts are modeled to take the risk functions, the variables and the callback functions as nodes, the characteristics of different calling relations are taken as edges, and an intelligent contract graph is generated, wherein the information of the edges comprises a starting node, an ending node, the time sequence of calling execution (the time sequence of the edges) and the type of calling (the type of the edges). After obtaining the contract graph, the node and edge types of the intelligent contract graph are encoded by using Word2vec and One-hot methods respectively.
(2) Node characteristic V= { V of intelligent contract graph obtained based on encoding 1 ,v 2 ,…,v n },V∈R n×d Type feature E= { E of sum edge 1 ,e 2 ,…,e m },E∈R m×d Updating node characteristics according to the time sequence of the edge by using a time sequence message propagation network, and finally obtaining semantic grammar representation of the whole contract by adding and aggregating the characteristics of all nodes at the final momentWherein n is the total number of nodes of the intelligent contract graph, m is the total number of types of edges, and d is the dimension of a single element in the feature; the TMP is a neural network, the processing function of the TMP is denoted by f, and in the embodiment, the TMP is used to update node characteristics according to the edge time sequence, such as v 1 ′ =f(v 1 ,v 1 +e 1 |θ 1 ) Wherein θ is 1 A parameter representing a network f that can be updated by training.
(3) Similarity between contracts is calculated based on intelligent contract source code.
(3.1) calculating grammar similarity between Smart contracts
The grammar similarity between contracts is calculated by using an identifier sequence matching algorithm based on code segments, and the method is concretely realized as follows: firstly, generating identifiers for each row of codes of the code segments to obtain an identifier sequence, then comparing the identifier sequences to obtain the longest matching subsequence of the identifiers between the code segments, and calculating the ratio of the length of the matching subsequence to the total length of the identifier sequence to evaluate the grammar similarity of the two code segments. The grammatical similarity between smart contracts is denoted as syncaxsimi.
(3.2) calculating semantic similarity between Smart contracts
And vectorizing each word in the intelligent contract source code, and adding all word vectors according to dimensions to obtain the vector representation of the contract code. Semantic similarity SemanticSimi between contracts is characterized using cosine distances between different contract vectors.
(3.3) similarity between intelligent contracts is expressed as a weighted sum of grammatical similarity and semantic similarity:
Simi=α·SyntaxSimi+β·SemanticSimi
(4) After obtaining the similarity Simi between all intelligent contracts, a similarity threshold of 0.7 is set to determine whether there is a connection relationship between contracts, if Simi (C 1 ,C 2 )>0.7, then indicate contract C 1 And contract C 2 There is a connection relationship between them, and there is a great possibility that contracts with connection relationships belong to one category. And constructing the intelligent contracts with the connection relations as typical contract graphs by taking the whole semantic grammar characteristics of the contracts as nodes and the connection relations among the contracts as edges.
(5) Representative smart contract graphs are represented as the set g= { G 1 ,G 2 ,…,G N }. For G i I epsilon {1, …, N }, learn its nodes through the graph rolling network GCNC i ∈R M×d Is characterized by theta 2 Parameters representing the network GCN that can be updated by training:
re-pairingCarrying out maximum pooling to obtain G i Is characterized by:
the characterization of class N canonical contracts can be obtained by doing the above operations for all canonical contract graphs in Gg i ∈R 1 ×d 。
(6) Based on the thought of the self-attention mechanism, vector similarity between different typical intelligent contract graphs is calculated through cosine function and is used as an attention coefficient:
d ij =cos(g i ,g j )
and normalizing:
α ij =softmax(d ij )
wherein alpha is ij For representing G j For G i Is used to update G i Is characterized by:
where σ (·) represents the activation function. The method can enable the model to pay attention to contract category characteristics which are more relevant to the current vulnerability detection task.
(7) Integral semantic grammar feature c by stitching intelligent contracts j Typical contract category features corresponding to itEnhancement of contract feature data is achieved, and finally, contracts obtained after splicing are characterized:
(8) Since intelligent contract vulnerability detection is essentially a classification task, i.e., determining if a contract is vulnerable, convolutional neural networks are used as the model's output classification network. Characterizing previously spliced contractsAnd the input is used for extracting classification information through a convolutional neural network and outputting a classification result.
The present invention considers the following factors that affect intelligent contract detection:
firstly, for traditional intelligent contract vulnerability detection methods based on code analysis, although the traditional intelligent contract vulnerability detection methods can effectively detect some conventional vulnerabilities, the traditional intelligent contract vulnerability detection methods depend on rules formulated by experts, and expert rules are only artificial summary of known vulnerability patterns and cannot cover some complex vulnerability patterns. Therefore, the traditional detection method has a larger limitation on various intelligent contract loopholes.
Moreover, the intelligent contract vulnerability detection method of machine learning is mostly limited to utilizing semantic grammar features of intelligent contracts, but does not fully mine the relation between the category of the intelligent contracts and the vulnerability, and extracts corresponding intelligent contract category features as the object of machine learning model learning.
Based on the above points, the intelligent contract vulnerability detection method based on characteristic enhancement of the typical contract graph designed in the embodiment extracts category characteristics of intelligent contracts from the typical contract graph by constructing the typical contract graph, and splices the category characteristics of the intelligent contracts with integral semantic grammar characteristics of the intelligent contracts to enhance intelligent contract characteristic data, so that the effect of machine learning model on detecting the vulnerability of the contract is optimized.
While the foregoing describes illustrative embodiments of the present invention to facilitate an understanding of the present invention by those skilled in the art, it should be understood that the present invention is not limited to the scope of the embodiments, but is to be construed as protected by the accompanying claims insofar as various changes are within the spirit and scope of the present invention as defined and defined by the appended claims.
Claims (5)
1. An intelligent contract vulnerability detection method based on characteristic enhancement of a typical contract graph is characterized by comprising the following steps:
generating and encoding an intelligent contract graph: screening risk functions, variables and callback functions from the intelligent contract source codes, determining calling relations among the risk functions, the variables and the callback functions, taking the risk functions, the variables and the callback functions as nodes, and generating an intelligent contract graph by taking characterization of different calling relations as edges; encoding the relation types of the nodes and the edges in the intelligent contract graph to obtain node characteristics and edge type characteristics;
semantic grammar characterization: updating node characteristics by using a time sequence of edges by using a time sequence message propagation network, and adding all node characteristics at the final moment to obtain semantic grammar representation of the intelligent contract;
calculating similarity values among intelligent contracts; calculating a similarity value between every two intelligent contracts;
typical contract diagram construction steps: after the similarity values among all intelligent contracts are obtained, two intelligent contracts which are larger than the similarity threshold value are regarded as having a connection relationship by setting the similarity threshold value; then, the semantic grammar of the intelligent contracts is used as a node, the connection relation among the intelligent contracts is used as an edge, and the intelligent contracts with the connection relation are constructed into a typical contract graph; extracting the characteristics of each node in the typical contract graph through a graph rolling network, and carrying out maximum pooling treatment on the characteristics to obtain typical contract characterization;
typical contracts based on the attention mechanism characterize the update step: inputting the representation of the representative contract to be updated and the representation of the other representative contract into a cosine function, outputting a cosine similarity result of the representation of the representative contract to be updated and the representation of the other representative contract by the cosine function, taking the cosine similarity result as the attention coefficients of the representation of the two representative contracts, normalizing the attention coefficients, and using the normalized result for representing the importance coefficient of the representative contract to be updated of the other representative contract; after importance degree coefficients of all typical contracts to be updated are obtained, weighting and summing all importance degree coefficients to be updated typical contract representations, inputting the weighted and summed result into an activation function, and taking the output result of the activation function as an updated typical contract representation;
the intelligent contract final characterization generating step: the semantic grammar representation of the intelligent contract to be detected and the updated typical contract representation are spliced to obtain the intelligent contract final representation;
and (3) a loophole detection step: and finally, the intelligent contract to be detected is characterized and input into a convolutional neural network for completing vulnerability detection training, and the convolutional neural network outputs a classification result of whether the vulnerability exists.
2. The method of claim 1, wherein in the step of generating and encoding the intelligent contract graph, a Word vector model Word2vec is used to encode nodes in the intelligent contract graph to obtain node characteristics, and a One-hot encoding One-hot is used to encode the relationship types of edges in the intelligent contract graph to obtain edge type characteristics.
3. The method of claim 1, wherein the specific method for calculating the similarity value between intelligent contracts is as follows: calculating grammar similarity between intelligent contract source codes by using an identifier sequence matching algorithm based on the code segments; calculating semantic similarity between intelligent contract source codes; and finally, weighting and fusing the semantic similarity and the semantic similarity to obtain a similarity value between intelligent contracts.
4. The method of claim 3, wherein the specific method for calculating the grammatical similarity between intelligent contract source codes using a code segment based identifier sequence matching algorithm is: firstly, generating identifiers for each row of codes of a code segment of the intelligent contract source codes to form an identifier sequence corresponding to the intelligent contract, then comparing the identifier sequences of the two intelligent contracts to find out the longest matching subsequence, and then calculating the ratio of the length of the longest matching subsequence to the total length of the identifier sequence to be used as the grammar similarity between the intelligent contract source codes.
5. The method of claim 3, wherein the specific method for calculating semantic similarity between intelligent contract source codes is as follows: and vectorizing each word in the intelligent contract source codes to obtain word vectors, adding all word vectors according to dimensions to obtain vector representations of the intelligent contracts, and calculating cosine distances between the vector representations of the two intelligent contracts to serve as semantic similarity between the intelligent contract source codes.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311080426.8A CN117077147A (en) | 2023-08-25 | 2023-08-25 | Intelligent contract vulnerability detection method based on characteristic enhancement of typical contract graph |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311080426.8A CN117077147A (en) | 2023-08-25 | 2023-08-25 | Intelligent contract vulnerability detection method based on characteristic enhancement of typical contract graph |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117077147A true CN117077147A (en) | 2023-11-17 |
Family
ID=88709446
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311080426.8A Pending CN117077147A (en) | 2023-08-25 | 2023-08-25 | Intelligent contract vulnerability detection method based on characteristic enhancement of typical contract graph |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117077147A (en) |
-
2023
- 2023-08-25 CN CN202311080426.8A patent/CN117077147A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113312447B (en) | Semi-supervised log anomaly detection method based on probability label estimation | |
| CN111913702B (en) | Method for identifying key classes in software system based on graph neural network | |
| CN111062036A (en) | Malicious software identification model construction method, malicious software identification medium and malicious software identification equipment | |
| CN114547611A (en) | Intelligent contract Pompe fraudster detection method and system based on multi-modal characteristics | |
| CN114942879A (en) | Source code vulnerability detection and positioning method based on graph neural network | |
| CN114676435A (en) | Knowledge graph-based software vulnerability availability prediction method | |
| CN115344863A (en) | Malicious software rapid detection method based on graph neural network | |
| CN116467710A (en) | Unbalanced network-oriented malicious software detection method | |
| CN113904844B (en) | Intelligent contract vulnerability detection method based on cross-mode teacher-student network | |
| Matsumoto et al. | XCSR based on compressed input by deep neural network for high dimensional data | |
| CN113609488B (en) | Vulnerability detection method and system based on self-supervised learning and multichannel hypergraph neural network | |
| CN113343123A (en) | Training method and detection method for generating confrontation multiple relation graph network | |
| CN116663018A (en) | Vulnerability detection method and device based on code executable path | |
| CN116361788A (en) | Binary software vulnerability prediction method based on machine learning | |
| CN116628695A (en) | Vulnerability discovery method and device based on multitask learning | |
| CN117077147A (en) | Intelligent contract vulnerability detection method based on characteristic enhancement of typical contract graph | |
| Gomes et al. | Bert-based feature extraction for long-lived bug prediction in floss: a comparative study | |
| Luo et al. | Binary code similarity detection through LSTM and Siamese neural network | |
| CN115577361B (en) | Improved PHP Web shell detection method based on graph neural network | |
| Shen et al. | GHGDroid: Global heterogeneous graph-based android malware detection | |
| Li et al. | On Testing and Evaluation of Artificial Intelligence Models | |
| Xue et al. | VulSAT: Source Code Vulnerability Detection Scheme Based on SAT Structure | |
| CN117556425B (en) | Intelligent contract vulnerability detection method, system and equipment based on graph neural network | |
| Wang et al. | Low-code vulnerability identification based on TextCNN | |
| CN115758372A (en) | Intelligent contract code security detection method based on evidence theory graph learning |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |