Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Intelligent contract multi-vulnerability detection method and system based on source code graph representation learning

A technology for smart contract and vulnerability detection, applied in the field of software security, can solve the problems of large-scale code detection that cannot be applied to smart contracts, fund freezing, and long detection cycle, so as to avoid the loss of code structure characteristics, improve the scope of application, and improve the accuracy rate effect

Pending Publication Date: 2021-09-07
YANGZHOU UNIV
View PDF0 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, compared with traditional software, since smart contracts manage a large number of virtual assets, once they have vulnerabilities and are attacked, they will cause huge economic losses
The Dao security breach in 2016 resulted in a loss of $60 million; the Parity wallet breach in July 2017 resulted in $150 million in funds being permanently frozen; the DODO contract in March 2021 resulted in $3.8 million in assets due to a loophole stolen
These methods have problems such as low execution efficiency, low code coverage and long detection cycle, and the accuracy of detection depends entirely on the definition of expert rules.
With the explosive growth of the number of smart contracts, the current vulnerability detection methods based on expert rules and static analysis cannot be applied to the detection of rapidly changing smart contract applications and large-scale codes

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intelligent contract multi-vulnerability detection method and system based on source code graph representation learning
  • Intelligent contract multi-vulnerability detection method and system based on source code graph representation learning
  • Intelligent contract multi-vulnerability detection method and system based on source code graph representation learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0052] In order to make the purpose, technical solution and advantages of the present application clearer, the present application will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present application, not to limit the present application.

[0053] In one embodiment, combined with figure 1 , the present invention proposes a smart contract multi-vulnerability detection method based on source code graph representation learning, comprising the following steps:

[0054] (1) Construct a smart contract source code data set, and mark whether there are loopholes in the samples in the data set;

[0055] (2) Combining the abstract syntax tree and semantic information of the smart contract to construct a smart contract function granular code attribute graph; each node in the code attribute graph contains code statements and node types, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an intelligent contract multi-vulnerability detection method and system based on source code graph representation learning, and the method comprises the steps: carrying out representation of an intelligent contract source code through a function granularity code attribute graph in combination with an abstract syntax tree and semantic information of an intelligent contract; and according to grammatical features of different types of vulnerabilities of the intelligent contract, defining a slicing criterion, using a program slicing technology to carry out noise reduction on the intelligent contract graph representation, carrying out feature extraction in combination with a gated graph neural network, and carrying out vulnerability prediction based on the extracted features. The method has the advantages that the intelligent contract source code is represented by combining multiple graph structures, and grammar and semantic information and a context structure of the code are fully reserved; noise codes irrelevant to vulnerability detection are removed by using a program slicing technology, so that the detection accuracy is improved; the features of various vulnerabilities are automatically learned based on the gated graph neural network, the application range and the detection efficiency of vulnerability detection are improved, and the detection cost is reduced.

Description

technical field [0001] The invention belongs to the field of software security, and relates to a method and system for detecting multiple loopholes in smart contracts based on source code graph representation learning. Background technique [0002] A smart contract is a consensus rule that digitizes traditional contracts and runs on the blockchain platform. Compared with traditional contracts, smart contracts relying on the blockchain platform have multiple advantages: first, the execution of smart contracts does not rely on third parties, but is automatic and decentralized; second, smart contracts themselves cannot be tampered with; third , the smart contract is stored on the blockchain platform, and each blockchain node saves a copy of the contract, which is visible to everyone, ensuring the transparency of contract execution. With the development of blockchain technology, more and more developers have noticed these advantages of smart contracts and applied smart contract...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57G06F11/36G06F8/41G06N3/04G06N3/08
CPCG06F21/577G06F11/3688G06F8/43G06F8/42G06F8/436G06N3/08G06N3/045
Inventor 蔡杰李斌张佳乐孙小兵薄莉莉朱毅章永龙
Owner YANGZHOU UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com