Jisuanji kexue (Apr 2023)
Smart Contract Vulnerability Detection Based on Abstract Syntax Tree Pruning
Abstract
With the development of blockchain technology,smart contracts have been widely used in various fields,and Ethereum has become the largest smart contract platform.At the same time,the frequent smart contract vulnerabilities have caused huge economic losses.The vulnerability detection of smart contract has become the focus of research,while the previous smart contract vulnerability detection tools can not make good use of the syntax information of the contract source code.Aiming at the re-entrancy vulnerability of smart contract,firstly,this paper proposes SCDefender,a vulnerability detection tool based on deep learning.Taking the abstract syntax tree form of the Solidity source code of smart contract as the research object,the tree-based convolutional neural networks is used for vulnerability detection.Secondly,an abstract syntax tree pruning algorithm is proposed to remove the nodes irrelevant to the vulnerability detection task and retain the key information in the abstract syntax tree.The accuracy,recall rate and F1 value of SCDefender vulnerability detection is 81.43%,92.12% and 86.45% respectively,which has a good vulnerability detection effect.Ablation experiments show that the abstract syntax tree pruning algorithm has an important contribution to the vulnerability detection task of SCDefender.
Keywords