IEEE Access (Jan 2024)

An Integrated Smart Contract Vulnerability Detection Tool Using Multi-Layer Perceptron on Real-Time Solidity Smart Contracts

  • Lee Song Haw Colin,
  • Purnima Murali Mohan,
  • Jonathan Pan,
  • Peter Loh Kok Keong

DOI
https://doi.org/10.1109/ACCESS.2024.3364351
Journal volume & issue
Vol. 12
pp. 23549 – 23567

Abstract

Read online

perceptron (MLP). We use feature vectors from the Opcodes and CFG for the machine learning (ML) model training. The existing ML-based approaches for analyzing the smart contract code are constrained by the vulnerability detection space, significantly varying Solidity versions, and no unified approach to verify against the ground truth. The primary contributions in this paper are 1) a standardized pre-processing method for smart contract training data, 2) introducing bugs to create a balanced dataset of flawed files across Solidity versions using AST, and 3) standardizing vulnerability identification using the Smart Contract Weakness Classification (SWC) registry. The ML models employed for benchmarking the proposed MLP, and a multi-input model combining MLP and Long short-term memory (LSTM) in our study are Random forest (RF), XGBoost (XGB), Support vector machine (SVM). The performance evaluation on real-time smart contracts deployed on the Ethereum Blockchain show an accuracy of up to 91% using MLP with the lowest average False Positive Rate (FPR) among all tools and models, measuring at 0.0125.

Keywords