Detecting Unknown Vulnerabilities in Smart Contracts with Binary Classification Model Using Machine Learning

Detecting Unknown Vulnerabilities in Smart Contracts with Binary Classification Model Using Machine Learning

연구 분야: Strategies

학회: International Conference on Ubiquitous Security

The emergence of smart contracts has led to the wider use of blockchain, which involves a large number of virtual currency transactions. Because smart contracts are inevitably written with some vulnerabilities, which makes them vulnerable to attacks that cause property damage, and existing detection techniques and static analysis methods mainly target known vulnerability detection. We design a machine learning-based unknown vulnerability detection scheme using opcode sequences. The scheme first obtains opcode sequences of the execution path of contract transactions in the Ethereum virtual machine (EVM) by replaying them in Ethereum. Then we use a combination of N-gram model and a vector weight penalty mechanism to extract opcode features. Finally, we validate the effectiveness of our scheme by three machine learning models, namely the K-Near Neighbor Algorithm (KNN), the Support Vector Machine (SVM), and the Logistic Regression (LR). The SVM model achieves an accuracy of 91.4% and F1-score of 75.3% for the detection of unknown vulnerabilities.