HSVDetector: a heterogeneous semantic graph-based method for smart contract vulnerability detection

HSVDetector: a heterogeneous semantic graph-based method for smart contract vulnerability detection

연구 분야: Strategies

학회: The Journal of Supercomputing

With the continuous advancement of blockchain technology, smart contracts have found widespread application across various domains. However, their security vulnerabilities have increasingly attracted attention. To overcome the limitations present in current detection methods, particularly in terms of semantic representation and structural comprehension, this paper proposes Heterogeneous Semantic Vulnerability Detector (HSVDetector), a novel vulnerability detection method for smart contracts based on a Heterogeneous Semantic Graph (HSG). We construct a Variable Dependency Graph (VDG) derived from the Abstract Syntax Tree (AST) of smart contracts to capture both data flow and control flow dependencies between variables. Additionally, we generate the HSG to provide a comprehensive representation of both semantic and structural aspects of the code. To efficiently learn the features of HSG, we design the HGAT-SC model, which employs a graph attention mechanism to analyze the characteristics of heterogeneous nodes and edges. We evaluate HSVDetector on four types of vulnerabilities: timestamp dependency, reentrancy attacks, delegatecall, and integer overflow/underflow. Experimental results indicate that HSVDetector achieves detection accuracies of 93.12%, 91.15%, 95%, and 89.89% for each respective vulnerability, significantly outperforming existing methods. HSVDetector offers an innovative and effective approach for enhancing the security of smart contracts.