VULTRON: Catching vulnerable smart contracts once and for all

Haijun Wang, Yi Li, Shang Wei Lin, Lei Ma, Yang Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

9 Citations (Scopus)

Abstract

Despite the high stakes involved, smart contracts are often developed in an undisciplined way thus far. The existence of vulnerabilities compromises the security and reliability of smart contracts, and endangers the trust of participants in their ongoing businesses. Existing vulnerability detection techniques are often designed case-by-case, making them difficult to generalize. In this paper, we design general principles for detecting vulnerable smart contracts. Our key insight is that almost all the existing transaction-related vulnerabilities are due to the mismatch between the actual transferred amount and the amount reflected on the contract's internal bookkeeping. Based on this, we propose a precise and generally applicable technique, VULTRON, which can detect irregular transactions due to various types of adversarial exploits. We also report preliminary results applying our technique to real-world case studies.

Original languageEnglish
Title of host publicationProceedings - 2019 IEEE/ACM 41st International Conference on Software Engineering
Subtitle of host publicationNew Ideas and Emerging Results, ICSE-NIER 2019
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1-4
Number of pages4
ISBN (Electronic)9781728117584
DOIs
Publication statusPublished - May 2019
Event41st IEEE/ACM International Conference on Software Engineering: New Ideas and Emerging Results, ICSE-NIER 2019 - Montreal, Canada
Duration: May 25 2019May 31 2019

Publication series

NameProceedings - 2019 IEEE/ACM 41st International Conference on Software Engineering: New Ideas and Emerging Results, ICSE-NIER 2019

Conference

Conference41st IEEE/ACM International Conference on Software Engineering: New Ideas and Emerging Results, ICSE-NIER 2019
CountryCanada
CityMontreal
Period5/25/195/31/19

All Science Journal Classification (ASJC) codes

  • Artificial Intelligence
  • Software
  • Safety, Risk, Reliability and Quality

Fingerprint Dive into the research topics of 'VULTRON: Catching vulnerable smart contracts once and for all'. Together they form a unique fingerprint.

Cite this