TY - GEN
T1 - VULTRON
T2 - 41st IEEE/ACM International Conference on Software Engineering: New Ideas and Emerging Results, ICSE-NIER 2019
AU - Wang, Haijun
AU - Li, Yi
AU - Lin, Shang Wei
AU - Ma, Lei
AU - Liu, Yang
PY - 2019/5
Y1 - 2019/5
N2 - Despite the high stakes involved, smart contracts are often developed in an undisciplined way thus far. The existence of vulnerabilities compromises the security and reliability of smart contracts, and endangers the trust of participants in their ongoing businesses. Existing vulnerability detection techniques are often designed case-by-case, making them difficult to generalize. In this paper, we design general principles for detecting vulnerable smart contracts. Our key insight is that almost all the existing transaction-related vulnerabilities are due to the mismatch between the actual transferred amount and the amount reflected on the contract's internal bookkeeping. Based on this, we propose a precise and generally applicable technique, VULTRON, which can detect irregular transactions due to various types of adversarial exploits. We also report preliminary results applying our technique to real-world case studies.
AB - Despite the high stakes involved, smart contracts are often developed in an undisciplined way thus far. The existence of vulnerabilities compromises the security and reliability of smart contracts, and endangers the trust of participants in their ongoing businesses. Existing vulnerability detection techniques are often designed case-by-case, making them difficult to generalize. In this paper, we design general principles for detecting vulnerable smart contracts. Our key insight is that almost all the existing transaction-related vulnerabilities are due to the mismatch between the actual transferred amount and the amount reflected on the contract's internal bookkeeping. Based on this, we propose a precise and generally applicable technique, VULTRON, which can detect irregular transactions due to various types of adversarial exploits. We also report preliminary results applying our technique to real-world case studies.
UR - http://www.scopus.com/inward/record.url?scp=85072081389&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85072081389&partnerID=8YFLogxK
U2 - 10.1109/ICSE-NIER.2019.00009
DO - 10.1109/ICSE-NIER.2019.00009
M3 - Conference contribution
T3 - Proceedings - 2019 IEEE/ACM 41st International Conference on Software Engineering: New Ideas and Emerging Results, ICSE-NIER 2019
SP - 1
EP - 4
BT - Proceedings - 2019 IEEE/ACM 41st International Conference on Software Engineering
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 25 May 2019 through 31 May 2019
ER -