APSEC 2024
Tue 3 - Fri 6 December 2024 China
Thu 5 Dec 2024 14:30 - 15:00 at Room 4 (Xianglin Ballroom) - Session (11) Chair(s): Deron Liang

Smart contracts have brought revolutionary advancements to the credit landscape. However, their security remains intensely scrutinized due to numerous hacking incidents and inherent logical challenges. One well-known and representative issue is reentrancy vulnerability, exemplified by DAO attacks that lead to substantial economic losses. Conventional approaches to detect and repair reentrancy vulnerability often suffer from numerous limitations, encompassing disregard for the intricate vulnerability features and the overfitting problems associated with imbalanced datasets. Large language models are distinguished for their excellent language understanding and have achieved explosive success in artificial intelligence. However, direct prompt-based LLMs-driven approaches for reentrancy vulnerability are plagued by inefficiencies and a lack of domain-specific vulnerability knowledge. This paper proposes a hybrid framework to enhance reentrancy vulnerability detection and repair and safeguard smart contract security. This unified framework comprises two crucial modules: enhanced DL-driven vulnerability detection and knowledge-aware LLMs-driven vulnerability repair. Our approach can significantly enhance reentrancy vulnerability detection and repair efficiency by integrating advanced techniques such as feature extraction, data balancing, deep learning networks, and knowledge-aware prompting. Extensive experimental results validate the superiority of our approach over state-of-the-art baselines, emphasizing its potential to fortify the security of smart contracts and blockchain-based systems. For instance, our approach can achieve 3.51%, 2.31%, 0.42%, and 0.85% improvements in accuracy, recall, precision, and F1 score while detecting reentrancy vulnerability. Additionally, our approach also can achieve a 9.62% improvement in reentrancy vulnerability repair.

Thu 5 Dec

Displayed time zone: Beijing, Chongqing, Hong Kong, Urumqi change

14:00 - 15:30
Session (11)Technical Track / ERA - Early Research Achievements at Room 4 (Xianglin Ballroom)
Chair(s): Deron Liang National Central University
14:00
30m
Talk
Enhancing the Transferability of Adversarial Attacks for End-to-End Autonomous Driving Systems
Technical Track
Jingyu Zhang City University of Hong Kong, Jacky Keung City University of Hong Kong, Xiaoxue Ma City University of Hong Kong, Yihan Liao City University of Hong Kong, Yishu Li City University of Hong Kong, Yicheng Sun City University of Hong Kong
14:30
30m
Talk
Enhancing Reentrancy Vulnerability Detection and Repair with a Hybrid Model Framework
Technical Track
Mengliang Li Zhejiang University, Xiaoxue Ren Zhejiang University, Han Fu Zhejiang University, Zhuo Li State Street Technology(Zhejiang) Ltd, JianLing Sun Zhejiang University
15:00
20m
Talk
BugsInKube: A Collection of Reconciliation Bugs
ERA - Early Research Achievements
Kabilan Mahathevan University of Moratuwa, Sivakajan Sivaparan University of Moratuwa, Tharsha Sivapalarajah University of Moratuwa, Sunimal Rathnayake University of Moratuwa, Ridwan Salihin Shariffdeen National University of Singapore