Enhancing Reentrancy Vulnerability Detection and Repair with a Hybrid Model Framework
Smart contracts have brought revolutionary advancements to the credit landscape. However, their security remains intensely scrutinized due to numerous hacking incidents and inherent logical challenges. One well-known and representative issue is reentrancy vulnerability, exemplified by DAO attacks that lead to substantial economic losses. Conventional approaches to detect and repair reentrancy vulnerability often suffer from numerous limitations, encompassing disregard for the intricate vulnerability features and the overfitting problems associated with imbalanced datasets. Large language models are distinguished for their excellent language understanding and have achieved explosive success in artificial intelligence. However, direct prompt-based LLMs-driven approaches for reentrancy vulnerability are plagued by inefficiencies and a lack of domain-specific vulnerability knowledge. This paper proposes a hybrid framework to enhance reentrancy vulnerability detection and repair and safeguard smart contract security. This unified framework comprises two crucial modules: enhanced DL-driven vulnerability detection and knowledge-aware LLMs-driven vulnerability repair. Our approach can significantly enhance reentrancy vulnerability detection and repair efficiency by integrating advanced techniques such as feature extraction, data balancing, deep learning networks, and knowledge-aware prompting. Extensive experimental results validate the superiority of our approach over state-of-the-art baselines, emphasizing its potential to fortify the security of smart contracts and blockchain-based systems. For instance, our approach can achieve 3.51%, 2.31%, 0.42%, and 0.85% improvements in accuracy, recall, precision, and F1 score while detecting reentrancy vulnerability. Additionally, our approach also can achieve a 9.62% improvement in reentrancy vulnerability repair.
Thu 5 DecDisplayed time zone: Beijing, Chongqing, Hong Kong, Urumqi change
14:00 - 15:30 | Session (11)Technical Track / ERA - Early Research Achievements at Room 4 (Xianglin Ballroom) Chair(s): Deron Liang National Central University | ||
14:00 30mTalk | Enhancing the Transferability of Adversarial Attacks for End-to-End Autonomous Driving Systems Technical Track Jingyu Zhang City University of Hong Kong, Jacky Keung City University of Hong Kong, Xiaoxue Ma City University of Hong Kong, Yihan Liao City University of Hong Kong, Yishu Li City University of Hong Kong, Yicheng Sun City University of Hong Kong | ||
14:30 30mTalk | Enhancing Reentrancy Vulnerability Detection and Repair with a Hybrid Model Framework Technical Track Mengliang Li Zhejiang University, Xiaoxue Ren Zhejiang University, Han Fu Zhejiang University, Zhuo Li State Street Technology(Zhejiang) Ltd, JianLing Sun Zhejiang University | ||
15:00 20mTalk | BugsInKube: A Collection of Reconciliation Bugs ERA - Early Research Achievements Kabilan Mahathevan University of Moratuwa, Sivakajan Sivaparan University of Moratuwa, Tharsha Sivapalarajah University of Moratuwa, Sunimal Rathnayake University of Moratuwa, Ridwan Salihin Shariffdeen National University of Singapore |