Towards Effective Static Analysis Approaches for Security Vulnerabilities in Smart ContractsVirtual
The growth in the popularity of smart contracts has been accompanied by a rise in security attacks targeting smart contracts, which have led to financial losses of millions of dollars and erosion of trust. To enable developers discover vulnerabilities in smart contracts, several static analysis tools have been proposed. However, despite the numerous bug-finding tools, security vulnerabilities abound in smart contracts, and developers rely on finding vulnerabilities manually. Our goal in this dissertation study is to expand the space of security vulnerabilities detection by proposing effective static analysis approaches for smart contracts. We study the effectiveness of the existing static analysis tools and propose solutions for security vulnerabilities detection relying on analyzing the dependency of the contract code on user inputs that lead to security vulnerabilities. Our results of evaluating static analysis tools show that existing static tools for smart contracts have significant false-negatives and false-positives. Further, the results show that our first vulnerability detection approach achieves a significant improvement in the effectiveness of detecting vulnerabilities compared to the prior work.
Mon 10 OctDisplayed time zone: Eastern Time (US & Canada) change
08:30 - 10:00 | |||
08:30 5mDay opening | Welcome from the Chairs Doctoral Symposium | ||
08:35 55mKeynote | Secrets of the Tenured Professor Doctoral Symposium Tim Menzies North Carolina State University Pre-print | ||
09:30 30mDoctoral symposium paper | Towards Effective Static Analysis Approaches for Security Vulnerabilities in Smart ContractsVirtual Doctoral Symposium Asem Ghaleb University of British Columbia |