ICSE 2024
Fri 12 - Sun 21 April 2024 Lisbon, Portugal
Thu 18 Apr 2024 10:30 - 11:00 at Open Space - Posters 3

Decentralized finance (DeFi) is revolutionizing the traditional centralized finance paradigm with its attractive features such as high availability, transparency, and tamper-proofing. However, attacks targeting DeFi services have severely damaged the DeFi market, as evidenced by our investigation of 80 real-world DeFi incidents from 2017 to 2022. Existing methods, based on symbolic execution, model checking, semantic analysis, and fuzzing, fall short in identifying the most DeFi vulnerability types. To address the deficiency, we propose Context-Sensitive Concolic Verification (CSCV), a method of automating the DeFi vulnerability finding based on user-defined properties formulated in temporal logic. CSCV builds and optimizes contexts to guide verification processes that dynamically construct context-carrying transition systems in tandem with concolic executions. Furthermore, we demonstrate the effectiveness of CSCV through experiments on real-world DeFi services and qualitative comparison. The experiment results indicate that our CSCV prototype successfully detects 76.25% of the vulnerabilities from the investigated incidents with reasonable heuristics. Remarkably, these identified vulnerabilities cover all six categorized DeFi vulnerability types and are exemplified by 1,498 attack vectors, including 20.96% previously unknown attacks.

Thu 18 Apr

Displayed time zone: Lisbon change

10:30 - 11:00
Posters 3Posters at Open Space
10:30
30m
Poster
Unleashing the Power of Clippy in Real-World Rust Projects
Posters
Chunmiao Li National Institute of Informatics, Yijun Yu The Open University, UK, Haitao Wu Huawei Technologies Canada, Luca Carlig Huawei Ireland Research Center, Shijie Nie Fujitsu R&D Center, Lingxiao Jiang Singapore Management University
10:30
30m
Poster
The Impact of a Live Refactoring Environment on Software Development
Posters
Sara Fernandes FEUP, Universidade do Porto, Ademar Aguiar Faculty of Engineering, University of Porto & INESC TEC, André Restivo LIACC, Universidade do Porto, Porto, Portugal
10:30
30m
Poster
Tracking assets in source code with Security Annotations
Posters
Daniel Haak Augsburg Technical University of Applied Sciences, Raphael Mayr Augsburg Technical University of Applied Sciences, Jan-Philipp Steghöfer XITASO GmbH IT & Software Solutions, Alexandra Teynor Augsburg Technical University of Applied Sciences, Phillip Heidegger Augsburg Technical University of Applied Sciences
10:30
30m
Poster
eAIEDF: Extended AI Error Diagnosis Flowchart for Automatically Identifying Misprediction Causes in Production Models
Posters
Keita Sakuma NEC Corporation, Ryuta Matsuno NEC Corporation, Yoshio Kameda NEC Corporation
10:30
30m
Poster
SLIM: a Scalable and Interpretable Light-weight Fault Localization Algorithm for Imbalanced Data in Microservice
Posters
Rui Ren DAMO Academy, Alibaba Group Hangzhou, China, Jingbang Yang DAMO Academy, Alibaba Group Hangzhou, China, Linxiao Yang DAMO Academy, Alibaba Group Hangzhou, China, Xinyue Gu DAMO Academy, Alibaba Group Hangzhou, China, Liang Sun DAMO Academy, Alibaba Group Hangzhou, China
10:30
30m
Poster
Designing Digital Twins for Enhanced Reusability
Posters
Olga Ratushniak University of Gothenburg, Beatriz Cabrero-Daniel University of Gothenburg
10:30
30m
Poster
MUFIN: Improving Neural Repair Models with Back-Translation
Posters
André Silva KTH Royal Institute of Technology, João F. Ferreira INESC-ID and IST, University of Lisbon, He Ye Carnegie Mellon University, Martin Monperrus KTH Royal Institute of Technology
10:30
30m
Poster
Blocks? Graphs? Why Not Both? Designing and Evaluating a Hybrid Programming Environment for End-users
Posters
Nico Ritschel University of British Columbia, Felipe Fronchetti Virginia Commonwealth University, Reid Holmes University of British Columbia, Ronald Garcia University of British Columbia, David C. Shepherd Louisiana State University
10:30
30m
Poster
Fault Localization on Verification Witnesses
Posters
Dirk Beyer LMU Munich, Matthias Kettl LMU Munich, Thomas Lemberger LMU Munich
10:30
30m
Poster
Analyzing the Impact of Context Representation and Scope in Code Infilling
Posters
Jinseok Heo Sungkyunkwan University, Eunseok Lee Sungkyunkwan University
10:30
30m
Poster
Hunting DeFi Vulnerabilities via Context-Sensitive Concolic Verification
Posters
Yepeng Ding University of Tokyo, Arthur Gervais Imperial College London, Roger Wattenhofer ETHZ, Hiroyuki Sato The University of Tokyo
DOI Pre-print Media Attached
10:30
30m
Poster
Exploring the Computational Complexity of SAT Counting and Uniform Sampling with Phase Transitions
Posters
Olivier Zeyen University of Luxembourg, SnT, Maxime Cordy University of Luxembourg, Luxembourg, Gilles Perrouin Fonds de la Recherche Scientifique - FNRS & University of Namur, Mathieu Acher University of Rennes, France / Inria, France / CNRS, France / IRISA, France
10:30
30m
Poster
GRAIL: Checking Transaction Isolation Violations with Graph Queries
Posters
Stefania Dumbrava ENSIIE & Institut Polytechnique de Paris, Zhao Jin ENSIIE, Burcu Kulahcioglu Ozkan Delft University of Technology, Jingxuan Qiu Delft University of Technology