Improving Smart Contract Security with Contrastive Learning-based Vulnerability Detection
Currently, smart contract vulnerabilities (SCVs) have emerged as a major factor threatening the transaction security of blockchain. Existing state-of-the-art methods rely on deep learning to mitigate this threat. They treat each input contract as an independent entity and feed it into a deep learning model to learn vulnerability patterns by fitting vulnerability labels. It is a pity that they disregard the correlation between contracts, failing to consider the commonalities between contracts of the same type and the differences among contracts of different types. As a result, the performance of these methods falls short of the desired level.
To tackle this problem, we propose a novel Contrastive Learning Enhanced Automated Recognition Approach for Smart Contract Vulnerabilities, named Clear. In particular, Clear employs a contrastive learning (CL) architecture to capture the fine-grained correlation information among contracts and generates correlation labels based on the relationships between contracts to guide the training process of CL. Finally, it combines the correlation and the semantic information of the contract to detect SCVs. Through an empirical evaluation of a large-scale real-world dataset of over 40K smart contracts and compare 13 state-of-the-art baseline methods. We show that Clear achieves (1) optimal performance over all baseline methods; (2) 9.73%-39.99% higher F1-score than existing deep learning methods.
Thu 18 AprDisplayed time zone: Lisbon change
11:00 - 12:30 | AI & Security 2Research Track / New Ideas and Emerging Results at Sophia de Mello Breyner Andresen Chair(s): Gabriele Bavota Software Institute @ Università della Svizzera Italiana | ||
11:00 15mTalk | Towards Causal Deep Learning for Vulnerability Detection Research Track Md Mahbubur Rahman Iowa State University, Ira Ceka Columbia University, Chengzhi Mao Columbia University, Saikat Chakraborty Microsoft Research, Baishakhi Ray AWS AI Labs, Wei Le Iowa State University | ||
11:15 15mTalk | MetaLog: Generalizable Cross-System Anomaly Detection from Logs with Meta-Learning Research Track Chenyangguang Zhang Tsinghua University, Tong Jia Institute for Artificial Intelligence, Peking University, Beijing, China, Guopeng Shen Linkedsee Technology (China) Limited, Pinyan Zhu Linkedsee Technology (China) Limited, Ying Li School of Software and Microelectronics, Peking University, Beijing, China | ||
11:30 15mTalk | Coca: Improving and Explaining Graph Neural Network-Based Vulnerability Detection Systems Research Track Sicong Cao Yangzhou University, Xiaobing Sun Yangzhou University, Xiaoxue Wu Yangzhou University, David Lo Singapore Management University, Lili Bo Yangzhou University, Bin Li Yangzhou University, Wei Liu Nanjing University Media Attached File Attached | ||
11:45 15mTalk | Improving Smart Contract Security with Contrastive Learning-based Vulnerability Detection Research Track Yizhou Chen Peking University, Zeyu Sun Institute of Software, Chinese Academy of Sciences, Zhihao Gong Peking University, Dan Hao Peking University | ||
12:00 15mTalk | On the Effectiveness of Function-Level Vulnerability Detectors for Inter-Procedural Vulnerabilities Research Track Zhen Li Huazhong University of Science and Technology, Ning Wang Huazhong University of Science and Technology, Deqing Zou Huazhong University of Science and Technology, Yating Li Huazhong University of Science and Technology, Ruqian Zhang Huazhong University of Science and Technology, Shouhuai Xu University of Colorado Colorado Springs, Chao Zhang Tsinghua University, Hai Jin Huazhong University of Science and Technology Pre-print | ||
12:15 7mTalk | Large Language Model for Vulnerability Detection: Emerging Results and Future Directions New Ideas and Emerging Results Xin Zhou Singapore Management University, Singapore, Ting Zhang Singapore Management University, David Lo Singapore Management University | ||
12:22 7mTalk | Re(gEx|DoS)Eval: Evaluating Generated Regular Expressions and their Proneness to DoS Attacks New Ideas and Emerging Results Mohammed Latif Siddiq University of Notre Dame, Jiahao Zhang , Lindsay Roney University of Notre Dame, Joanna C. S. Santos University of Notre Dame DOI Pre-print Media Attached | ||