ICSE 2024
Fri 12 - Sun 21 April 2024 Lisbon, Portugal
Wed 17 Apr 2024 16:00 - 16:15 at Grande Auditório - Security 2 Chair(s): Diomidis Spinellis

Ponzi schemes, a form of scam, have been discovered in Ethereum smart contracts in recent years, causing massive financial losses. Rule-based detection approaches rely on pre-defined rules with limited capabilities and domain knowledge dependency. Additionally, using static information like opcodes and transactions for machine learning models fails to effectively characterize the Ponzi contracts, resulting in poor reliability and interpretability.

In this paper, we propose PonziGuard, an efficient Ponzi scheme detection approach based on contract runtime behavior. Inspired by the observation that a contract’s runtime behavior is more effective in disguising Ponzi contracts from the innocent contracts, PonziGuard establishes a comprehensive graph representation called \textit{contract runtime behavior graph} (\textbf{CRBG}), to accurately depict the behavior of Ponzi contracts. Furthermore, it formulates the detection process as a graph classification task, enhancing its overall effectiveness. We conducted comparative experiments on a ground-truth dataset and applied PonziGuard to Ethereum Mainnet. The results show that PonziGuard outperforms the current state-of-the-art approaches and is also effective in open environments. Using PonziGuard, we have identified 805 Ponzi contracts on Ethereum Mainnet, which have resulted in an estimated economic loss of 281,700 Ether or approximately $500 million USD.

Wed 17 Apr

Displayed time zone: Lisbon change

16:00 - 17:30
Security 2Research Track / Software Engineering in Practice / Journal-first Papers / New Ideas and Emerging Results at Grande Auditório
Chair(s): Diomidis Spinellis Athens University of Economics and Business; Delft University of Technology
16:00
15m
Talk
PonziGuard: Detecting Ponzi Schemes on Ethereum with Contract Runtime Behavior Graph (CRBG)
Research Track
Ruichao Liang Wuhan University, Jing Chen Wuhan University, Kun He Wuhan University, Yueming Wu Nanyang Technological University, Gelei Deng Nanyang Technological University, Ruiying Du Wuhan University, Cong Wu Wuhan University
16:15
15m
Talk
FuzzSlice: Pruning False Positives in Static Analysis Warnings through Function-Level Fuzzing
Research Track
Aniruddhan Murali University of Waterloo, Noble Saji Mathews University of Waterloo, Canada, Mahmoud Alfadel University of Waterloo, Mei Nagappan University of Waterloo, Meng Xu University of Waterloo
DOI Pre-print
16:30
15m
Talk
LibvDiff: Library Version Difference Guided OSS Version Identification in Binaries
Research Track
Chaopeng Dong University of Chinese Academy of Sciences & Institute of Information Engineering Chinese Academy of Sciences, China, Siyuan Li University of Chinese Academy of Sciences & Institute of Information Engineering Chinese Academy of Sciences, China, shouguo yang Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China, Yang Xiao Institute of Information Engineering at Chinese Academy of Sciences; University of Chinese Academy of Sciences, Yongpan Wang University of Chinese Academy of Sciences & Institute of Information Engineering Chinese Academy of Sciences, China, Hong Li Institute of Information Engineering at Chinese Academy of Sciences, Zhi Li Institute of Information Engineering, Chinese Academy of Sciences, China, Limin Sun Institute of Information Engineering at Chinese Academy of Sciences; University of Chinese Academy of Sciences
16:45
15m
Talk
PrivacyCAT: Privacy-Aware Code Analysis at Scale
Software Engineering in Practice
17:00
7m
Talk
Software in the Manufacturing Industry: Emerging Security Challenge Areas for IIoT Platforms
Software Engineering in Practice
Yannick Landeck fortiss GmbH, Dian Balta fortiss GmbH, Martin Wimmer Siemens AG, Christian Knierim Siemens AG
DOI
17:07
7m
Talk
Detecting and Characterizing Propagation of Security Weaknesses in Puppet-based Infrastructure Management
Journal-first Papers
Akond Rahman Auburn University, Chris Parnin Microsoft
17:14
7m
Talk
Synthesis of Allowlists for Runtime Protection against SQLi
New Ideas and Emerging Results
Kostyantyn Vorobyov Oracle Labs, François Gauthier Oracle Labs, Paddy Krishnan Oracle Labs, Australia
Hide past events