CKG-LLM: LLM-Assisted Detection of Smart Contract Access Control Vulnerabilities Based on Knowledge Graphs
This program is tentative and subject to change.
Traditional approaches for smart contract analysis often rely on intermediate representations such as abstract syntax trees, control-flow graphs, or static single assignment form. However, these methods face limitations in capturing both semantic structures and control logic. Knowledge graphs, by contrast, offer a structured representation of entities and relations, enabling richer intermediate abstractions of contract code and supporting the use of graph query languages to identify rule-violating elements. This paper presents CKG-LLM, a framework for detecting access-control vulnerabilities in smart contracts. Leveraging the reasoning and code generation capabilities of large language models, CKG-LLM translates natural-language vulnerability patterns into executable queries over contract knowledge graphs to automatically locate vulnerable code elements. Experimental evaluation demonstrates that CKG-LLM achieves superior performance in detecting access-control vulnerabilities compared to existing tools. Finally, we discuss potential extensions of CKG-LLM as part of future research directions.
This program is tentative and subject to change.
Fri 17 AprDisplayed time zone: Brasilia, Distrito Federal, Brazil change
16:00 - 17:30 | Dependability and Security 11Journal-first Papers / New Ideas and Emerging Results (NIER) / Research Track at Oceania X Chair(s): Jacques Klein University of Luxembourg | ||
16:00 15mTalk | AtomGraph: Tackling Atomicity Violation in Smart Contracts using Multimodal GCNs New Ideas and Emerging Results (NIER) Xiaoqi Li Hainan University, Zongwei Li Hainan University, Wenkai Li Hainan University, Zeng Zhang Hainan University, Lei Xie Hainan University | ||
16:15 15mTalk | ACFix: Guiding LLMs with Mined Common RBAC Practices for Context-Aware Repair of Access Control Vulnerabilities in Smart Contracts Journal-first Papers Lyuye Zhang Nanyang Technological University, Kaixuan Li Nanyang Technological University, Kairan Sun Nanyang Technological University, Daoyuan Wu Lingnan University, Ye Liu Singapore Management University, Haoye Tian Aalto University, Yang Liu Nanyang Technological University | ||
16:30 15mTalk | Do Automated Fixes Truly Mitigate Smart Contract Exploits? Journal-first Papers Sofia Bobadilla KTH Royal Institute of Technology, Sweden, Mónica Jin KTH Royal Institute of Technology, Martin Monperrus KTH Royal Institute of Technology | ||
16:45 15mTalk | CKG-LLM: LLM-Assisted Detection of Smart Contract Access Control Vulnerabilities Based on Knowledge Graphs New Ideas and Emerging Results (NIER) Xiaoqi Li Hainan University, Hailu Kuang Hainan University, Wenkai Li Hainan University, Zongwei Li Hainan University, Shipeng Ye Hainan University | ||
17:00 15mTalk | One Signature, Multiple Payments: Demystifying and Detecting Signature Replay Vulnerabilities in Smart Contracts Research Track Zexu Wang Sun Yat-sen University, Jiachi Chen Sun Yat-sen University, Zewei Lin Sun Yat-sen University, Wenqing Chen Sun Yat-sen University, Kaiwen Ning Sun Yat-sen University, Jianxing Yu Sun Yat-sen University, Yuming Feng Peng Cheng Laboratory, Yu Zhang Harbin Institute of Technology, Weizhe Zhang Harbin Institute of Technology, Zibin Zheng Sun Yat-sen University Pre-print Media Attached | ||
17:15 15mTalk | USCSA: Evolution-Aware Security Analysis for Proxy-Based Upgradeable Smart Contracts New Ideas and Emerging Results (NIER) Xiaoqi Li Hainan University, Lei Xie Hainan University, Wenkai Li Hainan University, Zongwei Li Hainan University Media Attached | ||