Survey on Vulnerability Detection Technology of Smart Contracts

被引：0

作者：

Dong W.-L. ^{[1
]}

Liu Z. ^{[1
]}

Liu K. ^{[1
]}

Li L. ^{[2
]}

Ge C.-P. ^{[1
]}

Huang Z.-Q. ^{[1
]}

机构：

[1] College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing

[2] Monash University, Clayton, 3800, VIC

来源：

Ruan Jian Xue Bao/Journal of Software | 2024年 / 35卷 / 01期

关键词：

contract program analysis; contract quality assurance; contract reliability; contract security; smart contract; vulnerability detection;

D O I：

10.13328/j.cnki.jos.006810

中图分类号：

学科分类号：

摘要：

As the trusted decentralized application, smart contracts attract widespread attention, whereas their security vulnerabilities threaten the reliability. To this end, researchers employ various advanced technologies (such as fuzz testing, machine learning, and formal verification) to study several vulnerability detection technologies and yield sound effects. This study collects 84 related papers by July 2021 to systematically sort out and analyze existing vulnerability detection technologies of smart contracts. First of all, vulnerability detection technologies are categorized according to their core methodologies. These technologies are analyzed from the aspects of implementation methods, vulnerability categories, and experimental data. Additionally, the differences between domestic and international research in these aspects are compared. Finally, after summarizing the existing technologies, the study discusses the challenges of vulnerability detection technologies and potential research directions. © 2024 Chinese Academy of Sciences. All rights reserved.

引用

页码：38 / 62

页数：24

共 145 条

[1] Szabo N., Smart contracts: Building blocks for digital markets, EXTROPY: The Journal of Transhumanist Thought, 18, 2, (1996)
[2] Wood G., Ethereum: A secure decentralised generalised transaction ledger, Ethereum Project Yellow Paper, 151, pp. 1-32, (2014)
[3] The Ethereum blockchain explorer, (2023)
[4] Bogner A, Chanson M, Meeuw A., A decentralised sharing APP running a smart contract on the Ethereum blockchain, Proc. of the 6th Int’l Conf. on the Internet of Things, pp. 177-178, (2016)
[5] Atzei N, Bartoletti M, Cimoli T., A survey of attacks on Ethereum smart contracts (SoK), Proc. of the 6th Int’l Conf. on Principles of Security and Trust, pp. 164-186, (2017)
[6] Solidity, (2023)
[7] Antonopoulos AM, Wood G., Mastering Ethereum: Building Smart Contracts and Dapps, (2018)
[8] Brent L, Jurisevic A, Kong M, Liu E, Gauthier F, Gramoli V, Holz R, Scholz B., Vandal: A scalable security analysis framework for smart contracts, (2018)
[9] Siegel D., Understanding the DAO attack, (2023)
[10] On the Parity multi-sig wallet attack, (2017)

← 1 2 3 4 5 6 7 8 9 10 →