面向以太坊智能合约的图神经网络漏洞检测OA北大核心CSTPCD

A smart contract is an important part of the blockchain,and the Ethereum platform enables decentralized applications by deploying a large number of smart contracts,which is associated with billions of dollars worth of digital currency.However,a smart contract is a piece of code written in a high-level language,which can be vulnerable to attacks and cause huge economic losses.Currently,smart contract vulnerabilities are one of the serious threats to Ethereum.Traditional smart contract vulnerability detection methods rely heavily on fixed expert rules,resulting in low accuracy and time-consuming.In recent years,some researchers have used machine learning methods for vulnerability detection,but the detection methods they use do not fully utilize the semantic information of smart contract source code.In this paper,the smart contract source code is constructed as a smart contract graph with a data flow and control flow information,and the attention mechanism is utilized to assign different weights to the nodes in the graph according to their criticality to update the graph node features for contract vulnerability detection.In the paper,experiments are conducted on reentrant vulnerabilities and timestamp vulnerabilities.Experimental results show that compared with the traditional graph neural network detection model,the model in the paper improves the accuracy in the two vulnerability detections by 11.18% and 10.06%,respectively.The experiments demonstrate that smart contract vulnerabilities are not only related to the structural features of the contract code,but also closely related to different functions and data variables.