计算机科学 ›› 2022, Vol. 49 ›› Issue (3): 52-61.doi: 10.11896/jsjkx.210700004
张潆藜, 马佳利, 刘子昂, 刘新, 周睿
ZHANG Ying-li, MA Jia-li, LIU Zi-ang, LIU Xin, ZHOU Rui
摘要: 以太坊Solidity智能合约基于区块链技术,作为一种旨在以信息化方式传播、验证或执行的计算机协议,为各类分布式应用服务提供了基础。虽然落地还不足6年,但因其安全漏洞事件频繁爆发,且造成了巨大的经济损失,使得其安全性检查方面的研究备受关注。首先基于以太坊相关技术对智能合约的一些特殊机制和运行原理进行介绍,并根据智能合约的自身特性对一些出现频率较高的智能合约漏洞进行分析,然后从符号执行、模糊测试、形式化验证和污点分析等方面分类阐述了传统的主流智能合约漏洞检测工具。此外,为了应对层出不穷的新型漏洞以及提高漏洞检测效率的需求,将近年来基于机器学习的漏洞检测技术依据其问题转化方式的不同做了分类总结,并从文本处理、非欧几里得图和标准图像3个角度进行了简要介绍。最后,针对两类检测方向的不足之处,提出了建立相关标准化、规范化信息库以及衡量指标的建议。
中图分类号:
[1]WEI A,HUANG Z Y,ZHOU M A.Research on Smart Contract Security and Implementation Specifications[J].Information Security and Technology,2020,11(3):44-49. [2]YUAN Y,WANG F Y.Current status and prospects of blockchain technology development[J].Acta Automatica Sinica,2016,42(4):481-494. [3]YIN M,MALKHI D,REITER M K,et al.HotStuff:BFT Consensus in the Lens of Blockchain[J].arXiv:1803.05069,2019. [4]KIAYIAS A,MILLER A,ZINDROS D.Non-interactive proofs of proof-of-work[C]//International Conference on Financial Cryptography and Data Security.Cham:Springer,2020:505-522. [5]BUTERIN V.A next-generation smart contract and decentra-lized application platform[EB/OL].https://the -blockchain.com/docs/Ethereum_white_paper-a_next_generation_smart_contract_and_decentralized_application_platform-vitalik-buterin.pdf. [6]FU M L,WU L F,HONG Z,et al.Research on mining techno-logy of smart contract security vulnerabilities[J].Journal of Computer Applications,2019,39(7):1959-1966. [7]SHIER C,MEHAR M I,GIAMBATTISTA A,et al.Under-standing a Revolutionary and Flawed Grand Experiment in Blockchain:The DAO Attack[J].Social Science Electronic Publishing,2017. [8]SeeBug[EB/OL].https://paper.seebug.org/. [9]BUTERIN V.Ethereum:a next-generation smart contract and decentralized application platform[EB/OL].https://bitcoinmagazine.com/articles/ethereum-next-generation-cryptocurrency-decentralized-application-platform-1390528211/. [10]NI Y D,ZHANG C,YIN T T.A Review of Research on Smart Contract Security Vulnerabilities[J].Journal of Information Security,2020,5(3):78-99. [11]ATZEI N,BARTOLETTI M,CIMOLI T.A Survey of Attacks on Ethereum Smart Contracts (SoK)[C]//International Confe-rence on Principles of Security and Trust.2017:164-186. [12]SUN J,HUANG S,ZHENG C,et al.Mutation testing for integer overflow in ethereum smart contracts[J].Tsinghua Science and Technology,2022,27(1):27-40. [13]HESSENAUER S.Batch Overflow bug on Ethereum ERC20 token contracts and SafeMath[EB/OL].https://blog.matryx.ai/batch-overflow-bug-on-ethereum-erc20-token-contracts-and-safe-math-f9ebcc137434. [14]ARIAS L,SPAGNUOLO F,GIORDANO F,et al.OpenZeppelin [EB/OL].https://github.com/OpenZeppelin/openzeppelin-Solidity. [15]KotET-Post-MortemInvestigation[EB/OL].https://www.kingoftheether.com/postmortem.html. [16]YE Z B,YAN B.Summary of symbolic execution research[J].Computer Science,2018,45(s1):28-35. [17]LOI L,DUC-HIEP C,HRISHI O,et al.Making Smart Con-tracts Smarter[C]//Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS ’16).New York,NY,USA:Association for Computing Machi-nery,2016:254-269. [18]MOURA L D,LOPES N,WINTERSTEIGER C M.Z3Prover/z3:The Z3 Theorem Prover[EB/OL].https://github.com/Z3Prover/z3. [19]ZOU Q C,WU R P,MA J X,et al.Research progress of constraint solving problems in symbolic execution[J].Journal of Beijing University of Technology,2019,39(9):957-966. [20]TORRES C F,SCHÜTTE J,STATE R.Osiris:Hunting for Integer Bugs in Ethereum Smart Contracts[C]//Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC’18).New York,NY,USA:Association for Computing Machinery,2018:664-676. [21]TIKHOMIROV S,VOSKRESENSKAYA E,IVANITSKIY I,et al.SmartCheck:Static Analysis of Ethereum Smart Contracts[C]// 2018 IEEE/ACM 1st International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB).2018:9-16. [22]KRUPP J,ROSSOW C.TEETHER:gnawing at ethereum to automatically exploit smart contracts[C]//Proceedings of the 27th USENIX Conference on Security Symposium (SEC’18).USA:USENIX Association,2018:1317-1333. [23]TORRES C F,STEICHEN M,STATE R.The art of the scam:demystifying honeypots in ethereum smart contracts[C]//Proceedings of the 28th USENIX Conference on Security Sympo-sium (SEC ’19).USA:USENIX Association,2019:1591-1607. [24]NIKOLIC I,KOLLURI A,SERGEY I,et al.Finding TheGreedy,Prodigal,and Suicidal Contracts at Scale[C]//Procee-dings of the 34th Annual Computer Security Applications Conference.2018:653-663. [25]MOSSBERG M,MANZANO F,HENNENFENT E,et al.Manticore:A User-Friendly Symbolic Execution Framework for Binaries and Smart Contracts[C]//2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE).2019:1186-1189. [26]BRENT L,JURISEVIC A,KONG M,et al.Vandal:A Scalable Security Analysis Framework for Smart Contracts[EB/OL].https://arxiv.org/abs/1809.03981. [27]ZHANG X,LI Z J.Review of fuzzy testing technology[J].Computer Science,2016(5):1-8. [28]GODEFROID P,LEVIN M,MOLNAR D,et al.Automatedwhitebox fuzz testing[C]//Proceedings of the Network and Distributed System Security Symposium,San Diego.https://patricegodefroid.github.io/public_psfiles/ndss2008.pdf. [29]MASI M.ContractFuzzer:fuzzing smart contracts for vulnerability detection[J].Computing Reviews,2019,60(12):467-468. [30]NGUYEN T D,PHAM L H,SUN J.SFuzz:an efficient adaptive fuzzer for solidity smart contracts[C]//Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering (ICSE ’20).New York,NY,USA:Association for Computing Machinery,2020:778-788. [31]TORRES C F ,LANNILLO A K,GERVAIS A,et al.ConFuz-zius:A Data Dependency-Aware Hybrid Fuzzer for Smart Contracts[C]//6th IEEE European Symposium on Security and Privacy.https://akiannillo.github.io/misc/publications/EUROSP2021_Torres.pdf. [32]WÜSTHOLZ V,CHRISTAKIS M.Harvey:A Greybox Fuzzer for Smart Contracts[C]//Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2020).New York,NY,USA:Association for Computing Machinery,2020:1398-1409. [33]TSANKOV P,DAN A,DRACHSLER-COHEN D,et al.Securify:Practical Security Analysis of Smart Contracts[C]//Procee-dings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS ’18).New York,NY,USA:Association for Computing Machinery,2018:67-82. [34]VaaS[EB/OL].https://www.lianantech.com/. [35]IDELBERGER F,GOVERNATORI G,RIVERET R,et al.Evaluation of Logic-Based Smart Contracts for BlockchainSystems[C]//International Symposium on Rules and Rule Markup Languages for the Semantic Web.2016:167-183. [36]PERMENEV A,DIMITROV D,TSANKOV P,et al.VerX:Safety Verification of Smart Contracts[C]//2020 IEEE Symposium on Security and Privacy (SP).2020:1661-1677. [37]ZHU J,HU K,ZHANG B J.A review of formal verification methods for smart contracts[J].Acta Electronica Sinica,2021,49(4):792-804. [38]XU W,GLENN A F.Building Executable Secure Design Modelsfor Smart Contracts with Formal Methods[EB/OL].(2019-12-09)[2021-06-20].https://arxiv.org/abs/1912.04051. [39]WANG J,ZHAN N J,FENG X Y,et al.Overview of formalmethods[J].Journal of Software,2019,30(1):33-61. [40]GAO J,LIU H,LIU C,et al.EASYFLOW:Keep EthereumAway from Overflow[C]//2019 IEEE/ACM 41st International Conference on Software Engineering.2019:23-26. [41]Mythril:Security analysis tool for Ethereum smart contracts[EB/OL].[2021-06-20].https://pypi.org/project/mythril/. [42]BREIDENBACH L,DAIAN P,TRAM F,et al.Enter the hy-dra:towards principled bug bounties and exploit-resistant smart contracts[C]//Proceedings of the 27th USENIX Security Symposium.2018:1335-1352. [43]ZHAO J S,SONG M X,GAO X.Overview of the development and application of natural language processing[J].Information Technology and Informatization,2019(7):142-145. [44]WANG W,SONG J,XU G,et al.ContractWard:AutomatedVulnerability Detection Models for Ethereum Smart Contracts[J].IEEE Transactions on Network Science and Engineering,2021,8(2):1133-1144. [45]LIAO J,TSAI T,HE C,et al.SoliAudit:Smart Contract Vul-nerability Assessment Based on Machine Learning and Fuzz Testing[C]//2019 Sixth International Conference on Internet of Things:Systems,Management and Security (IOTSMS).2019:458-465. [46]LUTZ O,CHEN H,FEREIDOONI H,et al.ESCORT:Ethe-reum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning[EB/OL].[2021-06-20].https://arxiv.org/abs/2103.12607. [47]QIAN P,LIU Z,HE Q,et al.Towards Automated Reentrancy Detection for Smart Contracts Based on Sequential Models[J].IEEE Access,2020,8:19685-19695. [48]WANG R,YE K J,XU C Z.A smart contract vulnerability detection method based on deep learning:China Patent,2019112576541[P].2020-05-15. [49]MOMENI P,WANG Y,SAMAVI R.Machine Learning Model for Smart Contracts Security Analysis[C]//2019 17th International Conference on Privacy,Security and Trust (PST).2019:1-6. [50]GAO Z,JAYASUNDARA V,JIANG L,et al.SmartEmbed:A Tool for Clone and Bug Detection in Smart Contracts through Structural Code Embedding[C]//2019 IEEE International Conference on Software Maintenance and Evolution (ICSME).2019:394-397. [51]WENG J,CHEN X K,LI M,et al.An intelligent contract secu-rity vulnerability detection method based on machine learning:China Patent,2019109045392[P].2020-01-31. [52]ASHIZAWA N,YANAI N,CRUZ J P,et al.Eth2Vec:Learning Contract-Wide Code Representations for Vulnerability Detection on Ethereum Smart Contracts[C]//Proceedings of the 3rd ACM International Symposium on Blockchain and Secure Critical Infrastructure (BSCI ’21).New York,NY,USA:Association for Computing Machinery,2021:47-59. [53]ZHOU Y J.A method,device and storage medium for fuzz testing of smart contracts:CN Patent,112131115[P].2020-09-23. [54]GOGINENI A K,SWAYAMJYOTI S,SAHOO D,et al.Multi-Class classification of vulnerabilities in Smart Contracts using AWD-LSTM,with pre-trained encoder inspired from natural language processing[EB/OL].(2020-03-21)[2021-06-20].https://arxiv.org/abs/2004.00362v1. [55]ZOU Y,BAN B,XUE Y,et al.CCGraph:a PDG-based codeclone detector with approximate graph matching[C]//2020 35th IEEE/ACM International Conference on Automated Software Engineering (ASE).2020:931-942. [56]MC A,YUAN J,CG A,et al.Learning features from enhanced function call graphs for Android malware detection[J].Neurocomputing,2021,423:301-307. [57]ZHUANG Y,LIU Z,QIAN P,et al.Smart Contract Vulnerabi-lity Detection using Graph Neural Network[C]//Proceedings of the Twenty-Ninth International Joint Conference on Artificial Intelligence.2020:3283-3290. [58]HAN Z G,YUAN L,GENG J H,et al.Smart contract vulnerability detection methods,devices and electronic equipment:China Patent,2018101589863[P].2020-07-17. [59]WU Z,PAN S,CHEN F,et al.A comprehensive survey ongraph neural networks[J].IEEE Transactions on Neural Networks and Learning Systems,2020,32(1):4-24. [60]CAO S C,SUN X B,BO L B,et al.BGNN4VD:Constructing Bidirectional Graph Neural-Network for Vulnerability Detection[J].Information and Software Technology,2021,136:106576. [61]HUANG H D,KAO H Y.R2-D2:ColoR-inspired Convolutional NeuRal Network (CNN)-based AndroiD Malware Detections[C]//2018 IEEE International Conference on Big Data (Big Data).2018:2633-2642. [62]HUANG H D.Hunting the Ethereum Smart Contract:Color-inspired Inspection of Potential Attacks[J].arXiv:1807.01868,2018. [63]YU Z,CAO R,TANG Q,et al.Order Matters:Semantic-Aware Neural Networks for Binary Code Similarity Detection[C]//Proceedings of the AAAI Conference on Artificial Intelligence.2020:1145-1152. [64]XU X,CHANG L,QIAN F,et al.Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection[C]// Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS’17).2017:363-376. [65]HUANG B T,DING J,QIAN P,et al.An interpretable method for smart contract vulnerability detection based on codec:China Patent,2020108267923[P].2020-12-04. [66]LIU Z,QIAN P,WANG X,et al.Smart Contract Vulnerability Detection:From Pure Neural Network to Interpretable Graph Feature and Expert Pattern Fusion[C]//Proceedings of the Thirtieth International Joint Conference on Artificial Intelligence.2021:2751-2759. [67]ZHANG P,XIAO F,LUO X.A Framework and DataSet forBugs in Ethereum Smart Contracts[C]//2020 IEEE International Conference on Software Maintenance and Evolution (ICSME).2020:139-150. [68]IEEE Computer Society.IEEE Standard Classification for Software Anomalies[S].IEEE Std 1044-2009 (Revision of IEEE Std 1044-1993),2010. [69]CHEN J,XIA X,LO D,et al.Defining Smart Contract Defects on Ethereum[J].arXiv:1905.01467,2019. |
[1] | 冷典典, 杜鹏, 陈建廷, 向阳. 面向自动化集装箱码头的AGV行驶时间估计 Automated Container Terminal Oriented Travel Time Estimation of AGV 计算机科学, 2022, 49(9): 208-214. https://doi.org/10.11896/jsjkx.210700028 |
[2] | 宁晗阳, 马苗, 杨波, 刘士昌. 密码学智能化研究进展与分析 Research Progress and Analysis on Intelligent Cryptology 计算机科学, 2022, 49(9): 288-296. https://doi.org/10.11896/jsjkx.220300053 |
[3] | 王子凯, 朱健, 张伯钧, 胡凯. 区块链与智能合约并行方法研究与实现 Research and Implementation of Parallel Method in Blockchain and Smart Contract 计算机科学, 2022, 49(9): 312-317. https://doi.org/10.11896/jsjkx.210800102 |
[4] | 李瑶, 李涛, 李埼钒, 梁家瑞, Ibegbu Nnamdi JULIAN, 陈俊杰, 郭浩. 基于多尺度的稀疏脑功能超网络构建及多特征融合分类研究 Construction and Multi-feature Fusion Classification Research Based on Multi-scale Sparse Brain Functional Hyper-network 计算机科学, 2022, 49(8): 257-266. https://doi.org/10.11896/jsjkx.210600094 |
[5] | 黄松, 杜金虎, 王兴亚, 孙金磊. 以太坊智能合约模糊测试技术研究综述 Survey of Ethereum Smart Contract Fuzzing Technology Research 计算机科学, 2022, 49(8): 294-305. https://doi.org/10.11896/jsjkx.220500069 |
[6] | 张光华, 高天娇, 陈振国, 于乃文. 基于N-Gram静态分析技术的恶意软件分类研究 Study on Malware Classification Based on N-Gram Static Analysis Technology 计算机科学, 2022, 49(8): 336-343. https://doi.org/10.11896/jsjkx.210900203 |
[7] | 何强, 尹震宇, 黄敏, 王兴伟, 王源田, 崔硕, 赵勇. 基于大数据的进化网络影响力分析研究综述 Survey of Influence Analysis of Evolutionary Network Based on Big Data 计算机科学, 2022, 49(8): 1-11. https://doi.org/10.11896/jsjkx.210700240 |
[8] | 陈明鑫, 张钧波, 李天瑞. 联邦学习攻防研究综述 Survey on Attacks and Defenses in Federated Learning 计算机科学, 2022, 49(7): 310-323. https://doi.org/10.11896/jsjkx.211000079 |
[9] | 李亚茹, 张宇来, 王佳晨. 面向超参数估计的贝叶斯优化方法综述 Survey on Bayesian Optimization Methods for Hyper-parameter Tuning 计算机科学, 2022, 49(6A): 86-92. https://doi.org/10.11896/jsjkx.210300208 |
[10] | 赵璐, 袁立明, 郝琨. 多示例学习算法综述 Review of Multi-instance Learning Algorithms 计算机科学, 2022, 49(6A): 93-99. https://doi.org/10.11896/jsjkx.210500047 |
[11] | 肖治鸿, 韩晔彤, 邹永攀. 基于多源数据和逻辑推理的行为识别技术研究 Study on Activity Recognition Based on Multi-source Data and Logical Reasoning 计算机科学, 2022, 49(6A): 397-406. https://doi.org/10.11896/jsjkx.210300270 |
[12] | 傅丽玉, 陆歌皓, 吴义明, 罗娅玲. 区块链技术的研究及其发展综述 Overview of Research and Development of Blockchain Technology 计算机科学, 2022, 49(6A): 447-461. https://doi.org/10.11896/jsjkx.210600214 |
[13] | 高健博, 张家硕, 李青山, 陈钟. RegLang:一种面向监管的智能合约编程语言 RegLang:A Smart Contract Programming Language for Regulation 计算机科学, 2022, 49(6A): 462-468. https://doi.org/10.11896/jsjkx.210700016 |
[14] | 卫宏儒, 李思月, 郭涌浩. 基于智能合约的秘密重建协议 Secret Reconstruction Protocol Based on Smart Contract 计算机科学, 2022, 49(6A): 469-473. https://doi.org/10.11896/jsjkx.210700033 |
[15] | 蒋成满, 华保健, 樊淇梁, 朱洪军, 徐波, 潘志中. Python虚拟机本地代码的安全性实证研究 Empirical Security Study of Native Code in Python Virtual Machines 计算机科学, 2022, 49(6A): 474-479. https://doi.org/10.11896/jsjkx.210600200 |
|