计算机科学 ›› 2023, Vol. 50 ›› Issue (9): 117-122.doi: 10.11896/jsjkx.220800104
赵明敏, 杨秋辉, 洪玫, 蔡创
ZHAO Mingmin, YANG Qiuhui, HONG Mei, CAI Chuang
摘要: 主流区块链平台以太坊上频繁发现由不安全编程引起的智能合约安全漏洞。为了提高模糊测试对合约代码的覆盖率,以更全面地检测安全漏洞,提出了一种智能合约模糊测试方法。首先构造智能合约交易序列数据集,再基于深度学习构建智能合约交易生成模型以生成模糊测试初始种子;然后根据覆盖率和分支距离信息,对智能合约进行信息反馈引导的模糊测试,提出了特定的测试用例染色体编码方式,并设计实现了相应的交叉和变异算子。所提方法能有效覆盖智能合约的深层次状态以及严格条件守卫的分支代码。在500个智能合约上进行实验,结果表明,所提方法的代码覆盖率为93.73%,漏洞检测率为 93.93%,与ILF,sFuzz,Echidna方法相比,所提方法的代码覆盖率提高了3.80%~25.49%,漏洞检测率提高了4.64%~24.02%。所提方法有助于提升以太坊智能合约安全测试的有效性,具有参考价值。
中图分类号:
[1]TIAN G H,HU Y H,CHEN X F.Research progress of Block Chain System Attack and defense technology [J].Journal of Software,2021,32(5):1495-1525. [2]HU T Y,LI Z C,LI B X,et al.Contract security and privacy se-curity of smart contracts [J].Chinese Journal of Computers,2021,44(12):2485-2514. [3]MILLER B P,FREDRIKSEN L,SO B.An Empirical Study of the Reliability of UNIX Utilities[J].Communications of the ACM,1990,33(12):32-44. [4]TIKHOMIROV S,VOSKRESENSKAYA E,IVANITSKIY I,et al.SmartCheck:Static Analysis of Ethereum Smart Contracts[C]//Proceedings of the 1st International Workshop on Emerging Trends in Software Engineering for Blockchain.New York:Association for Computing Machinery,2018:9-16. [5]LIU H,LIU C,ZHAO W,et al.S-Gram:Towards Semantic-Aware Security Auditing for Ethereum Smart Contracts[C]//Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering.Montpellier:ACM,2018:814-819. [6]GRECH N,KONG M,JURISEVIC A,et al.MadMax:Surviving out-of-Gas Conditions in Ethereum Smart Contracts[J].Proceedings of the ACM on Programming Languages,2018,2(OOPSLA):116:1-116:27. [7]YE J,MA M,LIN Y,et al.Clairvoyance:Cross-Contract Static Analysis for Detecting Practical Reentrancy Vulnerabilities in Smart Contracts[C]//Proceedings of the ACM/IEEE 42nd International Confe-rence on Software Engineering:Companion Proceedings.New York:Association for Computing Machinery,2020:274-275. [8]LUU L,CHU D H,OLICKEL H,et al.Making Smart Contracts Smarter[C]//Proceedings of the 2016 ACM SIGSAC Confe-rence on Computer and Communications Security.Vienna:ACM,2016:254-269. [9]NIKOLIĆI,KOLLURI A,SERGEY I,et al.Finding The Gree-dy,Prodigal,and Suicidal Contracts at Scale[C]//Proceedings of the 34th Annual Computer Security Applications Conference.San Juan:ACM,2018:653-663. [10]TORRES C F,SCHÜTTE J,STATE R.Osiris:Hunting for Integer Bugs in Ethereum Smart Contracts[C]//Proceedings of the 34th Annual Computer Security Applications Conference.New York:ACM,2018:664-676. [11]HUANG S,DU J H,WANG X Y,et al.A survey of fuzzy testing technology for Ethereum Smart Contract [J].Computer Science,2022,49(8):294-305. [12]JIANG B,LIU Y,CHAN W K.ContractFuzzer:Fuzzing Smart Contracts for Vulnerability Detection[C]//Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering.Montpellier:ACM,2018:259-269. [13]HE J,BALUNOVIĆM,AMBROLADZE N,et al.Learning toFuzz from Symbolic Execution with Application to Smart Contracts[C]//Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security.New York:ACM,2019:531-548. [14]GRIECO G,SONG W,CYGAN A,et al.Echidna:Effective,Usa-ble,and Fast Fuzzing for Smart Contracts[C]//Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis.New York:ACM,2020:557-560. [15]GROCE A,GRIECO G.Echidna-Parade:A Tool for DiverseMulticore Smart Contract Fuzzing[C]//Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis.New York:ACM,2021:658-661. [16]NGUYEN T D,PHAM L H,SUN J,et al.SFuzz:An Efficient Adaptive Fuzzer for Solidity Smart Contracts[C]//Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering.New York:ACM,2020:778-788. [17]ZALEWSKI M.American Fuzzy Lop[EB/OL].[2022-01-15].https://lcamtuf.coredump.cx/afl/. [18]WÜSTHOLZ V,CHRISTAKIS M.Harvey:A Greybox Fuzzer for Smart Contracts[C]//Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering.New York:ACM,2020:1398-1409. [19]CADAR C,DUNBAR D,ENGLER D R,et al.Klee:Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs[C]//Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation.California:ACM,2008:209-224. [20]ILYA S,ORIOL V,QUOC V L,et al.Sequence to sequence learning with neural networks[C]//Proceedings of the 27th International Conference on Neural Information Processing Systems(NIPS'14).Montreal:MIT Press,2014:3104-3112. [21]BAO X A,XIONG Z J,ZHANG W,et al.A Path Test Case Generation Method Based on Improved Genetic Algorithm [J].Computer Science,2018,45(8):174-178,190. |
|