UBC Theses and Dissertations
MultiVul-GCN : automatic smart contract vulnerability detection using multi-graph convolutional networks Appiah, Robert
Smart contracts are executable computer codes that run on top of blockchain technology. These contracts automate complex processes and enable the creation of decentralized applications, also known as "dApps", paving the way for a more decentralized and trustless ecosystem. However, smart contracts can be vulnerable to various types of attacks, including reentrancy and infinite loop attacks, which can result in the loss of funds and compromise user data. Some state-of-the-art methods for detecting smart contract vulnerabilities rely heavily on predefined expert rules, heuristics or patterns, which are vulnerable to errors and result in high false-positive and false-negative detection rates. Secondly, we observe that the current graph annotations are built around a single edge. While on the other hand, real-world data can be more intricate in structure, and real-world graphs could have a substantial number of node-to-node correlations between various abstract meanings. This research proposes a novel approach for detecting smart contract vulnerabilities using MultiVul-GCN, a tool based on Multi-graph Convolutional Networks (MCNs) designed to learn from multi-relational graphs. By modeling edges with abstract semantics as contract graphs, we explore various methods to combine the representations obtained from annotated and learned edges. MCNs can analyze multiple complex relationships using the features of smart contract code and identify patterns and anomalies that may indicate the presence of vulnerabilities. The proposed approach was evaluated against state-of-the-art techniques using a dataset of real-world smart contracts. The evaluation results show that our MultiVul-GCN model outperforms the contemporary methods in detecting the reentrancy and infinite loop vulnerabilities. These findings demonstrate the potential of MCNs as a powerful tool for detecting smart contract vulnerabilities and promoting blockchain technology adoption in various industries.
Item Citations and Data
Attribution-NonCommercial-NoDerivatives 4.0 International