Intern
Secure Software Systems Group

Smarter Contracts – Vulnerability Detection using Deep Neural Networks

Smart Contracts are computer programs that execute on a blockchain. The nature of blockchains allows one to run Smart Contracts in a trustless and decentralized environment. In this project, we demonstrate the effectiveness of Deep Neural Networks in the domain of Smart Contract vulnerability detection.

Smart Contracts are computer programs that execute on a blockchain. The nature of blockchains allows one to run Smart Contracts in a trustless and decentralized environment. While different projects implement the concept of Smart Contracts, we concentrate on EVM-based blockchains and use Ethereum as our primary example, as it is the most popular, adopted, and advanced implementation.

At first glance, those Smart Contracts seem rather abstract – code running in a VM on a blockchain. However, they provide the underlying technology in a vast and fast-growing ecosystem of NFTsdecentralized applications, and – of course – CryptoKitties. All of those systems have an invested interest of million and even billion dollars. Ethereum itself has a market cap of over 250 billion USD. Furthermore, all of those systems use the fundamental promise of trustless execution, where no trusted 3rd parties are needed to establish trust between two strangers on the Internet.

The goal of this project is to demonstrate the effectiveness of Deep Neural Networks in the domain of Smart Contract vulnerability detection. Specifically, we propose to use Transfer Learning to enable the extensibility of our Machine Learning model in regards to vulnerability classes. Moreover, we show the clear benefit of Transfer Learning by successfully classifying even underrepresented vulnerability classes.

You can find more information about this project and publications on this website.

People involved: Prof. A. Dmitrienko,  Christoph Sendner

Publications

2023[ to top ]
  • Smarter Contracts: Detect...
    Smarter Contracts: Detecting Vulnerabilities in Smart Contracts with Deep Transfer Learning. Sendner, Christoph; Chen, Huili; Fereidooni, Hossein; Petzi, Lukas; König, Jan; Stang, Jasper; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Koushanfar, Farinaz; in Network and Distributed System Security Symposium (NDSS) (2023).
  • G-Scan: Graph Neural Networks for Line-Level Vulnerability Identification in Smart Contracts. Sendner, Christoph; Zhang, Ruisi; Hefter, Alexander; Dmitrienko, Alexandra; Koushanfar, Farinaz; in arXiv:2307.08549 (2023).
2021[ to top ]
  • ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning. Lutz, Oliver; Chen, Huili; Fereidooni, Hossein; Sendner, Christoph; Dmitrienko, Alexandra; Sadeghi, Ahmad Reza; Koushanfar, Farinaz; in ArXiv | arXiv:2103.12607v1 (2021).
2020[ to top ]
  • Testbed for Security Test...
    Testbed for Security Testing of Smart Contracts. Denk, Lukas; Thesis; University of Würzburg. (2020, November).
  • Detection of Software Vul...
    Detection of Software Vulnerabilities in Smart Contracts using Deep Learning. Lutz, Oliver; Thesis; University of Würzburg. (2020, October).