| 基于胶囊网络和注意力机制的智能合约漏洞检测方法 |
| |
| 引用本文: | 陆璐,赖锦雄.基于胶囊网络和注意力机制的智能合约漏洞检测方法[J].华南理工大学学报(自然科学版),2023,51(5):36-44. |
| |
| 作者姓名: | 陆璐 赖锦雄 |
| |
| 作者单位: | 华南理工大学 计算机科学与工程学院,广东 广州 510006 |
| |
| 基金项目: | 广东省自然科学基金面上项目(2021A1515011798);中山市产学研重大项目(201602103890051) |
| |
| 摘 要: | 近年来,随着智能合约的数量越来越多,因合约漏洞而造成的经济损失愈发严重,智能合约的安全性越来越受到广泛的关注。基于深度学习的漏洞检测方法能够解决早期传统智能合约漏洞检测方法检测效率低、准确率不足的问题,但大多现有基于深度学习的漏洞检测方法都是直接使用智能合约源代码、操作码序列或字节码序列作为深度学习模型的输入,会因引入过多无效信息而削弱有效信息。为此,文中提出了一种基于胶囊网络和注意力机制的智能合约漏洞检测方法。考虑到程序的执行时序信息,文中通过提取智能合约的关键操作码序列作为源代码特征,然后利用胶囊网络和注意力机制的混合网络进行训练,其中胶囊网络模块用于提取智能合约的上下文信息以及局部与整体的联系,注意力机制用于给不同的操作码按照其重要程度分配不同的权重。实验结果表明,文中提出的算法在智能合约数据集中的F1分数和准确率分别为94.48%和97.15%,与其他传统检测方法和深度学习方法相比有较明显的性能提升。
|
| 关 键 词: | 智能合约 关键操作码序列 胶囊网络 注意力机制 |
| 收稿时间: | 2022-03-30 |
Smart Contract Vulnerability Detection Method Based on Capsule Network and Attention Mechanism |
| |
| LU Lu,LAI Jinxiong.Smart Contract Vulnerability Detection Method Based on Capsule Network and Attention Mechanism[J].Journal of South China University of Technology(Natural Science Edition),2023,51(5):36-44. |
| |
| Authors: | LU Lu LAI Jinxiong |
| |
| Institution: | School of Computer Science and Engineering,South China University of Technology,Guangzhou 510006,Guangdong,China |
| |
| Abstract: | In recent years, with the increasing number of smart contracts and the increasing economic losses caused by contract loopholes, the security of smart contracts has attracted more and more attention. The vulnerability detection method based on deep learning can solve the problems of low detection efficiency and insufficient accuracy of the early traditional smart contract vulnerability detection method. However, most of the existing deep learning-based vulnerability detection methods directly use smart contract source code, opcode sequence or bytecode sequence as the input of the deep learning model. This fact will weaken the effective information due to the introduction of too much invalid information. To solve this problem, this paper proposed a smart contract vulnerability detection method based on capsule network and attention mechanism. Considering the execution timing information of the program, the study extracted key operation code sequence of the smart contract as the source code feature. Then a hybrid network structure of capsule network and attention mechanism was used for training. The capsule network extracts the context information of the smart contract and the connection between the part and the whole; while the attention mechanism is used to assign different weights to different opcodes according to their importance. The experimental results show that the F1 score and accuracy of the algorithm proposed in this paper in the smart contract data set are 94.48% and 97.15%, indicating that this algorithm is superior to other detection methods in performance. |
| |
| Keywords: | smart contract key opcode sequence capsule network attention mechanism |
|
| 点击此处可从《华南理工大学学报(自然科学版)》浏览原始摘要信息 |
| 点击此处可从《华南理工大学学报(自然科学版)》下载免费的PDF全文 |
