Software Weakness Detection in Solidity Smart Contracts Using Control and Data Flow Analysis: A Novel Approach with Graph Neural Networks

Aria Seo, Young Tak Kim, Ji Seok Yang, Yang Sun Lee, Yunsik Son

Research output: Contribution to journalArticlepeer-review

Abstract

Smart contracts on blockchain platforms are susceptible to security issues that can lead to significant financial losses. This study converts the Solidity code into abstract syntax trees and generates control flow graphs and data flow graphs. These graphs train a graph convolutional network model to detect security weaknesses. The proposed system outperforms traditional tools, achieving higher accuracy, recall, precision, and F1 scores when detecting weaknesses such as integer overflow/underflow, reentrancy, delegate call to the untrusted callee, and time-based issues. This study demonstrates that leveraging control and data flow analysis with graph neural networks significantly enhances smart contract security and provides a robust and reliable solution.

Original languageEnglish
Article number3162
JournalElectronics (Switzerland)
Volume13
Issue number16
DOIs
StatePublished - Aug 2024

Keywords

  • control flow graph
  • data flow graph
  • graph neural network
  • smart contract security
  • Solidity weakness detection

Fingerprint

Dive into the research topics of 'Software Weakness Detection in Solidity Smart Contracts Using Control and Data Flow Analysis: A Novel Approach with Graph Neural Networks'. Together they form a unique fingerprint.

Cite this