Smart contract vulnerability detection based on a semantic code structure and a self-designed neural network

Abstract

Smart contracts are riddled with vulnerabilities due to flaws in programming languages and the inexperience of developers, causing damage. Nonetheless, the current research on smart contract vulnerability detection is insufficient. In this study, we propose a novel approach, namely, Blass, based on a semantic code structure and a self-designed neural network. Blass constructs program slices with complete semantic structure information (CPSs) and uses an abstract syntax tree and a depth-first traversal algorithm to convert CPSs into code chains during the process of CPS vectorization, which increases its ability to express vulnerability features. Blass also uses a self-designed neural network, Bi-LSTM-Att, as the classification model, which introduces an attention mechanism to capture the key features of vulnerabilities and effectively achieve improved smart contract vulnerability detection performance. The CPSs and the Bi-LSTM-Att can improve the vulnerability detection effectiveness of Blass, and Blass can be applied to malicious contract detection with satisfactory precision, recall, and F1 values.