Enhancing Smart Contract Security Analysis with Execution Property Graphs

TL;DR

This paper introduces Clue, a dynamic analysis framework using Execution Property Graphs to detect complex smart contract attacks on Ethereum with high accuracy and efficiency.

Contribution

The paper presents a novel graph-based representation and traversal technique for smart contract execution analysis, improving attack detection capabilities.

Findings

High true positive detection rate

Low false positive rate

Outperforms existing tools in efficiency

Abstract

Smart contract vulnerabilities have led to significant financial losses, with their increasing complexity rendering outright prevention of hacks increasingly challenging. This trend highlights the crucial need for advanced forensic analysis and real-time intrusion detection, where dynamic analysis plays a key role in dissecting smart contract executions. Therefore, there is a pressing need for a unified and generic representation of smart contract executions, complemented by an efficient methodology that enables the modeling and identification of a broad spectrum of emerging attacks. We introduce Clue, a dynamic analysis framework specifically designed for the Ethereum virtual machine. Central to Clue is its ability to capture critical runtime information during contract executions, employing a novel graph-based representation, the Execution Property Graph. A key feature of Clue is its innovative graph traversal technique, which is adept at detecting complex attacks, including (read-only) reentrancy and price manipulation. Evaluation results reveal Clue's superior performance with high true positive rates and low false positive rates, outperforming state-of-the-art tools. Furthermore, Clue's efficiency positions it as a valuable tool for both forensic analysis and real-time intrusion detection.