Smart Contract Vulnerability Detection based on Static Analysis and Multi-Objective Search

TL;DR

This paper presents a novel static analysis combined with multi-objective optimization to improve smart contract vulnerability detection, focusing on four key vulnerability types with validated superior performance over existing tools.

Contribution

It introduces a multi-objective search-enhanced static analysis method for more accurate and comprehensive detection of smart contract vulnerabilities.

Findings

Outperforms existing tools in coverage and accuracy

Effective in detecting reentrancy, overflow, and timestamp vulnerabilities

Validated on a large dataset from Etherscan

Abstract

This paper introduces a method for detecting vulnerabilities in smart contracts using static analysis and a multi-objective optimization algorithm. We focus on four types of vulnerabilities: reentrancy, call stack overflow, integer overflow, and timestamp dependencies. Initially, smart contracts are compiled into an abstract syntax tree to analyze relationships between contracts and functions, including calls, inheritance, and data flow. These analyses are transformed into static evaluations and intermediate representations that reveal internal relations. Based on these representations, we examine contract's functions, variables, and data dependencies to detect the specified vulnerabilities. To enhance detection accuracy and coverage, we apply a multi-objective optimization algorithm to the static analysis process. This involves assigning initial numeric values to input data and monitoring changes in statement coverage and detection accuracy. Using coverage and accuracy as fitness values, we calculate Pareto front and crowding distance values to select the best individuals for the new parent population, iterating until optimization criteria are met. We validate our approach using an open-source dataset collected from Etherscan, containing 6,693 smart contracts. Experimental results show that our method outperforms state-of-the-art tools in terms of coverage, accuracy, efficiency, and effectiveness in detecting the targeted vulnerabilities.