MTVHunter: Smart Contracts Vulnerability Detection Based on Multi-Teacher Knowledge Translation

TL;DR

MTVHunter is a novel multi-teacher framework that enhances smart contract bytecode vulnerability detection by effectively denoising instructions and supplementing missing semantics, leading to improved accuracy over existing methods.

Contribution

The paper introduces a multi-teacher approach with instruction denoising and semantic filling via neuron distillation, addressing challenges in smart contract bytecode analysis.

Findings

MTVHunter outperforms state-of-the-art methods on real-world datasets.

Effective denoising reduces interference from irrelevant instructions.

Semantic filling improves detection accuracy for incomplete bytecode.

Abstract

Smart contracts, closely intertwined with cryptocurrency transactions, have sparked widespread concerns about considerable financial losses of security issues. To counteract this, a variety of tools have been developed to identify vulnerability in smart contract. However, they fail to overcome two challenges at the same time when faced with smart contract bytecode: (i) strong interference caused by enormous non-relevant instructions; (ii) missing semantics of bytecode due to incomplete data and control flow dependencies. In this paper, we propose a multi-teacher based bytecode vulnerability detection method, namely Multi-Teacher Vulnerability Hunter (MTVHunter), which delivers effective denoising and missing semantic to bytecode under multi-teacher guidance. Specifically, we first propose an instruction denoising teacher to eliminate noise interference by abstract vulnerability pattern and further reflect in contract embeddings. Secondly, we design a novel semantic complementary teacher with neuron distillation, which effectively extracts necessary semantic from source code to replenish the bytecode. Particularly, the proposed neuron distillation accelerate this semantic filling by turning the knowledge transition into a regression task. We conduct experiments on 229,178 real-world smart contracts that concerns four types of common vulnerabilities. Extensive experiments show MTVHunter achieves significantly performance gains over state-of-the-art approaches.