xFuzz: Machine learning guided cross-contract fuzzing
Smart contract transactions are increasingly interleaved by cross-contract calls. While many tools have been developed to identify a common set of vulnerabilities, the cross-contract vulnerability is overlooked by existing tools. Cross-contract vulnerabilities are exploitable bugs that manifest in t...
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2024
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/9213 https://ink.library.smu.edu.sg/context/sis_research/article/10219/viewcontent/2111.12423v2.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-10219 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-102192024-08-15T07:48:13Z xFuzz: Machine learning guided cross-contract fuzzing XUE, Yinxing YE, Jiaming ZHANG, Wei SUN, Jun MA, Lei WANG, Haijun ZHAO, Jianjun Smart contract transactions are increasingly interleaved by cross-contract calls. While many tools have been developed to identify a common set of vulnerabilities, the cross-contract vulnerability is overlooked by existing tools. Cross-contract vulnerabilities are exploitable bugs that manifest in the presence of more than two interacting contracts. Existing methods are however limited to analyze a maximum of two contracts at the same time. Detecting cross-contract vulnerabilities is highly non-trivial. With multiple interacting contracts, the search space is much larger than that of a single contract. To address this problem, we present xFuzz , a machine learning guided smart contract fuzzing framework. The machine learning models are trained with novel features (e.g., word vectors and instructions) and are used to filter likely benign program paths. Comparing with existing static tools, machine learning model is proven to be more robust, avoiding directly adopting manually-defined rules in specific tools. We compare xFuzz with three state-of-the-art tools on 7,391 contracts. xFuzz detects 18 exploitable cross-contract vulnerabilities, of which 15 vulnerabilities are exposed for the first time. Furthermore, our approach is shown to be efficient in detecting non-cross-contract vulnerabilities as well—using less than 20% time as that of other fuzzing tools, xFuzz detects twice as many vulnerabilities. 2024-03-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/9213 info:doi/10.1109/TDSC.2022.3182373 https://ink.library.smu.edu.sg/context/sis_research/article/10219/viewcontent/2111.12423v2.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Smart Contract Fuzzing Cross-contract Vulnerability Machine Learning Databases and Information Systems Software Engineering |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Smart Contract Fuzzing Cross-contract Vulnerability Machine Learning Databases and Information Systems Software Engineering |
| spellingShingle |
Smart Contract Fuzzing Cross-contract Vulnerability Machine Learning Databases and Information Systems Software Engineering XUE, Yinxing YE, Jiaming ZHANG, Wei SUN, Jun MA, Lei WANG, Haijun ZHAO, Jianjun xFuzz: Machine learning guided cross-contract fuzzing |
| description |
Smart contract transactions are increasingly interleaved by cross-contract calls. While many tools have been developed to identify a common set of vulnerabilities, the cross-contract vulnerability is overlooked by existing tools. Cross-contract vulnerabilities are exploitable bugs that manifest in the presence of more than two interacting contracts. Existing methods are however limited to analyze a maximum of two contracts at the same time. Detecting cross-contract vulnerabilities is highly non-trivial. With multiple interacting contracts, the search space is much larger than that of a single contract. To address this problem, we present xFuzz , a machine learning guided smart contract fuzzing framework. The machine learning models are trained with novel features (e.g., word vectors and instructions) and are used to filter likely benign program paths. Comparing with existing static tools, machine learning model is proven to be more robust, avoiding directly adopting manually-defined rules in specific tools. We compare xFuzz with three state-of-the-art tools on 7,391 contracts. xFuzz detects 18 exploitable cross-contract vulnerabilities, of which 15 vulnerabilities are exposed for the first time. Furthermore, our approach is shown to be efficient in detecting non-cross-contract vulnerabilities as well—using less than 20% time as that of other fuzzing tools, xFuzz detects twice as many vulnerabilities. |
| format |
text |
| author |
XUE, Yinxing YE, Jiaming ZHANG, Wei SUN, Jun MA, Lei WANG, Haijun ZHAO, Jianjun |
| author_facet |
XUE, Yinxing YE, Jiaming ZHANG, Wei SUN, Jun MA, Lei WANG, Haijun ZHAO, Jianjun |
| author_sort |
XUE, Yinxing |
| title |
xFuzz: Machine learning guided cross-contract fuzzing |
| title_short |
xFuzz: Machine learning guided cross-contract fuzzing |
| title_full |
xFuzz: Machine learning guided cross-contract fuzzing |
| title_fullStr |
xFuzz: Machine learning guided cross-contract fuzzing |
| title_full_unstemmed |
xFuzz: Machine learning guided cross-contract fuzzing |
| title_sort |
xfuzz: machine learning guided cross-contract fuzzing |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2024 |
| url |
https://ink.library.smu.edu.sg/sis_research/9213 https://ink.library.smu.edu.sg/context/sis_research/article/10219/viewcontent/2111.12423v2.pdf |
| _version_ |
1814047793004675072 |