AdvSCanner : Generating adversarial smart contracts to exploit reentrancy vulnerabilities using LLM and static analysis

AdvSCanner : Generating adversarial smart contracts to exploit reentrancy vulnerabilities using LLM and static analysis

Smart contracts are prone to vulnerabilities, with reentrancy attacks posing significant risks due to their destructive potential. While various methods exist for detecting reentrancy vulnerabilities in smart contracts, such as static analysis, these approaches often suffer from high false positive...

Full description

Saved in:
Bibliographic Details
Main Authors: WU, Yin, XIE, Xiaofei, PENG, Chenyang, LIU, Dijun, WU, Hao, FAN, Ming, LIU, Tin, WANG, Haijun
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2024
Subjects:
Reentrancy vulnerabilities detection
Adversarial smart contracts
Large language models
LLMS
Artificial Intelligence and Robotics
Information Security
Online Access:https://ink.library.smu.edu.sg/sis_research/9798
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
Description
Summary:Smart contracts are prone to vulnerabilities, with reentrancy attacks posing significant risks due to their destructive potential. While various methods exist for detecting reentrancy vulnerabilities in smart contracts, such as static analysis, these approaches often suffer from high false positive rates and lack the ability to directly illustrate how vulnerabilities can be exploited in attacks. In this paper, we tackle the challenging task of generating ASCs for identified reentrancy vulnerabilities. To address this difficulty, we introduce AdvSCanner, a novel method that leverages the Large Language Model (LLM) and static analysis to automatically generate adversarial smart contracts (ASCs) designed to exploit reentrancy vulnerabilities in victim contracts. The basic idea of AdvSCanner is to extract attack flows associated with reentrancy vulnerabilities using static analysis and utilize them to guide LLM in generating ASCs. To mitigate the inherent inaccuracies in LLM outputs, AdvSCanner incorporates a self-reflection component, which collects compilation and attack-triggering feedback from the generated ASCs and refines the ASC generation if necessary. Experimental evaluations demonstrate the effectiveness of AdvSCanner, achieving a significantly higher success rate (76.41%) compared to baseline methods, which only achieve 6.92% and 18.97%, respectively. Furthermore, a case study illustrates that AdvSCanner can greatly reduce auditing time from 24 hours (without assistance) to approximately 3 hours when used during the auditing process.

Similar Items