DeFiRanger: Detecting Price Manipulation Attacks on DeFi Applications

04/30/2021
by   Siwei Wu, et al.
0

The rapid growth of Decentralized Finance (DeFi) boosts the Ethereum ecosystem. At the same time, attacks towards DeFi applications (apps) are increasing. However, to the best of our knowledge, existing smart contract vulnerability detection tools cannot be directly used to detect DeFi attacks. That's because they lack the capability to recover and understand high-level DeFi semantics, e.g., a user trades a token pair X and Y in a Decentralized EXchange (DEX). In this work, we focus on the detection of two types of new attacks on DeFi apps, including direct and indirect price manipulation attacks. The former one means that an attacker directly manipulates the token price in DEX by performing an unwanted trade in the same DEX by attacking the vulnerable DeFi app. The latter one means that an attacker indirectly manipulates the token price of the vulnerable DeFi app (e.g., a lending app). To this end, we propose a platform-independent way to recover high-level DeFi semantics by first constructing the cash flow tree from raw Ethereum transactions and then lifting the low-level semantics to high-level ones, including token trade, liquidity mining, and liquidity cancel. Finally, we detect price manipulation attacks using the patterns expressed with the recovered DeFi semantics. We have implemented a prototype named and applied it to more than 350 million transactions. It successfully detected 432 real-world attacks in the wild. We confirm that they belong to four known security incidents and five zero-day ones. We reported our findings. Two CVEs have been assigned. We further performed an attack analysis to reveal the root cause of the vulnerability, the attack footprint, and the impact of the attack. Our work urges the need to secure the DeFi ecosystem.

READ FULL TEXT

page 1

page 2

page 3

page 4

01/14/2019

Peel the onion: Recognition of Android apps behind the Tor Network

In this work we show that Tor is vulnerable to app deanonymization attac...
02/19/2022

Unravelling Token Ecosystem of EOSIO Blockchain

Being the largest Initial Coin Offering project, EOSIO has attracted gre...
12/16/2020

ARMAND: Anti-Repackaging through Multi-pattern Anti-tampering based on Native Detection

App repackaging refers to the practice of customizing an existing mobile...
07/14/2022

Behavioral Model For Live Detection of Apps Based Attack

Smartphones with the platforms of applications are gaining extensive att...
03/04/2021

BLOCKEYE: Hunting For DeFi Attacks on Blockchain

Decentralized finance, i.e., DeFi, has become the most popular type of a...
09/13/2020

Proximity Tracing in an Ecosystem of Surveillance Capitalism

Proximity tracing apps have been proposed as an aide in dealing with the...
06/18/2020

SwissCovid: a critical analysis of risk assessment by Swiss authorities

Ahead of the rollout of the SwissCovid contact tracing app, an official ...