Metamorphic Testing for Smart Contract Vulnerabilities Detection

03/06/2023
by   Jiahao Li, et al.
0

Despite the rapid growth of smart contracts, they are suffering numerous security vulnerabilities due to the absence of reliable development and testing. In this article, we apply the metamorphic testing technique to detect smart contract vulnerabilities. Based on the anomalies we observed in vulnerable smart contracts, we define five metamorphic relations to detect abnormal gas consumption and account interaction inconsistency of the target smart contract. Through dynamically executing transactions and checking the final violation of metamorphic relations, we determine whether a smart contract is vulnerable. We evaluate our approach on a benchmark of 67 manually annotated smart contracts. The experimental results show that our approach achieves a higher detection rate (TPR, true positive rate) with a lower misreport rate (FDR, false discovery rate) than the other three state-of-the-art tools. These results further suggest that metamorphic testing is a promising method for detecting smart contract vulnerabilities.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
08/01/2022

Finding smart contract vulnerabilities with ConCert's property-based testing framework

We provide three detailed case studies of vulnerabilities in smart contr...
research
06/21/2023

Do you still need a manual smart contract audit?

We investigate the feasibility of employing large language models (LLMs)...
research
12/29/2021

Gas Gauge: A Security Analysis Tool for Smart Contract Out-of-Gas Vulnerabilities

In recent years we have witnessed a dramatic increase in the adoption an...
research
02/18/2019

Smart Contract Vulnerabilities: Does Anyone Care?

In the last year we have seen a great deal of both academic and practica...
research
11/24/2021

Machine Learning Guided Cross-Contract Fuzzing

Smart contract transactions are increasingly interleaved by cross-contra...
research
09/14/2019

Oracle-Supported Dynamic Exploit Generation for Smart Contracts

Despite the high stakes involved in smart contracts, they are often deve...
research
05/23/2023

Towards Automated Security Analysis of Smart Contracts based on Execution Property Graph

Identifying and mitigating vulnerabilities in smart contracts is crucial...

Please sign up or login with your details

Forgot password? Click here to reset