Oracle-Supported Dynamic Exploit Generation for Smart Contracts
release_d2agsfeikbdhnatw45p2lasqsm
by
Haijun Wang and Yi Li and Shang-Wei Lin and Cyrille Artho and Lei Ma
and Yang Liu
2019
Abstract
Despite the high stakes involved in smart contracts, they are often developed
in an undisciplined manner, leaving the security and reliability of blockchain
transactions at risk. In this paper, we introduce ContraMaster: an
oracle-supported dynamic exploit generation framework for smart contracts.
Existing approaches mutate only single transactions; ContraMaster exceeds these
by mutating the transaction sequences. ContraMaster uses data-flow,
control-flow, and the dynamic contract state to guide its mutations. It then
monitors the executions of target contract programs, and validates the results
against a general-purpose semantic test oracle to discover vulnerabilities.
Being a dynamic technique, it guarantees that each discovered vulnerability is
a violation of the test oracle and is able to generate the attack script to
exploit this vulnerability. In contrast to rule-based approaches, ContraMaster
has not shown any false positives, and it easily generalizes to unknown types
of vulnerabilities (e.g., logic errors). We evaluate ContraMaster on 218
vulnerable smart contracts. The experimental results confirm its practical
applicability and advantages over the state-of-the-art techniques, and also
reveal three new types of attacks.
In text/plain
format
Archived Files and Locations
application/pdf 661.2 kB
file_udjrdhyf6vazrjmoedcni2ntjy
|
arxiv.org (repository) web.archive.org (webarchive) |
1909.06605v2
access all versions, variants, and formats of this works (eg, pre-prints)