Smart contracts(SCs)are crucial in maintaining trust within blockchain networks.However,existing methods for analyzing SC vulnerabilities often lack accuracy and effectiveness,while approaches based on Deep Neural Net...Smart contracts(SCs)are crucial in maintaining trust within blockchain networks.However,existing methods for analyzing SC vulnerabilities often lack accuracy and effectiveness,while approaches based on Deep Neural Networks(DNNs)struggle with detecting complex vulnerabilities due to limited data availability.This paper proposes a novel approach for analyzing SC vulnerabilities.Our method leverages an advanced form of the Genetic Algorithm(GA)and includes the development of a comprehensive benchmark dataset consisting of 36,670 Solidity source code samples.The primary objective of our study is to profile vulnerable SCs effectively.To achieve this goal,we have devised an analyzer called SCsVulLyzer based on GAs,designed explicitly for profiling SCs.Additionally,we have carefully curated a new dataset encompassing a wide range of examples,ensuring the practical validation of our approach.Furthermore,we have established three distinct taxonomies that cover SCs,profiling techniques,and feature extraction.These taxonomies provide a systematic classification and analysis of information,improving the efficiency of our approach.Our methodology underwent rigorous testing through experimentation,and the results demonstrated the superior capabilities of our model in detecting vulnerabilities.Compared to traditional and DNN-based approaches,our approach achieved higher precision,recall,and F1-score,which are widely used metrics for evaluating model performance.Across all these metrics,our model showed exceptional results.The customization and adaptations we implemented within the GA significantly enhanced its effectiveness.Our approach detects SC vulnerabilities more efficiently and facilitates robust exploration.These promising results highlight the potential of GA-based profiling to improve the detection of SC vulnerabilities,contributing to enhanced security in blockchain networks.展开更多
The Internet of Things(loT)has set the way for the continuing digitalization of society in various manners during the past decade.The IoT is a vast network of intelligent devices exchanging data online.The security co...The Internet of Things(loT)has set the way for the continuing digitalization of society in various manners during the past decade.The IoT is a vast network of intelligent devices exchanging data online.The security component of IoT is crucial given its rapid expansion as a new technology paradigm since it may entail safety-critical procedures and the online storage of sensitive data.Unfortunately,security is the primary challenge when adopting Internet of Things(loT)tech-nologies.As a result,manufacturers'and academics'top priority now is improving the security of IoT devices.A substantial body of literature on the subject encompasses several issues and po-tential remedies.However,most existing research fails to offer a comprehensive perspective on attacks inside the IoT.Hence,this survey aims to establish a structure to guide researchers by categorizing attacks in the taxonomy according to various factors such as attack domains,attack threat type,attack executions,software surfaces,IoT protocols,attacks based on device property,attacks based on adversary location and attacks based on information damage level.This is fol-lowed by a comprehensive analysis of the countermeasures offered in academic literature.In this discourse,the countermeasures proposed for the most significant security attacks in the IoT are investigated.Following this,a comprehensive classification system for the various domains of security research in the IoT and Industrial Internet of Things(IoT)is developed,accompanied by their respective remedies.In conclusion,the study has revealed several open research areas pertinent to the subject matter.展开更多
基金the Natural Sciences and Engineering Re-search Council grant from Canada-NSERC(#RGPIN-2020-04701)-to Arash Habibi Lashkari.
文摘Smart contracts(SCs)are crucial in maintaining trust within blockchain networks.However,existing methods for analyzing SC vulnerabilities often lack accuracy and effectiveness,while approaches based on Deep Neural Networks(DNNs)struggle with detecting complex vulnerabilities due to limited data availability.This paper proposes a novel approach for analyzing SC vulnerabilities.Our method leverages an advanced form of the Genetic Algorithm(GA)and includes the development of a comprehensive benchmark dataset consisting of 36,670 Solidity source code samples.The primary objective of our study is to profile vulnerable SCs effectively.To achieve this goal,we have devised an analyzer called SCsVulLyzer based on GAs,designed explicitly for profiling SCs.Additionally,we have carefully curated a new dataset encompassing a wide range of examples,ensuring the practical validation of our approach.Furthermore,we have established three distinct taxonomies that cover SCs,profiling techniques,and feature extraction.These taxonomies provide a systematic classification and analysis of information,improving the efficiency of our approach.Our methodology underwent rigorous testing through experimentation,and the results demonstrated the superior capabilities of our model in detecting vulnerabilities.Compared to traditional and DNN-based approaches,our approach achieved higher precision,recall,and F1-score,which are widely used metrics for evaluating model performance.Across all these metrics,our model showed exceptional results.The customization and adaptations we implemented within the GA significantly enhanced its effectiveness.Our approach detects SC vulnerabilities more efficiently and facilitates robust exploration.These promising results highlight the potential of GA-based profiling to improve the detection of SC vulnerabilities,contributing to enhanced security in blockchain networks.
基金supported in part by collaborative research funding from the National Research Council of Canada's Artificial Ir elligence for Logistics Program.
文摘The Internet of Things(loT)has set the way for the continuing digitalization of society in various manners during the past decade.The IoT is a vast network of intelligent devices exchanging data online.The security component of IoT is crucial given its rapid expansion as a new technology paradigm since it may entail safety-critical procedures and the online storage of sensitive data.Unfortunately,security is the primary challenge when adopting Internet of Things(loT)tech-nologies.As a result,manufacturers'and academics'top priority now is improving the security of IoT devices.A substantial body of literature on the subject encompasses several issues and po-tential remedies.However,most existing research fails to offer a comprehensive perspective on attacks inside the IoT.Hence,this survey aims to establish a structure to guide researchers by categorizing attacks in the taxonomy according to various factors such as attack domains,attack threat type,attack executions,software surfaces,IoT protocols,attacks based on device property,attacks based on adversary location and attacks based on information damage level.This is fol-lowed by a comprehensive analysis of the countermeasures offered in academic literature.In this discourse,the countermeasures proposed for the most significant security attacks in the IoT are investigated.Following this,a comprehensive classification system for the various domains of security research in the IoT and Industrial Internet of Things(IoT)is developed,accompanied by their respective remedies.In conclusion,the study has revealed several open research areas pertinent to the subject matter.
