Mitigating Blackhole and Greyhole Routing Attacks in Vehicular Ad Hoc Networks Using Blockchain Based Smart Contracts

The rapid increase in vehicle traffic volume in modern societies has raised the need to develop innovative solutions to reduce traffic congestion and enhance traffic management efficiency.Revolutionary advanced technology,such as Intelligent Transportation Systems(ITS),enables improved traffic management,helps eliminate congestion,and supports a safer environment.ITS provides real-time information on vehicle traffic and transportation systems that can improve decision-making for road users.However,ITS suffers from routing issues at the network layer when utilising Vehicular Ad Hoc Networks(VANETs).This is because each vehicle plays the role of a router in this network,which leads to a complex vehicle communication network,causing issues such as repeated link breakages between vehicles resulting from the mobility of the network and rapid topological variation.This may lead to loss or delay in packet transmissions;this weakness can be exploited in routing attacks,such as black-hole and gray-hole attacks,that threaten the availability of ITS services.In this paper,a Blockchain-based smart contracts model is proposed to offer convenient and comprehensive security mechanisms,enhancing the trustworthiness between vehicles.Self-Classification Blockchain-Based Contracts(SCBC)and Voting-Classification Blockchain-Based Contracts(VCBC)are utilised in the proposed protocol.The results show that VCBC succeeds in attaining better results in PDR and TP performance even in the presence of Blackhole and Grayhole attacks.

Preserving Data Secrecy and Integrity for Cloud Storage Using Smart Contracts and Cryptographic Primitives

Cloud computing has emerged as a viable alternative to traditional computing infrastructures,offering various benefits.However,the adoption of cloud storage poses significant risks to data secrecy and integrity.This article presents an effective mechanism to preserve the secrecy and integrity of data stored on the public cloud by leveraging blockchain technology,smart contracts,and cryptographic primitives.The proposed approach utilizes a Solidity-based smart contract as an auditor for maintaining and verifying the integrity of outsourced data.To preserve data secrecy,symmetric encryption systems are employed to encrypt user data before outsourcing it.An extensive performance analysis is conducted to illustrate the efficiency of the proposed mechanism.Additionally,a rigorous assessment is conducted to ensure that the developed smart contract is free from vulnerabilities and to measure its associated running costs.The security analysis of the proposed system confirms that our approach can securely maintain the confidentiality and integrity of cloud storage,even in the presence of malicious entities.The proposed mechanism contributes to enhancing data security in cloud computing environments and can be used as a foundation for developing more secure cloud storage systems.

Smart Contract Vulnerability Detection Method Based on Feature Graph and Multiple Attention Mechanisms

The fast-paced development of blockchain technology is evident.Yet,the security concerns of smart contracts represent a significant challenge to the stability and dependability of the entire blockchain ecosystem.Conventional smart contract vulnerability detection primarily relies on static analysis tools,which are less efficient and accurate.Although deep learning methods have improved detection efficiency,they are unable to fully utilize the static relationships within contracts.Therefore,we have adopted the advantages of the above two methods,combining feature extraction mode of tools with deep learning techniques.Firstly,we have constructed corresponding feature extraction mode for different vulnerabilities,which are used to extract feature graphs from the source code of smart contracts.Then,the node features in feature graphs are fed into a graph convolutional neural network for training,and the edge features are processed using a method that combines attentionmechanismwith gated units.Ultimately,the revised node features and edge features are concatenated through amulti-head attentionmechanism.The result of the splicing is a global representation of the entire feature graph.Our method was tested on three types of data:Timestamp vulnerabilities,reentrancy vulnerabilities,and access control vulnerabilities,where the F1 score of our method reaches 84.63%,92.55%,and 61.36%.The results indicate that our method surpasses most others in detecting smart contract vulnerabilities.

A Systematic Review and Performance Evaluation of Open-Source Tools for Smart Contract Vulnerability Detection

With the rise of blockchain technology,the security issues of smart contracts have become increasingly critical.Despite the availability of numerous smart contract vulnerability detection tools,many face challenges such as slow updates,usability issues,and limited installation methods.These challenges hinder the adoption and practicality of these tools.This paper examines smart contract vulnerability detection tools from 2016 to 2023,sourced from the Web of Science(WOS)and Google Scholar.By systematically collecting,screening,and synthesizing relevant research,38 open-source tools that provide installation methods were selected for further investigation.From a developer’s perspective,this paper offers a comprehensive survey of these 38 open-source tools,discussing their operating principles,installation methods,environmental dependencies,update frequencies,and installation challenges.Based on this,we propose an Ethereum smart contract vulnerability detection framework.This framework enables developers to easily utilize various detection tools and accurately analyze contract security issues.To validate the framework’s stability,over 1700 h of testing were conducted.Additionally,a comprehensive performance test was performed on the mainstream detection tools integrated within the framework,assessing their hardware requirements and vulnerability detection coverage.Experimental results indicate that the Slither tool demonstrates satisfactory performance in terms of system resource consumption and vulnerability detection coverage.This study represents the first performance evaluation of testing tools in this domain,providing significant reference value.

A Review of Deep Learning-Based Vulnerability Detection Tools for Ethernet Smart Contracts

In recent years,the number of smart contracts deployed on blockchain has exploded.However,the issue of vulnerability has caused incalculable losses.Due to the irreversible and immutability of smart contracts,vulnerability detection has become particularly important.With the popular use of neural network model,there has been a growing utilization of deep learning-based methods and tools for the identification of vulnerabilities within smart contracts.This paper commences by providing a succinct overview of prevalent categories of vulnerabilities found in smart contracts.Subsequently,it categorizes and presents an overview of contemporary deep learning-based tools developed for smart contract detection.These tools are categorized based on their open-source status,the data format and the type of feature extraction they employ.Then we conduct a comprehensive comparative analysis of these tools,selecting representative tools for experimental validation and comparing them with traditional tools in terms of detection coverage and accuracy.Finally,Based on the insights gained from the experimental results and the current state of research in the field of smart contract vulnerability detection tools,we suppose to provide a reference standard for developers of contract vulnerability detection tools.Meanwhile,forward-looking research directions are also proposed for deep learning-based smart contract vulnerability detection.

Analyzing Ethereum Smart Contract Vulnerabilities at Scale Based on Inter-Contract Dependency

Smart contracts running on public blockchains are permissionless and decentralized,attracting both developers and malicious participants.Ethereum,the world’s largest decentralized application platform on which more than 40 million smart contracts are running,is frequently challenged by smart contract vulnerabilities.What’s worse,since the homogeneity of a wide range of smart contracts and the increase in inter-contract dependencies,a vulnerability in a certain smart contract could affect a large number of other contracts in Ethereum.However,little is known about how vulnerable contracts affect other on-chain contracts and which contracts can be affected.Thus,we first present the contract dependency graph(CDG)to perform a vulnerability analysis for Ethereum smart contracts,where CDG characterizes inter-contract dependencies formed by DELEGATECALL-type internal transaction in Ethereum.Then,three generic definitions of security violations against CDG are given for finding respective potential victim contracts affected by different types of vulnerable contracts.Further,we construct the CDG with 195,247 smart contracts active in the latest blocks of the Ethereum and verify the above security violations against CDG by detecting three representative known vulnerabilities.Compared to previous large-scale vulnerability analysis,our analysis scheme marks potential victim contracts that can be affected by different types of vulnerable contracts,and identify their possible risks based on the type of security violation actually occurring.The analysis results show that the proportion of potential victim contracts reaches 14.7%,far more than that of corresponding vulnerable contracts(less than 0.02%)in CDG.

Research on optimal intelligent routing algorithm for IoV with machine learning and smart contract

The huge increase in the communication network rate has made the application fields and scenarios for vehicular ad hoc networks more abundant and diversified and proposed more requirements for the efficiency and quality of data transmission.To improve the limited communication distance and poor communication quality of the Internet of Vehicles(IoV),an optimal intelligent routing algorithm is proposed in this paper.Combined multiweight decision algorithm with the greedy perimeter stateless routing protocol,designed and evaluated standardized function for link stability.Linear additive weighting is used to optimize link stability and distance to improve the packet delivery rate of the IoV.The blockchain system is used as the storage structure for relay data,and the smart contract incentive algorithm based on machine learning is used to encourage relay vehicles to provide more communication bandwidth for data packet transmission.The proposed scheme is simulated and analyzed under different scenarios and different parameters.The experimental results demonstrate that the proposed scheme can effectively reduce the packet loss rate and improve system performance.

Electronic Auction Scheme Based on Smart Contract and IPFS

Sealed-bid auctions are a vital transaction tool in the e-commerce field.Traditional centralized auction schemes typically result in severe threats to data integrity,information transparency,and traceability owing to their excessive reliance on third parties,and blockchain-based auction schemes generally suffer from high storage costs and are deficient in functional and architectural design.To solve these problems,this study presents a sealed-bid auction scheme that removes the third-party based on an Ethereum smart contract,ensuring data integrity,openness,and transparency in the execution process.The commitment mechanism and distributed storage system help to significantly reduce the user’s storage cost and protect the privacy of user bids.For the functional design,this study introduces a fulltext-retrieval and dispute-processing module for commodities,which reduces the defects existing in the functional module design of existing auction systems.Furthermore,a prototype auction system on the Ethereum test chain is built to validate the proposed scheme.Experiments show that compared with traditional storage methods,indirect storage based on a distributed storage system of texts and images can reduce the storage cost by at least 50%while ensuring data integrity.Finally,the gas cost at each stage of the auction scheme and the time required for the full-text retrieval of products are recorded to evaluate the scheme performance and analyze the test results.

Smart Contract to Traceability of Food Social Selling

Traditionally,food sustainability has been considered solely in the stage of agricultural production.However,globalization,the expansion of the food production industry,and the emergence of supermarket chains that control the retail food market require specific significant changes in supply chains in the food sector and,therefore,we need to address the economic,social,and environmental impacts of these events.On the other hand,social selling has increased rapidly in recent years,with a further boom,following current events related to the coronavirus disease(COVID-19).This explosion of social sales,where there are usually no control and regulation entities,can bring problems associated with mishandling items.In this paper,we expose how Blockchain technology supports the traceability of social sales by validating the data provided by the chain participants such as digital health passports,production and transport data in the sale process;the proposed solution generates recommendations on productmanagement considering the agreements previously made by the network actors.To evaluate the proposed smart contracts,we useHyperledger Caliper,obtaining an average throughput of 12.6 transactions per second and an average latency of 0.3 s for the asset update process.We also use a study case to evaluate the proposed project platform’s selling-transport stage using Internet of Things(IoT)sensors.

A Trusted Multi-Task Distribution Mechanism for Internet of Vehicles Based on Smart Contract

In this paper,a trusted multi-task distribution mechanism for Internet of Vehicles based on smart contract is proposed to improve the security and efficiency for the task distribution in Internet of Vehicles.Firstly,a three-tier trusted multi-task distribution framework is presented based on smart contract.The smart contract will be triggered by the task request.As the important part of the smart contract,the task distribution algorithm is stored on the blockchain and run automatically.In the process of the task distribution,the cost of the task distribution and the system stability play a critical role.Therefore,the task distribution problem is formulated to minimize the cost of the task distribution whilst maintaining the stability of the system based on Lyapunov theorem.Unfortunately,this problem is a mixed integer nonlinear programming problem with NP-hard characteristics.To tackle this,the optimization problem is decomposed into two sub problems of computing resource allocation and task distribution decision,and an effective task distribution algorithm is proposed.Simulation results show that the proposed algorithm can effectively improves system performance.

Smart Contract Based DDoS Attack Traceability Audit Mechanism in Intelligent IoT

In this paper,we focus on providing data provenance auditing schemes for distributed denial of service(DDoS)defense in intelligent internet of things(IoT).To achieve effective DDoS defense,we introduce a two-layer collaborative blockchain framework to support data auditing.Specifically,using data scattered among intelligent IoT devices,switch gateways self-assemble a layer of blockchain in the local autonomous system(AS),and the main chain with controller participation can be aggregated by its associated layer of blocks once a cycle,to obtain a global security model.To optimize the processing delay of the security model,we propose a process of data pre-validation with the goal of ensuring data consistency while satisfying overhead requirements.Since the flood of identity spoofing packets,it is difficult to solve the identity consistency of data with traditional detection methods,and accountability cannot be pursued afterwards.Thus,we proposed a Packet Traceback Telemetry(PTT)scheme,based on in-band telemetry,to solve the problem.Specifically,the PTT scheme is executed on the distributed switch side,the controller to schedule and select routing policies.Moreover,a tracing probabilistic optimization is embedded into the PTT scheme to accelerate path reconstruction and save device resources.Simulation results show that the PTT scheme can reconstruct address spoofing packet forward path,reduce the resource consumption compared with existing tracing scheme.Data tracing audit method has fine-grained detection and feasible performance.

Vulnerability Detection of Ethereum Smart Contract Based on SolBERT-BiGRU-Attention Hybrid Neural Model

In recent years,with the great success of pre-trained language models,the pre-trained BERT model has been gradually applied to the field of source code understanding.However,the time cost of training a language model from zero is very high,and how to transfer the pre-trained language model to the field of smart contract vulnerability detection is a hot research direction at present.In this paper,we propose a hybrid model to detect common vulnerabilities in smart contracts based on a lightweight pre-trained languagemodel BERT and connected to a bidirectional gate recurrent unitmodel.The downstream neural network adopts the bidirectional gate recurrent unit neural network model with a hierarchical attention mechanism to mine more semantic features contained in the source code of smart contracts by using their characteristics.Our experiments show that our proposed hybrid neural network model SolBERT-BiGRU-Attention is fitted by a large number of data samples with smart contract vulnerabilities,and it is found that compared with the existing methods,the accuracy of our model can reach 93.85%,and the Micro-F1 Score is 94.02%.

Smart contract token-based privacy-preserving access control system for industrial Internet of Things

Due to mobile Internet technology's rapid popularization,the Industrial Internet of Things(IIoT)can be seen everywhere in our daily lives.While IIoT brings us much convenience,a series of security and scalability issues related to permission operations rise to the surface during device communications.Hence,at present,a reliable and dynamic access control management system for IIoT is in urgent need.Up till now,numerous access control architectures have been proposed for IIoT.However,owing to centralized models and heterogeneous devices,security and scalability requirements still cannot be met.In this paper,we offer a smart contract token-based solution for decentralized access control in IIoT systems.Specifically,there are three smart contracts in our system,including the Token Issue Contract(TIC),User Register Contract(URC),and Manage Contract(MC).These three contracts collaboratively supervise and manage various events in IIoT environments.We also utilize the lightweight and post-quantum encryption algorithm-Nth-degree Truncated Polynomial Ring Units(NTRU)to preserve user privacy during the registration process.Subsequently,to evaluate our proposed architecture's performance,we build a prototype platform that connects to the local blockchain.Finally,experiment results show that our scheme has achieved secure and dynamic access control for the IIoT system compared with related research.

GRATDet:Smart Contract Vulnerability Detector Based on Graph Representation and Transformer

Smart contracts have led to more efficient development in finance and healthcare,but vulnerabilities in contracts pose high risks to their future applications.The current vulnerability detection methods for contracts are either based on fixed expert rules,which are inefficient,or rely on simplistic deep learning techniques that do not fully leverage contract semantic information.Therefore,there is ample room for improvement in terms of detection precision.To solve these problems,this paper proposes a vulnerability detector based on deep learning techniques,graph representation,and Transformer,called GRATDet.The method first performs swapping,insertion,and symbolization operations for contract functions,increasing the amount of small sample data.Each line of code is then treated as a basic semantic element,and information such as control and data relationships is extracted to construct a new representation in the form of a Line Graph(LG),which shows more structural features that differ from the serialized presentation of the contract.Finally,the node information and edge information of the graph are jointly learned using an improved Transformer-GP model to extract information globally and locally,and the fused features are used for vulnerability detection.The effectiveness of the method in reentrancy vulnerability detection is verified in experiments,where the F1 score reaches 95.16%,exceeding stateof-the-art methods.

A Review of Smart Contract Blockchain Based on Multi-Criteria Analysis:Challenges and Motivations

A smart contract is a digital program of transaction protocol(rules of contract)based on the consensus architecture of blockchain.Smart contracts with Blockchain are modern technologies that have gained enormous attention in scientific and practical applications.A smart contract is the central aspect of a blockchain that facilitates blockchain as a platformoutside the cryptocurrency spectrum.The development of blockchain technology,with a focus on smart contracts,has advanced significantly in recent years.However,research on the smart contract idea has weaknesses in the implementation sectors based on a decentralized network that shares an identical state.This paper extensively reviews smart contracts based on multi-criteria analysis,challenges and motivations.Therefore,implementing blockchain in multicriteria research is required to increase the efficiency of interaction between users via supporting information exchange with high trust.Implementing blockchain in the multi-criteria analysis is necessary to increase the efficiency of interaction between users via supporting information exchange and with high confidence,detecting malfunctioning,helping users with performance issues,reaching a consensus,deploying distributed solutions and allocating plans,tasks and joint missions.The smart contract with decision-making performance,planning and execution improves the implementation based on efficiency,sustainability and management.Furthermore,the uncertainty and supply chain performance lead to improved users’confidence in offering new solutions in exchange for problems in smart contacts.Evaluation includes code analysis and performance,while development performance can be under development.

The Detection of Fraudulent Smart Contracts Based on ECA-EfficientNet and Data Enhancement

With the increasing popularity of Ethereum,smart contracts have become a prime target for fraudulent activities such as Ponzi,honeypot,gambling,and phishing schemes.While some researchers have studied intelligent fraud detection,most research has focused on identifying Ponzi contracts,with little attention given to detecting and preventing gambling or phishing contracts.There are three main issues with current research.Firstly,there exists a severe data imbalance between fraudulent and non-fraudulent contracts.Secondly,the existing detection methods rely on diverse raw features that may not generalize well in identifying various classes of fraudulent contracts.Lastly,most prior studies have used contract source code as raw features,but many smart contracts only exist in bytecode.To address these issues,we propose a fraud detection method that utilizes Efficient Channel Attention EfficientNet(ECA-EfficientNet)and data enhancement.Our method begins by converting bytecode into Red Green Blue(RGB)three-channel images and then applying channel exchange data enhancement.We then use the enhanced ECA-EfficientNet approach to classify fraudulent smart contract RGB images.Our proposed method achieves high F1-score and Recall on both publicly available Ponzi datasets and self-built multi-classification datasets that include Ponzi,honeypot,gambling,and phishing smart contracts.The results of the experiments demonstrate that our model outperforms current methods and their variants in Ponzi contract detection.Our research addresses a significant problem in smart contract security and offers an effective and efficient solution for detecting fraudulent contracts.

A Data Consistency Insurance Method for Smart Contract

As one of the major threats to the current DeFi(Decentralized Finance)ecosystem,reentrant attack induces data inconsistency of the victim smart contract,enabling attackers to steal on-chain assets from DeFi projects,which could terribly do harm to the confidence of the blockchain investors.However,protecting DeFi projects from the reentrant attack is very difficult,since generating a call loop within the highly automatic DeFi ecosystem could be very practicable.Existing researchers mainly focus on the detection of the reentrant vulnerabilities in the code testing,and no method could promise the non-existent of reentrant vulnerabilities.In this paper,we introduce the database lock mechanism to isolate the correlated smart contract states from other operations in the same contract,so that we can prevent the attackers from abusing the inconsistent smart contract state.Compared to the existing resolutions of front-running,code audit,andmodifier,our method guarantees protection resultswith better flexibility.And we further evaluate our method on a number of de facto reentrant attacks observed from Etherscan.The results prove that our method could efficiently prevent the reentrant attack with less running cost.

Deep Learning-Based Program-Wide Binary Code Similarity for Smart Contracts

Recently,security issues of smart contracts are arising great attention due to the enormous financial loss caused by vulnerability attacks.There is an increasing need to detect similar codes for hunting vulnerability with the increase of critical security issues in smart contracts.Binary similarity detection that quantitatively measures the given code diffing has been widely adopted to facilitate critical security analysis.However,due to the difference between common programs and smart contract,such as diversity of bytecode generation and highly code homogeneity,directly adopting existing graph matching and machine learning based techniques to smart contracts suffers from low accuracy,poor scalability and the limitation of binary similarity on function level.Therefore,this paper investigates graph neural network to detect smart contract binary code similarity at the program level,where we conduct instruction-level normalization to reduce the noise code for smart contract pre-processing and construct contract control flow graphs to represent smart contracts.In particular,two improved Graph Convolutional Network(GCN)and Message Passing Neural Network(MPNN)models are explored to encode the contract graphs into quantitatively vectors,which can capture the semantic information and the program-wide control flow information with temporal orders.Then we can efficiently accomplish the similarity detection by measuring the distance between two targeted contract embeddings.To evaluate the effectiveness and efficient of our proposed method,extensive experiments are performed on two real-world datasets,i.e.,smart contracts from Ethereum and Enterprise Operation System(EOS)blockchain-based platforms.The results show that our proposed approach outperforms three state-of-the-art methods by a large margin,achieving a great improvement up to 6.1%and 17.06%in accuracy.

Securing Parked Vehicle Assisted Fog Computing With Blockchain and Optimal Smart Contract Design

Vehicular fog computing(VFC)has been envisioned as an important application of fog computing in vehicular networks.Parked vehicles with embedded computation resources could be exploited as a supplement for VFC.They cooperate with fog servers to process offloading requests at the vehicular network edge,leading to a new paradigm called parked vehicle assisted fog computing(PVFC).However,each coin has two sides.There is a follow-up challenging issue in the distributed and trustless computing environment.The centralized computation offloading without tamper-proof audit causes security threats.It could not guard against false-reporting,free-riding behaviors,spoofing attacks and repudiation attacks.Thus,we leverage the blockchain technology to achieve decentralized PVFC.Request posting,workload undertaking,task evaluation and reward assignment are organized and validated automatically through smart contract executions.Network activities in computation offloading become transparent,verifiable and traceable to eliminate security risks.To this end,we introduce network entities and design interactive smart contract operations across them.The optimal smart contract design problem is formulated and solved within the Stackelberg game framework to minimize the total payments for users.Security analysis and extensive numerical results are provided to demonstrate that our scheme has high security and efficiency guarantee.

Elastic Smart Contracts in Blockchains

In this paper,we deal with questions related to blockchains in complex Internet of Things(IoT)-based ecosystems.Such ecosystems are typically composed of IoT devices,edge devices,cloud computing software services,as well as people,who are decision makers in scenarios such as smart cities.Many decisions related to analytics can be based on data coming from IoT sensors,software services,and people.However,they are typically based on different levels of abstraction and granularity.This poses a number of challenges when multiple blockchains are used together with smart contracts.This work proposes to apply our concept of elasticity to smart contracts and thereby enabling analytics in and between multiple blockchains in the context of IoT.We propose a reference architecture for Elastic Smart Contracts and evaluate the approach in a smart city scenario,discussing the benefits in terms of performance and self-adaptability of our solution.