A Reliable Framework for Detection of Smart Contract Vulnerabilities for Enhancing Operability in Inter-Organizational Systems

Authors

  • S. Arunprasath Department of Networking and Communications, School of Computing, College of Engineering and Technology, SRM Institute of Science and Technology, SRM Nagar, Kattankulathur, Chengalpattu – 603203, Chennai, Tamil Nadu, India
  • A. Suresh Department of Networking and Communications, School of Computing, College of Engineering and Technology, SRM Institute of Science and Technology, SRM Nagar, Kattankulathur, Chengalpattu – 603203, Chennai, Tamil Nadu, India

DOI:

https://doi.org/10.13052/jmm1550-4646.2027

Keywords:

Inter-organizational systems, blockchain technology, isolation forest, genetic algorithms, smart contract vulnerability detection, Ethereum smart contracts, vulnerability detection

Abstract

Information and communication technology based inter-organizational systems enable companies to integrate information and conduct business electronically across different parts of the organization. For organizations embracing blockchain, smart contracts provide automation and operational efficiency for inter-organizational systems. Initially utilised for financial transactions, smart contract are extended beyond banking and deployed in wide number of organizations. Smart contracts are regarded as self-executing type of contract consisting of agreement’s terms embedded directly into the code which plays a vital role in operability for inter-organizational systems, however, smart contract vulnerabilities can arise due to programming errors, leading to security issues. The effects of smart contract vulnerabilities can be significant, including loss of funds, unauthorized access to sensitive information, manipulation of data, and loss of trust in the application leading to catastrophic financial losses followed by legal implications for an organization based on blockchain technology. The goal of smart contracts exploiting vulnerabilities is to discover and eliminate potential security vulnerabilities in smart contract code prior to it being deployed. Detecting vulnerabilities in a timely manner helps to prevent financial losses, unauthorized access, and data manipulation. In order to provide a robust solution to detect vulnerabilities in smart contracts, the proposed methodology presents a novel approach for rapid detection of vulnerabilities by integrating genetic algorithm with isolation forest. Furthermore, enhancing smart contract vulnerability identification with higher accuracy and false-positive rate provides a reliable gateway for organizations to adopt blockchain.

Downloads

Download data is not yet available.

Author Biographies

S. Arunprasath, Department of Networking and Communications, School of Computing, College of Engineering and Technology, SRM Institute of Science and Technology, SRM Nagar, Kattankulathur, Chengalpattu – 603203, Chennai, Tamil Nadu, India

S. Arunprasasth, B.Tech., M.E is currently a full-time research scholar at the SRM Institute of Science and Technology in Kattankullathur. He completed his Master of Engineering in computer science and engineering in 2011, and he has 10 years of teaching experience. His research interests are blockchain technology and artificial intelligence.

A. Suresh, Department of Networking and Communications, School of Computing, College of Engineering and Technology, SRM Institute of Science and Technology, SRM Nagar, Kattankulathur, Chengalpattu – 603203, Chennai, Tamil Nadu, India

A. Suresh, B.E., M.Tech., Ph.D works as the Associate Professor, Department of the Networking and Communications, School of Computing in SRM Institute of Science & Technology, Kattankulathur, Chengalpattu Dist., Tamil Nadu, India. He has been nearly two decades of experience in teaching and his areas of specializations are IoT, Data Mining, Artificial Intelligence, Image Processing, Multimedia and System Software. He has published eight patents and 150+ papers in International journals. He has book Authored “Bioinformatics and Medical Applications: Big Data using Deep Learning Algorithms” in Scrivener-Wiley publisher, “Practical Python Programming for Data Scientists” in Arcler Press, Canada, “Industrial IoT Application Architectures and use cases” published in CRC press and edited book entitled “Deep learning and Edge Computing solutions for High Performance Computing” published in EAI/Springer Innovations in Communications and Computing, “Sensor Data Management and Analysis: The Role of Deep Learning” in Scrivener-Wiley & IEEE Press publisher. “Deep Neural Networks for Multimodal Imaging and Biomedical Application” published in IGI Global. He has currently editing a book entitled “Resource Management in Advanced Wireless Mobile Networks: Emerging Challenges and Prospects” in Scrivener-Wiley publisher. He has published 20+ chapters in the various publisher like EAI/Springer Innovations in Communication and Computing, IGI Global Publisher CRC press etc. He has published more than 50 papers in National and International Conferences. He has served as editor/reviewer for Springer, Elsevier, Wiley, IGI Global, IoS Press, Inderscience journals etc. He is a member of IEEE (Senior Member), ISTE, MCSI, IACSIT, IAENG, MCSTA and Global Member of Internet Society (ISOC). He has organized several National Workshop, Conferences and Technical Events. He is regularly invited to deliver lectures in various programmes for imparting skills in research methodology to students and research scholars. He has published four books in Indian publishers, in the name of Hospital Management, Data Structures & Algorithms, Computer Programming, Problem Solving and Python Programming and Programming in “C”. He has hosted two special sessions for IEEE sponsored conference in Osaka, Japan and Thailand.

References

R. Palanisamy, A. A. Norman, and M. L. M. Kiah, “BYOD Security Risks and Mitigation Strategies: Insights from IT Security Experts,” J. Organ. Comput. Electron. Commer., vol. 31, no. 4, pp. 320–342, 2021, doi: 10.1080/10919392.2022.2028530.

S. Dhar and I. Bose, “Securing IoT Devices Using Zero Trust and Blockchain,” J. Organ. Comput. Electron. Commer., vol. 31, no. 1, pp. 18–34, 2021, doi: 10.1080/10919392.2020.1831870.

N. Ashizawa, N. Yanai, J. P. Cruz, and S. Okamura, “Eth2Vec: Learning Contract-Wide Code Representations for Vulnerability Detection on Ethereum Smart Contracts,” BSCI 2021 – Proc. 3rd ACM Int. Symp. Blockchain Secur. Crit. Infrastructure, co-located with ASIA CCS 2021, pp. 47–59, 2021, doi: 10.1145/3457337.3457841.

Y. Xu, G. Hu, L. You, and C. Cao, “A Novel Machine Learning-Based Analysis Model for Smart Contract Vulnerability,” Secur. Commun. Networks, vol. 2021, no. June 2016, 2021, doi: 10.1155/2021/5798033.

X. Ge, J. Yu, F. Chen, F. Kong, and H. Wang, “Encrypted Cloud-Based IoT Data,” vol. 8, no. 16, pp. 12902–12918, 2021.

N. Dong, J. Sun, Z. Wang, S. Zhang, and S. Zheng, “FLock: Defending Malicious Behaviors in Federated Learning with Blockchain,” 2022, [Online]. Available: https://arxiv.org/abs/2211.04344v1.

F. Ma et al., “Pluto: Exposing Vulnerabilities in Inter-Contract Scenarios,” IEEE Trans. Softw. Eng., vol. 48, no. 11, pp. 4380–4396, 2021, doi: 10.1109/TSE.2021.3117966.

H. H. Nguyen, N.-M. Nguyen, H.-P. Doan, Z. Ahmadi, T.-N. Doan, and L. Jiang, “MANDO-GURU: vulnerability detection for smart contract source code by heterogeneous graph embeddings,” pp. 1736–1740, 2022, doi: 10.1145/3540250.3558927.

O. Lutz et al., ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning, vol. 1, no. 1. Association for Computing Machinery, 2021. [Online]. Available: http://arxiv.org/abs/2103.12607.

H. Wu, H. Dong, Y. He, and Q. Duan, “Applied sciences Smart Contract Vulnerability Detection Based on Hybrid Attention Mechanism Model,” 2023.

P. Kumar, R. Kumar, G. P. Gupta, and R. Tripathi, “BDEdge: Blockchain and Deep-Learning for Secure Edge-Envisioned Green CAVs,” IEEE Trans. Green Commun. Netw., vol. 6, no. 3, pp. 1330–1339, 2022, doi: 10.1109/TGCN.2022.3165692.

Y. Huang, T. Zhang, S. Fang, and Y. Tan, “Deep Smart Contract Intent Detection,” 2022, [Online]. Available: http://arxiv.org/abs/2211.10724.

L. Zhang et al., “CBGRU: A Detection Method of Smart Contract Vulnerability Based on a Hybrid Model,” Sensors, vol. 22, no. 9, 2022, doi: 10.3390/s22093577.

L. Zhang et al., “A Novel Smart Contract Vulnerability Detection Method Based on Information Graph and Ensemble Learning,” Sensors, vol. 22, no. 9, pp. 1–25, 2022, doi: 10.3390/s22093581.

L. Galletta and F. Pinelli, “Sharpening Ponzi Schemes Detection on Ethereum with Machine Learning,” pp. 1–8, 2023, [Online]. Available: http://arxiv.org/abs/2301.04872.

F. Mi et al., “An Automated Vulnerability Detection Framework for Smart Contracts,” 2023, [Online]. Available: http://arxiv.org/abs/2301.08824.

Z. Liu, P. Qian, X. Wang, Y. Zhuang, L. Qiu, and X. Wang, “Combining Graph Neural Networks with Expert Knowledge for Smart Contract Vulnerability Detection,” IEEE Trans. Knowl. Data Eng., 2021, doi: 10.1109/TKDE.2021.3095196.

Z. Liu, P. Qian, X. Wang, L. Zhu, Q. He, and S. Ji, “Smart Contract Vulnerability Detection: From Pure Neural Network to Interpretable Graph Feature and Expert Pattern Fusion,” IJCAI Int. Jt. Conf. Artif. Intell., pp. 2751–2759, 2021, doi: 10.24963/ijcai.2021/379.

H. Jin, Z. Wang, M. Wen, W. Dai, Y. Zhu, and D. Zou, “Aroc: An Automatic Repair Framework for On-chain Smart Contracts,” IEEE Trans. Softw. Eng., vol. 48, no. 11, pp. 4611–4629, 2021, doi: 10.1109/TSE.2021.3123170.

H. Wu et al., “Peculiar: Smart Contract Vulnerability Detection Based on Crucial Data Flow Graph and Pre-training Techniques,” Proc. – Int. Symp. Softw. Reliab. Eng. ISSRE, vol. 2021-October, pp. 378–389, 2021, doi: 10.1109/ISSRE52982.2021.00047.

R. Kumar, P. Kumar, R. Tripathi, G. P. Gupta, A. K. M. N. Islam, and M. Shorfuzzaman, “Permissioned Blockchain and Deep Learning for Secure and Efficient Data Sharing in Industrial Healthcare Systems,” IEEE Trans. Ind. Informatics, vol. 18, no. 11, pp. 8065–8073, 2022, doi: 10.1109/TII.2022.3161631.

S. T. Muntaha, P. I. Lazaridis, M. Hafeez, Q. Z. Ahmed, F. A. Khan and Z. D. Zaharis, “Blockchain for Dynamic Spectrum Access and Network Slicing: A Review,” in IEEE Access, vol. 11, pp. 17922–17944, 2023, doi: 10.1109/ACCESS.2023.3243985.

Wongsamerchue, T., Leelasantitham, A. An Electronic Double Auction of Prepaid Electricity Trading Using Blockchain Technology. JMM 2022, 18, 1829–1850.

Alamsyah, Andry, Naufal Hakim, and Ratih Hendayani. 2022. “Blockchain-Based Traceability System to Support the Indonesian Halal Supply Chain Ecosystem”, Economies 10, no. 6: 134. https://doi.org/10.3390/economies10060134.

Naman Kabra, Pronaya Bhattacharya, Sudeep Tanwar, Sudhanshu Tyagi, MudraChain: Blockchain-based framework for automated cheque clearance in financial institutions, Future Generation Computer Systems, Volume 102, 2020, Pages 574–587, ISSN 0167-739X, https://doi.org/10.1016/j.future.2019.08.035.

https://library.dedaub.com/.” https://library.dedaub.com/.

Mary Subaja Christo, V. Elizabeth Jesi, Uma Priyadarsini, V. Anbarasu, Hridya Venugopal, Marimuthu Karuppiah, “Ensuring Improved Security in Medical Data Using ECC and Blockchain Technology with Edge Devices”, Security and Communication Networks, vol. 2021, Article ID 6966206, 13 pages, 2021. https://doi.org/10.1155/2021/6966206.

Downloads

Published

2024-03-29

How to Cite

Arunprasath, S., & Suresh, A. (2024). A Reliable Framework for Detection of Smart Contract Vulnerabilities for Enhancing Operability in Inter-Organizational Systems. Journal of Mobile Multimedia, 20(02), 411–434. https://doi.org/10.13052/jmm1550-4646.2027

Issue

2024: Vol 20 Iss 2

Section

Articles