EthCluster: An Unsupervised Static Analysis Method for Ethereum Smart Contract
By: Hong-Sheng Huang , Jen-Yi Ho , Hao-Wen Chen and more
Potential Business Impact:
Finds hidden bugs in online money code.
Poorly designed smart contracts are particularly vulnerable, as they may allow attackers to exploit weaknesses and steal the virtual currency they manage. In this study, we train a model using unsupervised learning to identify vulnerabilities in the Solidity source code of Ethereum smart contracts. To address the challenges associated with real-world smart contracts, our training data is derived from actual vulnerability samples obtained from datasets such as SmartBugs Curated and the SolidiFI Benchmark. These datasets enable us to develop a robust unsupervised static analysis method for detecting five specific vulnerabilities: Reentrancy, Access Control, Timestamp Dependency, tx.origin, and Unchecked Low-Level Calls. We employ clustering algorithms to identify outliers, which are subsequently classified as vulnerable smart contracts.
Similar Papers
A Comprehensive Study of Exploitable Patterns in Smart Contracts: From Vulnerability to Defense
Cryptography and Security
Finds and fixes dangerous code in digital money systems.
Security Vulnerabilities in Ethereum Smart Contracts: A Systematic Analysis
Cryptography and Security
Protects online money from hackers.
Mining Characteristics of Vulnerable Smart Contracts Across Lifecycle Stages
Cryptography and Security
Finds hidden bugs in digital money agreements.