90 research outputs found
AI-powered Fraud Detection in Decentralized Finance: A Project Life Cycle Perspective
In recent years, blockchain technology has introduced decentralized finance
(DeFi) as an alternative to traditional financial systems. DeFi aims to create
a transparent and efficient financial ecosystem using smart contracts and
emerging decentralized applications. However, the growing popularity of DeFi
has made it a target for fraudulent activities, resulting in losses of billions
of dollars due to various types of frauds. To address these issues, researchers
have explored the potential of artificial intelligence (AI) approaches to
detect such fraudulent activities. Yet, there is a lack of a systematic survey
to organize and summarize those existing works and to identify the future
research opportunities. In this survey, we provide a systematic taxonomy of
various frauds in the DeFi ecosystem, categorized by the different stages of a
DeFi project's life cycle: project development, introduction, growth, maturity,
and decline. This taxonomy is based on our finding: many frauds have strong
correlations in the stage of the DeFi project. According to the taxonomy, we
review existing AI-powered detection methods, including statistical modeling,
natural language processing and other machine learning techniques, etc. We find
that fraud detection in different stages employs distinct types of methods and
observe the commendable performance of tree-based and graph-related models in
tackling fraud detection tasks. By analyzing the challenges and trends, we
present the findings to provide proactive suggestion and guide future research
in DeFi fraud detection. We believe that this survey is able to support
researchers, practitioners, and regulators in establishing a secure and
trustworthy DeFi ecosystem.Comment: 38 pages, update reference
Why Trick Me: The Honeypot Traps on Decentralized Exchanges
Decentralized Exchanges (DEXs) are one of the most important infrastructures
in the world of Decentralized Finance (DeFi) and are generally considered more
reliable than centralized exchanges (CEXs). However, some well-known
decentralized exchanges (e.g., Uniswap) allow the deployment of any unaudited
ERC20 tokens, resulting in the creation of numerous honeypot traps designed to
steal traders' assets: traders can exchange valuable assets (e.g., ETH) for
fraudulent tokens in liquidity pools but are unable to exchange them back for
the original assets.
In this paper, we introduce honeypot traps on decentralized exchanges and
provide a taxonomy for these traps according to the attack effect. For
different types of traps, we design a detection scheme based on historical data
analysis and transaction simulation. We randomly select 10,000 pools from
Uniswap V2 \& V3, and then utilize our method to check these pools.Finally, we
discover 8,443 abnormal pools, which shows that honeypot traps may exist widely
in exchanges like Uniswap. Furthermore, we discuss possible mitigation and
defense strategies to protect traders' assets
Towards Usable Protection Against Honeypots
The Ethereum blockchain enables the execution of so-called smart contracts. These are programs that facilitate the automated transfer of funds according to a given business logic without the participants requiring to trust one another. However, recently attackers started using smart contracts to lure users into traps by deploying contracts that pretend to give away funds but in fact contain hidden traps. This new type of scam is commonly referred to as honeypots. In this paper, we propose a system that aims to protect users from falling into these traps. The system consists of a plugin for MetaMask and a back-end service that continuously scans the Ethereum blockchain for honeypots. Whenever a user is about to perform a transaction through MetaMask, our plugin sends a request to the back-end and warns the user if the target contract is a honeypot
Consolidation of Ground Truth Sets for Weakness Detection in Smart Contracts
Smart contracts are small programs on the blockchain that often handle
valuable assets. Vulnerabilities in smart contracts can be costly, as time has
shown over and over again. Countermeasures are high in demand and include best
practice recommendations as well as tools supporting development, program
verification, and post-deployment analysis. Many tools focus on detecting the
absence or presence of a subset of the known vulnerabilities, delivering
results of varying quality. Most comparative tool evaluations resort to
selecting a handful of tools and testing them against each other. In the best
case, the evaluation is based on a smallish ground truth. For Ethereum, there
are commendable efforts by several author groups to manually classify
contracts. However, a comprehensive ground truth is still lacking. In this
work, we construct a ground truth based on publicly available benchmark sets
for Ethereum smart contracts with manually checked ground truth data. We
develop a method to unify these sets. Additionally, we devise strategies for
matching entries that pertain to the same contract, such that we can determine
overlaps and disagreements between the sets and consolidate the disagreements.
Finally, we assess the quality of the included ground truth sets. Our work
reduces inconsistencies, redundancies, and incompleteness while increasing the
number of data points and heterogeneity
TRIDEnT: Building Decentralized Incentives for Collaborative Security
Sophisticated mass attacks, especially when exploiting zero-day
vulnerabilities, have the potential to cause destructive damage to
organizations and critical infrastructure. To timely detect and contain such
attacks, collaboration among the defenders is critical. By correlating
real-time detection information (alerts) from multiple sources (collaborative
intrusion detection), defenders can detect attacks and take the appropriate
defensive measures in time. However, although the technical tools to facilitate
collaboration exist, real-world adoption of such collaborative security
mechanisms is still underwhelming. This is largely due to a lack of trust and
participation incentives for companies and organizations. This paper proposes
TRIDEnT, a novel collaborative platform that aims to enable and incentivize
parties to exchange network alert data, thus increasing their overall detection
capabilities. TRIDEnT allows parties that may be in a competitive relationship,
to selectively advertise, sell and acquire security alerts in the form of
(near) real-time peer-to-peer streams. To validate the basic principles behind
TRIDEnT, we present an intuitive game-theoretic model of alert sharing, that is
of independent interest, and show that collaboration is bound to take place
infinitely often. Furthermore, to demonstrate the feasibility of our approach,
we instantiate our design in a decentralized manner using Ethereum smart
contracts and provide a fully functional prototype.Comment: 28 page
Deep Smart Contract Intent Detection
Nowadays, security activities in smart contracts concentrate on vulnerability
detection. Despite early success, we find that developers' intent to write
smart contracts is a more noteworthy security concern because smart contracts
with malicious intent have caused significant users' financial loss.
Unfortunately, current approaches to identify the aforementioned malicious
smart contracts rely on smart contract security audits, which entail huge
manpower consumption and financial expenditure. To resolve this issue, we
propose a novel deep learning-based approach, SmartIntentNN, to conduct
automated smart contract intent detection. SmartIntentNN consists of three
primary parts: a pre-trained sentence encoder to generate the contextual
representations of smart contracts, a K-means clustering method to highlight
intent-related representations, and a bidirectional LSTM-based (long-short term
memory) multi-label classification network to predict the intents in smart
contracts. To evaluate the performance of SmartIntentNN, we collect more than
40,000 real smart contracts and perform a series of comparison experiments with
our selected baseline approaches. The experimental results demonstrate that
SmartIntentNN outperforms all baselines by up to 0.8212 in terms of the
f1-score metric.Comment: 12 pages, 9 figures, conferenc
EF/CF: High Performance Smart Contract Fuzzing for Exploit Generation
Smart contracts are increasingly being used to manage large numbers of
high-value cryptocurrency accounts. There is a strong demand for automated,
efficient, and comprehensive methods to detect security vulnerabilities in a
given contract. While the literature features a plethora of analysis methods
for smart contracts, the existing proposals do not address the increasing
complexity of contracts. Existing analysis tools suffer from false alarms and
missed bugs in today's smart contracts that are increasingly defined by
complexity and interdependencies. To scale accurate analysis to modern smart
contracts, we introduce EF/CF, a high-performance fuzzer for Ethereum smart
contracts. In contrast to previous work, EF/CF efficiently and accurately
models complex smart contract interactions, such as reentrancy and
cross-contract interactions, at a very high fuzzing throughput rate. To achieve
this, EF/CF transpiles smart contract bytecode into native C++ code, thereby
enabling the reuse of existing, optimized fuzzing toolchains. Furthermore,
EF/CF increases fuzzing efficiency by employing a structure-aware mutation
engine for smart contract transaction sequences and using a contract's ABI to
generate valid transaction inputs. In a comprehensive evaluation, we show that
EF/CF scales better -- without compromising accuracy -- to complex contracts
compared to state-of-the-art approaches, including other fuzzers,
symbolic/concolic execution, and hybrid approaches. Moreover, we show that
EF/CF can automatically generate transaction sequences that exploit reentrancy
bugs to steal Ether.Comment: To be published at Euro S&P 202
- …