Go to DBLP homepageDetecting Unknown Threats in Smart Contracts With Domain Adaptation
Abstract: Unknown smart contract vulnerabilities objectively exist in addition to common vulnerabilities, and their potential risks cannot be ignored. Therefore, it is crucial to enhance the model's ability to detect these unknown threats. Detection models are typically trained for specific types of vulnerability data. As a result, their effectiveness in detecting new vulnerabilities can be unsatisfactory. When a vulnerability is not defined in the model, it is considered an unknown vulnerability. Simulating attack scenarios or manual auditing is typically required for unknown threat detection. However, this results in a limited number of unknown threat samples available in the smart contract dataset, which greatly hinders the effectiveness of unknown threat detection due to dataset imbalance. In this paper, in order to improve the detection ability of unknown vulnerabilities of smart contracts, we propose a new method of unknown threat detection, which firstly expands the unknown threat samples by equalizing the data features of opcodes and source codes through a variational autoencoder. Then, a domain-adaptive training model DSN is used to learn the private and public features of the source and target domains of smart contracts, respectively. Trans-ferring features and adversarial learning between the source and target domains is achieved through domain classification and reconfiguration tasks. The experiments demonstrate that this method can significantly enhance the ability to identify unknown threats in smart contracts.
Loading