Detailed Information
Cited 0 time in 
Cited 0 time in 
Cited 0 time in
Metadata Downloads
A Study on the Security Weakness Detection of Solidity Smart Contracts using Graph Neural Networks on Blockchain Platforms
- Authors
- Kim, Sunghyun; Jung, Seunggi; Son, Yunsik; Lee, Yangsun
- Issue Date
- Jan-2025
- Publisher
- AnaPub Publications
- Keywords
- Blockchain; Ethereum; Graph Convolution Network; Graph Neural Networks; Security Vulnerability; Security Weakness Analyzer; Smart Contract; Solidity
- Citation
- Journal of Machine and Computing, v.5, no.1, pp 243 - 254
- Pages
- 12
- Indexed
- SCOPUS
- Journal Title
- Journal of Machine and Computing
- Volume
- 5
- Number
- 1
- Start Page
- 243
- End Page
- 254
- ISSN
- 2789-1801
2788-7669
- Abstract
- Blockchain is a distributed ledger technology that allows users to record and share information safely and transparently. A smart contract is a contract decided based on a blockchain and is a program that automatically executes or executes contract terms. Smart contracts improve the transparency and reliability of transactions by utilizing the tampering prevention function of blockchain technology. Software security vulnerability refers to the fundamental cause of vulnerabilities caused by logical errors, bugs, and mistakes that can be defective in software development. To prevent software security accidents, security weaknesses must be analyzed before the program is distributed. Smart contract codes that operate on ethereum, a blockchain-based framework, can have security vulnerabilities inside the code. When the contract is completed and the block is created, the chaincode cannot be arbitrarily modified, so the security weakness must be analyzed before execution. In this paper, we used deep learning's graph neural network (GNN) to detect security vulnerabilities in solidity codes. To analyze security vulnerabilities in solidity code, we defined eight types of security weakness items, converted the solidity code into graph data. In order to represent both the structural elements of the program, the control flow, and the data flow, the solidity code was converted into an abstract syntax tree (AST) and the graph information required for GNN learning was extracted from AST to convert the solidity code into a graph. Next, after generating several datasets for training GNN models by integrating graph data and their properties with labels, it is possible to detect whether security vulnerabilities exist in the solidity code through GNN learning. This method performs security weakness detection more effectively than conventional rule-based methods. ©2025 The Authors. Published by AnaPub Publications.
- Files in This Item
- There are no files associated with this item.
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
Related Researcher
- Son, Yun Sik
- College of Advanced Convergence Engineering (Department of Computer Science and Artificial Intelligence)