检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:毕晓冰 马兆丰 徐明昆[1] BI Xiao-bing;MA Zhao-feng;XU Ming-kun(Network Technology Research Institute, Beijing University of Posts and Telecommunications, Beijing100876, China;School of Cyberspace Security, Beijing University of Posts and Telecommunications,Beijing 100876, China)
机构地区:[1]北京邮电大学网络技术研究院,北京100876 [2]北京邮电大学网络空间安全学院,北京100876
出 处:《信息安全与通信保密》2018年第12期63-73,共11页Information Security and Communications Privacy
基 金:国家自然科学基金(No.61472258)
摘 要:区块链智能合约具有高效实时更新、准确执行、去中心化等优点,但是智能合约执行过程中的漏洞问题却给用户及投资者带来较大困扰。针对以太坊上运行的智能合约安全防护问题,分析已发现漏洞类型,对智能合约整数溢出问题、可重入攻击、短地址漏洞三个智能合约安全漏洞典型问题,从Solidity语言自身以及以太坊虚拟机特殊机制入手,剖析智能合约漏洞的成因与攻击原理。并针对以上三种典型漏洞,分别提出安全模式下智能合约安全问题的解决方案。同时,对安全代码与不安全代码的执行结果进行对比,结果表明所提方案可以实现应对智能合约的漏洞的安全策略。Blockchain smart contracts have the advantages of efficient real-time update,accurate execution,and decentralization,but the loopholes in the execution of smart contracts have caused great problems for users and investors.Aiming at the problem of smart contract security protection running on Ethereum,this paper analyzes the types of vulnerabilities that have been discovered,the intelligent contract integer overflow problem,the reentrant attack,the short address vulnerability,and the three smart contract security vulnerabilities.Starting from Solidity language itself and the special mechanism of Ethereum virtual machine,this paper analyzes the causes and attack principles of intelligent contract vulnerability.And for the above three typical vulnerabilities,the solution to the smart contract security problem under the security mode is proposed separately.At the same time,the comparison between the execution results of the security code and the unsafe code shows that the proposed solution can implement the security strategy for dealing with the vulnerability of the smart contract.
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.189.188.157