智能合约漏洞检测及自动化修复方法  

Smart contract vulnerability detection and automatic repair method

在线阅读下载全文

作  者:王嘉诚 蒋佳佳 张玉书 赵佳豪 WANG Jia-cheng;JIANG Jia-jia;ZHANG Yu-shu;ZHAO Jia-hao(College of Computer Science and Technology/College of Artificial Intelligence/College of Software,Nanjing University of Aeronautics and Astronautics,Nanjing 211106,China)

机构地区:[1]南京航空航天大学计算机科学与技术学院/人工智能学院/软件学院,江苏南京211106

出  处:《计算机工程与设计》2025年第1期107-116,共10页Computer Engineering and Design

基  金:国家重点研发计划基金项目(2020YFB1005500);南京航空航天大学研究生创新训练基金项目(xcxjh20221616)。

摘  要:为解决智能合约存在的安全漏洞问题,研究智能合约漏洞检测及自动化修复方法。对智能合约进行漏洞检测,获得包含漏洞类别及位置等关键信息的检测报告,将智能合约源代码解析为抽象语法树格式,根据检测报告提供的漏洞信息,结合预定义漏洞修复模板,在抽象语法树层面对智能合约进行修复,根据抽象语法树反向解析获得修复后的智能合约源代码,实现智能合约的漏洞检测及自动化修复。实验结果表明,所研究的方法能够以较高的成功率修复智能合约漏洞,增强智能合约的正确性。To solve the problem of security vulnerabilities in smart contracts, smart contract vulnerability detection and automatic repair method was studied. The vulnerabilities of smart contracts were detected, and the detection report containing key information such as vulnerability category and location was obtained. The smart contract source code was parsed into the abstract syntax tree format, and according to the vulnerability information provided by the detection report, combined with the predefined repair templates, the smart contract was repaired at the level of the abstract syntax tree. The repaired smart contract source code was obtained by reverse parsing according to the abstract syntax tree. The vulnerability detection and automatic repair of smart contracts were realized. Experimental results show that the proposed method can repair smart contract vulnerabilities with a high success rate and enhance the correctness of smart contracts.

关 键 词:区块链 智能合约 安全漏洞 漏洞检测 自动化修复 抽象语法树 修复模板 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象