GMS:A Novel Method for Detecting Reentrancy Vulnerabilities in Smart Contracts  

作　　者：Dawei Xu Fan Huang Jiaxin Zhang Yunfang Liang Baokun Zheng Jian Zhao 

机构地区：[1]School of Computer Science,Changchun University,Changchun,130012,China [2]School of Computer Science and Technology,Beijing Institute of Technology,Beijing,100081,China [3]School of InformationManagement for Law,China University of Political Science and Law,Beijing,102249,China

出　　处：《Computers, Materials & Continua》2025年第5期2207-2220,共14页计算机、材料和连续体(英文)

基　　金：supported by theHigher Education Research Project of Jilin Province:JGJX24C118;the National Defense Basic Scientific Research Program of China(No.JCKY2023602C026).

摘　　要：With the rapid proliferation of Internet ofThings(IoT)devices,ensuring their communication security has become increasingly important.Blockchain and smart contract technologies,with their decentralized nature,provide strong security guarantees for IoT.However,at the same time,smart contracts themselves face numerous security challenges,among which reentrancy vulnerabilities are particularly prominent.Existing detection tools for reentrancy vulnerabilities often suffer from high false positive and false negative rates due to their reliance on identifying patterns related to specific transfer functions.To address these limitations,this paper proposes a novel detection method that combines pattern matching with deep learning.Specifically,we carefully identify and define three common patterns of reentrancy vulnerabilities in smart contracts.Then,we extract key vulnerability features based on these patterns.Furthermore,we employ a Graph Attention Neural Network to extract graph embedding features from the contract graph,capturing the complex relationships between different components of the contract.Finally,we use an attention mechanism to fuse these two sets of feature information,enhancing the weights of effective information and suppressing irrelevant information,thereby significantly improving the accuracy and robustness of vulnerability detection.Experimental results demonstrate that our proposed method outperforms existing state-ofthe-art techniques,achieving a 3.88%improvement in accuracy compared to the latest vulnerability detection model AME(Attentive Multi-Encoder Network).This indicates that our method effectively reduces false positives and false negatives,significantly enhancing the security and reliability of smart contracts in the evolving IoT ecosystem.

关 键 词：Smart contract Internet of Things reentrancy vulnerabilities graph neural network 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]