<p>Smart contracts are vulnerable to security risks introduced during development, while existing detection methods often suffer from high false positive rates and limited scalability on large contract repositories. To address these issues, this paper proposes a scalable vulnerability detection framework that integrates dynamic key node sampling with deep semantic edge enhancement. Control flow and data flow information is incorporated into a simplified abstract syntax tree (AST) to construct a semantic association graph (SAG), capturing inter-statement dependencies in smart contracts. GraphSAGE is then employed to dynamically prioritize vulnerability-related key nodes, and a multilayer Transformer is designed to model deep semantic dependencies among edges using self-attention and positional encoding. By jointly modeling large-scale graph structures and attention-based interactions, the proposed framework supports efficient, high-throughput vulnerability analysis. Experimental results on a large number of open-source datasets show that the proposed method achieves F1-scores of 96% on Reentrancy, 91% on Timestamp Dependency, 91% on Tx.origin, and 89% on Integer Overflow vulnerabilities, demonstrating its effectiveness and scalability.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A smart contract vulnerability detection method based on deep semantic feature fusion

  • Nannan Xie,
  • Yangfan Wang,
  • Mohan Jia,
  • Jing Kong

摘要

Smart contracts are vulnerable to security risks introduced during development, while existing detection methods often suffer from high false positive rates and limited scalability on large contract repositories. To address these issues, this paper proposes a scalable vulnerability detection framework that integrates dynamic key node sampling with deep semantic edge enhancement. Control flow and data flow information is incorporated into a simplified abstract syntax tree (AST) to construct a semantic association graph (SAG), capturing inter-statement dependencies in smart contracts. GraphSAGE is then employed to dynamically prioritize vulnerability-related key nodes, and a multilayer Transformer is designed to model deep semantic dependencies among edges using self-attention and positional encoding. By jointly modeling large-scale graph structures and attention-based interactions, the proposed framework supports efficient, high-throughput vulnerability analysis. Experimental results on a large number of open-source datasets show that the proposed method achieves F1-scores of 96% on Reentrancy, 91% on Timestamp Dependency, 91% on Tx.origin, and 89% on Integer Overflow vulnerabilities, demonstrating its effectiveness and scalability.