Hybrid N-Gram and LSTM Feature-Based Model for Detecting Smart Contract Vulnerabilities
摘要
Smart contracts are now a key element in decentralized applications, facilitating automated and trustless execution of agreements within blockchain ecosystems. However, these contracts remain susceptible to various security vulnerabilities, particularly reentrancy attacks, underscoring the need for effective detection mechanisms. In this paper, we propose a novel hybrid machine learning (ML) approach for detecting reentrancy vulnerabilities in smart contracts. To label the smart contracts for the presence of vulnerabilities, we utilized two widely recognized vulnerability detection tools, Oyente and Securify, ensuring accurate and consistent classification. Our method integrates Long Short-Term Memory (LSTM) networks, which capture long-range dependencies within the tokenized and embedded smart contract code using Word2Vec, and N-gram analysis, which extracts opcode-level execution patterns. Additionally, Synthetic Minority Over-sampling Technique (SMOTE) is applied to address class imbalance. By combining these feature extraction techniques, the model captures both sequential and operational aspects of the contracts. The fused features are then classified using XGBoost, achieving an accuracy of 92.06%, with a sensitivity of 93.50% and a specificity of 92.86%.