Wang et al., 2024 - Google Patents
A systematic literature review on smart contract vulnerability detection by symbolic executionWang et al., 2024
- Document ID
- 1614395966651816639
- Author
- Wang Y
- Sheng S
- Wang Y
- Publication year
- Publication venue
- International Conference on Blockchain and Trustworthy Systems
External Links
Snippet
Symbolic execution emerges as a potent method for software testing, progressively tackling the unique complexities associated with smart contract testing. Leveraging path exploration and constraint-solving mechanisms, symbolic execution uncovers potential vulnerabilities in …
- 238000001514 detection method 0 title abstract description 35
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3604—Software analysis for verifying properties of programs
- G06F11/3612—Software analysis for verifying properties of programs by runtime analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformations of program code
- G06F8/41—Compilation
- G06F8/43—Checking; Contextual analysis
- G06F8/436—Semantic checking
- G06F8/437—Type checking
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/445—Programme loading or initiating
- G06F9/44589—Programme code verification, e.g. Java bytecode verification, proof-carrying code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/455—Emulation; Software simulation, i.e. virtualisation or emulation of application or operating system execution engines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/77—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Chen et al. | When chatgpt meets smart contract vulnerability detection: How far are we? | |
| CN109992970B (en) | JAVA deserialization vulnerability detection system and method | |
| Wang et al. | A systematic literature review on smart contract vulnerability detection by symbolic execution | |
| Ressi et al. | Vulnerability detection in ethereum smart contracts via machine learning: A qualitative analysis | |
| Arzt et al. | The soot-based toolchain for analyzing android apps | |
| Nisi et al. | Lost in the loader: The many faces of the windows pe file format | |
| Gomes et al. | Static code analysis for iot security: A systematic literature review | |
| Staderini et al. | Security evaluation and improvement of solidity smart contracts | |
| Simsek et al. | Pocgen: Generating proof-of-concept exploits for vulnerabilities in npm packages | |
| Shafiuzzaman et al. | STASE: Static analysis guided symbolic execution for UEFI vulnerability signature generation | |
| Chen et al. | SmartPoC: Generating Executable and Validated PoCs for Smart Contract Bug Reports | |
| Gao et al. | sverify: Verifying smart contracts through lazy annotation and learning | |
| He et al. | A Systematic Review and Performance Evaluation of Open-Source Tools for Smart Contract Vulnerability Detection. | |
| Duraibi et al. | A Survey of Symbolic Execution Tools | |
| Cesarano et al. | Gosurf: identifying software supply chain attack vectors in Go | |
| Goichon et al. | Static vulnerability detection in Java service-oriented components | |
| Wang et al. | A Tale of 1001 LoC: Potential Runtime Error-Guided Specification Synthesis for Verifying Large-Scale Programs | |
| Zhang et al. | Lightweight automated detection of unsafe information leakage via exceptions | |
| Mekkouri et al. | Practices for Assessing the Security Level of Solidity Smart Contracts | |
| Wang et al. | Preguss: It Analyzes, It Specifies, It Verifies | |
| Chen et al. | PREXP: Uncovering and Exploiting Security-Sensitive Objects in the Linux Kernel | |
| Peng | Attack surface analysis and code coverage improvement for fuzzing | |
| Shyamasundar et al. | Enhancing robustness of smart contracts through declarations | |
| GOMES et al. | Static Code Analysis for IoT Security: A Systematic | |
| Kubrin et al. | Searching for software vulnerabilities using an ensemble of algorithms for the analysis of a graph representation of the code |