AIPUB归智期刊联盟

微信公众号

网站二维码

2025年4月7日 19:29 星期一
首页 > 过刊浏览>2023年第32卷第9期 >257-264. DOI:10.15888/j.cnki.csa.009249
PDF HTML阅读 XML下载 导出引用 引用提醒
基于交易序列分层变异的EVM模糊测试
作者:
基金项目:

国家自然科学基金(62172305); 湖北省重点研发计划(2021BAA027)


Fuzzer for EVM Based on Hierarchical Variation of Transaction Sequences
Author:
  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [28]
    • |
  • 相似文献
    • | | |
  • 文章评论
    摘要:

    以太坊虚拟机是以太坊区块链中关键组成部分, 其缺陷会导致交易的执行结果出现偏差, 给以太坊生态带来严重问题. 现有的以太坊虚拟机缺陷检测工作仅将虚拟机视为独立的智能合约执行工具, 没有完整测试其工作流程, 从而导致缺陷检测存在盲点. 针对上述问题, 提出了一种以太坊虚拟机运行全过程的缺陷检测方法(ETHCOV). ETHCOV首先结合权重策略指导智能合约、合约接口参数输入和交易序列按不同粒度变异, 然后将其与区块状态以及世界状态打包作为测试用例, 最后将测试用例输入到以太坊虚拟机中触发运行并对比检验运行结果, 以此来检测以太坊虚拟机的漏洞缺陷. 基于上述方法实现了一个原型系统, 并以2万多个真实智能合约作为为输入对以太坊虚拟机进行缺陷检测测试. 实验结果表明, 相较于现有工具EVMFuzzer, ETHCOV的测试效率提升了339%, 代码覆盖率提升了125%, 并检测出3组用例的不一致输出. 这些结果表明ETHCOV能有效检测以太坊虚拟机的缺陷.

    Abstract:

    The Ethereum virtual machine (EVM) is a key component of the Ethereum blockchain, and its defects will cause deviations in the execution results of transactions, which will bring serious problems to the Ethereum ecosystem. The existing work on EVM defect detection only treats the virtual machine as an independent smart contract execution tool and does not fully test its workflow, resulting in blind spots in defect detection. To solve the above problems, a defect detection method for the whole process of EVM operation (ETHCOV) is proposed. ETHCOV first combines the weight strategy to guide smart contracts, contract interface parameter inputs, and transaction sequences to vary at different granularities. It then packages them with block state and world state as test cases and finally inputs the test cases into the EVM to trigger the run and compare the test run results, so as to detect the vulnerabilities in the EVM. Based on the above method, a prototype system is implemented and more than 20 000 real smart contracts are tested as input to the EVM for defect detection. Experimental results show that compared with the existing tool EVMFuzzer, ETHCOV improves the test efficiency by 339% and the code coverage by 125%, and the inconsistent output of three sets of test cases is detected. These results show that ETHCOV can effectively detect defects in the EVM.

    参考文献
    [1] Hildenbrandt E, Saxena M, Rodrigues N, et al. KEVM: A complete formal semantics of the Ethereum virtual machine. Proceedings of the 31st IEEE Computer Security Foundations Symposium. Oxford: IEEE, 2018. 204–217.
    [2] Buterin V. Ethereum: A next-generation smart contract and decentralized application platform. https://ethereum.org/zh/whitepaper/. [2022-09-06].
    [3] Wood G. Ethereum: A secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper, 2014, 151: 1–32
    [4] Antonopoulos AM, Wood DG. Mastering Ethereum: Building Smart Contracts and DApps. Sebastopol: O’Reilly Media, 2018. 204–206.
    [5] Saad M, Spaulding J, Njilla L, et al. Exploring the attack surface of blockchain: A comprehensive survey. IEEE Communications Surveys & Tutorials, 2020, 22(3): 1977–2008. [doi: 10.1109/COMST.2020.2975999
    [6] Fu Y, Ren M, Ma FC, et al. EVMFuzzer: Detect EVM vulnerabilities via fuzz testing. Proceedings of the 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. Tallinn: ACM, 2019. 1110–1114.
    [7] Ma FC, Ren M, Fu Y, et al. Security reinforcement for Ethereum virtual machine. Information Processing & Management, 2021, 58(4): 102565
    [8] Cassez F, Fuller J, Ghale MK, et al. Formal and executable semantics of the Ethereum virtual machine in Dafny. Proceedings of the 25th International Symposium on Formal Methods. Lübeck: Springer, 2023. 571–583.
    [9] Yang WC, Peng J. Research on EVM-based smart contract runtime self-protection technology framework. Proceedings of the 34th International Conference on Web, Artificial Intelligence and Network Applications. Caserta: Springer, 2020. 617–627.
    [10] Kalodner HA, Goldfeder S, Chen XQ, et al. Arbitrum: Scalable, private smart contracts. Proceedings of the 27th USENIX Security Symposium. Baltimore: USENIX Association, 2018. 1353–1370.
    [11] 贺海武, 延安, 陈泽华. 基于区块链的智能合约技术与应用综述. 计算机研究与发展, 2018, 55(11): 2452–2466
    [12] Liao JW, Tsai TT, He CK, et al. SoliAudit: Smart contract vulnerability assessment based on machine learning and fuzz testing. Proceedings of the 6th International Conference on Internet of Things: Systems, Management and Security (IOTSMS). Granada: IEEE, 2019. 458–465.
    [13] Liu J, Li PL, Cheng R, et al. Parallel and asynchronous smart contract execution. IEEE Transactions on Parallel and Distributed Systems, 2022, 33(5): 1097–1108. [doi: 10.1109/TPDS.2021.3095234
    [14] Mehar MI, Shier CL, Giambattista A, et al. Understanding a revolutionary and flawed grand experiment in blockchain: The DAO attack. Journal of Cases on Information Technology, 2019, 21(1): 19–32. [doi: 10.4018/JCIT.2019010102
    [15] Zhou SF, Yang ZM, Xiang J, et al. An ever-evolving game: Evaluation of real-world attacks and defenses in Ethereum ecosystem. Proceedings of the 29th USENIX Security Symposium. USENIX Association, 2020. 2793–2810.
    [16] 张阳, 佟思明, 程亮, 等. 模糊测试改进技术评估. 计算机系统应用, 2022, 31(10): 1–14. [doi: 10.15888/j.cnki.csa.008680
    [17] 杨克, 贺也平, 马恒太, 等. 有效覆盖引导的定向灰盒模糊测试. 软件学报, 2022, 33(11): 3967–3982. [doi: 10.13328/j.cnki.jos.006331
    [18] He JX, Balunović M, Ambroladze N, et al. Learning to fuzz from symbolic execution with application to smart contracts. Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. London: ACM, 2019. 531–548.
    [19] Manès VJM, Han H, Han C, et al. The art, science, and engineering of fuzzing: A survey. IEEE Transactions on Software Engineering, 2021, 47(11): 2312–2331. [doi: 10.1109/TSE.2019.2946563
    [20] Jiang B, Liu Y, Chan WK. ContractFuzzer: Fuzzing smart contracts for vulnerability detection. Proceedings of the 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE). Montpellier: IEEE, 2018. 259–269.
    [21] Jiang B, Li ZC, Huang YH, et al. WasmFuzzer: A fuzzer for WasAssembly virtual machines. Proceedings of the 34th International Conference on Software Engineering and Knowledge Engineering. Pittsburgh: KSI Research Inc., 2022. 537–542.
    [22] Lin IC, Liao TC. A survey of blockchain security issues and challenges. International Journal of Network Security, 2017, 19(5): 653–659. [doi: 10.6633/IJNS.201709.19(5).01
    [23] 林敏, 张超. 针对WebAssembly虚拟机的模糊测试方案. 网络安全技术与应用, 2020, (6): 15–18
    [24] 欧阳丽炜, 王帅, 袁勇, 等. 智能合约: 架构及进展. 自动化学报, 2019, 45(3): 445–457
    [25] 王文硕, 程亮, 张阳, 等. 基于函数重要度的模糊测试方法. 计算机系统应用, 2021, 30(11): 145–154. [doi: 10.15888/j.cnki.csa.008127
    [26] Peng H, Shoshitaishvili Y, Payer M. T-Fuzz: Fuzzing by program transformation. Proceedings of the 2018 IEEE Symposium on Security and Privacy. San Francisco: IEEE, 2018. 697–710.
    [27] Li J, Zhao BD, Zhang C. Fuzzing: A survey. Cybersecurity, 2018, 1(1): 6. [doi: 10.1186/s42400-018-0002-y
    [28] Böhme M, Pham VT, Roychoudhury A. Coverage-based greybox fuzzing as Markov chain. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. Vienna: ACM, 2016. 1032–1043.
    相似文献
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

周潮晖,赵易如,刘佩,王笑克,童铃皓,赵磊.基于交易序列分层变异的EVM模糊测试.计算机系统应用,2023,32(9):257-264

复制
分享
文章指标
  • 点击次数:731
  • 下载次数: 1567
  • HTML阅读次数: 1036
  • 引用次数: 0
历史
  • 收稿日期:2023-03-04
  • 最后修改日期:2023-04-04
  • 在线发布日期: 2023-07-14
文章二维码
友情链接:中国科学院软件研究所中国计算机学会中国科学院国家自然科学基金委员会软件学报
您是第11304388位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京海淀区中关村南四街4号 中科院软件园区 7号楼305房间,邮政编码:100190
电话:010-62661041 传真: Email:csa (a) iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号