Detecting vulnerabilities in smart contract within blockchain: a review and comparative analysis of key approaches

Kissoon, Yoganand and Bekaroo, Girish ORCID: https://orcid.org/0000-0003-1753-4300 (2022) Detecting vulnerabilities in smart contract within blockchain: a review and comparative analysis of key approaches. 2022 3rd International Conference on Next Generation Computing Applications (NextComp). In: IEEE Nextcomp 2022, 06-07 Oct 2022, Flic-en-Flac, Mauritius. e-ISBN 9781665469548, e-ISBN 9781665469531, pbk-ISBN 9781665469555. [Conference or Workshop Item] (doi:10.1109/nextcomp55567.2022.9932169)

Preview

PDF - Final accepted version (with author's formatting)
Download (674kB) | Preview

Official URL: https://doi.org/10.1109/NextComp55567.2022.9932169

Abstract

Blockchain technology was created with security in mind. However, in recent years, there has been various confirmed cases of breach, worth billions of dollars loss in Blockchain associated to smart contracts. In order to address this growing concern, it is crucial to investigate detection and mitigation of vulnerabilities in smart contract, and this paper critically reviews and analyses key approaches for detecting vulnerabilities in smart contract within Blockchain. In order to achieve the purpose of this paper, five key approaches, notably the application of OWASP Top 10, SCSVS, vulnerability detection tools, fuzz testing and the AI-driven approaches are critically reviewed and compared. As part of the comparison performed, a penetration testing quality model was applied to study six quality metrics, notably extensibility, maintainability, domain coverage, usability, availability and reliability. Results revealed limitations of the studied vulnerability detection approaches and findings are expected to help in decision making especially when selecting approaches to be used during security analysis and pen-testing.

Item Type:	Conference or Workshop Item (Paper)
Sustainable Development Goals:	Goal 9: Industry, Innovation, and Infrastructure
Theme:	Creativity, Culture & Enterprise
Keywords (uncontrolled):	Blockchain, Smart Contracts, Vulnerability Detection, Penetration Testing Methodologies, Security Analysis
Research Areas:	A. > School of Science and Technology
Item ID:	36783
Notes on copyright:	© 2022 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Useful Links:	Publisher's T&Cs
Depositing User:	Jisc Publications Router
Date Deposited:	21 Nov 2022 12:51
Last Modified:	22 Nov 2022 12:20
URI:	https://eprints.mdx.ac.uk/id/eprint/36783

Actions (login required)

View Item

Statistics

DownloadsShow export options

Activity Overview

6 month trend

56Downloads

6 month trend

33Hits

Additional statistics are available via IRStats2.

CORE (COnnecting REpositories)