EthScope: A Transaction-centric Security Analytics Framework to Detect Malicious Smart Contracts on Ethereum

As one of the representative blockchain platforms, Ethereum has attracted lots of attacks. Due to the potential financial loss, there is a pressing need to detect malicious smart contracts and understand their behaviors. Though there exist multiple systems for smart contract analysis, they cannot efficiently analyze a large number of transactions and re-execute smart contracts to introspect malicious behaviors. In this paper, we urge for a transaction-centric security analytics framework for Ethereum, which provides an efficient way to quickly locate suspicious ones from a large number of transactions and extensible way to detect malicious smart contracts with analyst-provided scripts. We present the system design in the paper, which solves three technical challenges, i.e., incomplete states, scalability and extensibility. We have implemented a prototype system named EthScope to solve these challenges. In particular, the first component Data Aggregator collects and recovers critical blockchain states. The second component Replay Engine is able to {replay} arbitrary and a large number of transactions. The third component Instrumentation Framework exposes interfaces for an analyst to dynamically instrument smart contracts and introspect the execution of suspicious transactions. The comprehensive evaluation with six types of attacks demonstrated the effectiveness of our system. The performance evaluation shows that our system can perform a large-scale analysis on suspicious transactions (more than 8 million ones) and has a speed up of around 2,300x compared with the JSTracer provided by Go-Ethereum. To engage the community, we will release our system and a dataset of detected attacks on this https URL.

[1]  Mislav Balunovic,et al.  Learning to Fuzz from Symbolic Execution with Application to Smart Contracts , 2019, CCS.

[2]  Yuxing Tang,et al.  SODA: A Generic Online Detection Framework for Smart Contracts , 2020, NDSS.

[3]  Ying Wang,et al.  An Adaptive Gas Cost Mechanism for Ethereum to Defend Against Under-Priced DoS Attacks , 2017, ISPEC.

[4]  Ye Liu,et al.  ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection , 2018, 2018 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE).

[5]  Xiapu Luo,et al.  DataEther: Data Exploration Framework For Ethereum , 2019, 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS).

[6]  Prateek Saxena,et al.  Finding The Greedy, Prodigal, and Suicidal Contracts at Scale , 2018, ACSAC.

[7]  Zibin Zheng,et al.  Detecting Ponzi Schemes on Ethereum: Towards Healthier Blockchain Technology , 2018, WWW.

[8]  Robert Norvill,et al.  ÆGIS: Smart Shielding of Smart Contracts , 2019, CCS.

[9]  Sukrit Kalra,et al.  ZEUS: Analyzing Safety of Smart Contracts , 2018, NDSS.

[10]  Dimitar Dimitrov,et al.  VerX: Safety Verification of Smart Contracts , 2020, 2020 IEEE Symposium on Security and Privacy (SP).

[11]  Valentin Wüstholz,et al.  Harvey: a greybox fuzzer for smart contracts , 2019, ESEC/SIGSOFT FSE.

[12]  Xiaodong Lin,et al.  Understanding Ethereum via Graph Analysis , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications.

[13]  Heejo Lee,et al.  VERISMART: A Highly Precise Safety Verifier for Ethereum Smart Contracts , 2019, 2020 IEEE Symposium on Security and Privacy (SP).

[14]  Vincent Gramoli,et al.  Vandal: A Scalable Security Analysis Framework for Smart Contracts , 2018, ArXiv.

[15]  Radu State,et al.  Osiris: Hunting for Integer Bugs in Ethereum Smart Contracts , 2018, ACSAC.

[16]  Ittai Abraham,et al.  Online detection of effectively callback free objects with applications to smart contracts , 2017, Proc. ACM Program. Lang..

[17]  Ghassan O. Karame,et al.  Sereum: Protecting Existing Smart Contracts Against Re-Entrancy Attacks , 2018, NDSS.

[18]  Jun Sun,et al.  sFuzz: An Efficient Adaptive Fuzzer for Solidity Smart Contracts , 2020, 2020 IEEE/ACM 42nd International Conference on Software Engineering (ICSE).

[19]  Prateek Saxena,et al.  Making Smart Contracts Smarter , 2016, IACR Cryptol. ePrint Arch..

[20]  Fei Peng,et al.  X-Force: Force-Executing Binary Programs for Security Applications , 2014, USENIX Security Symposium.

[21]  Petar Tsankov,et al.  Securify: Practical Security Analysis of Smart Contracts , 2018, CCS.