Smart Contract Weakness Analyzer Based on Concolic Testing 


Vol. 48,  No. 6, pp. 668-679, Jun.  2021
10.5626/JOK.2021.48.6.668


PDF

  Abstract

Ethereum is a blockchain-based cryptocurrency platform that provides a Turing complete language, Solidity, which can be used to develop smart contracts for various applications. This paper present an analyzer that finds security weaknesses in smart contracts using the concolic testing framework. Concolic testing, which combines symbolic execution and testing, is more efficient than symbolic execution while retaining no false positiveness which is absent in static analysis. Also, the analyzer reflects actual execution context to the maximum extent possible using the Ethereum execution environment, the Geth testnet. The analyzer detects integer overflow and unhandled exception weakness. Also, this paper presents performance test results in comparison with a well known smart contract symbolic execution framework, Manticore.


  Statistics
Cumulative Counts from November, 2022
Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.


  Cite this article

[IEEE Style]

I. Jeon and J. Ahn, "Smart Contract Weakness Analyzer Based on Concolic Testing," Journal of KIISE, JOK, vol. 48, no. 6, pp. 668-679, 2021. DOI: 10.5626/JOK.2021.48.6.668.


[ACM Style]

Inseong Jeon and Joonseon Ahn. 2021. Smart Contract Weakness Analyzer Based on Concolic Testing. Journal of KIISE, JOK, 48, 6, (2021), 668-679. DOI: 10.5626/JOK.2021.48.6.668.


[KCI Style]

전인성, 안준선, "콘콜릭 테스팅 기반 스마트 컨트랙트 보안약점 분석기," 한국정보과학회 논문지, 제48권, 제6호, 668~679쪽, 2021. DOI: 10.5626/JOK.2021.48.6.668.


[Endnote/Zotero/Mendeley (RIS)]  Download


[BibTeX]  Download



Search




Journal of KIISE

  • ISSN : 2383-630X(Print)
  • ISSN : 2383-6296(Electronic)
  • KCI Accredited Journal

Editorial Office

  • Tel. +82-2-588-9240
  • Fax. +82-2-521-1352
  • E-mail. chwoo@kiise.or.kr