Xingyu Zeng¹, Hua Zhang^1,*, Chaosong Yan², Liu Zhao¹, Qiaoyan Wen¹

Intelligent Automation & Soft Computing, Vol.33, No.2, pp. 997-1008, 2022, DOI:10.32604/iasc.2022.022801

Abstract Blockchain technology is known as a decentralized, distributed ledger that records digital asset. It has been applied in numbers of aspects of society, including finance, judiciary and commerce. Ethereum is referred to as the next generation decentralized application platform. It is one of the most popular blockchain platforms that supports smart contracts. Smart contract is a set of codes that sored on blockchain and can be called and created as turing-complete programs running on the blockchain. Developers use smart contracts to build decentralized applications (Dapp) which has widely used cryptocurrency related project. As smart contracts become more popular and more… More >

Zaoyu Wei^1,*, Jiaqi Wang², Xueqi Shen¹, Qun Luo¹

Journal of Information Hiding and Privacy Protection, Vol.2, No.1, pp. 35-45, 2020, DOI:10.32604/jihpp.2020.010331

Abstract Smart contract has greatly improved the services and capabilities of blockchain, but it has become the weakest link of blockchain security because of its code nature. Therefore, efficient vulnerability detection of smart contract is the key to ensure the security of blockchain system. Oriented to Ethereum smart contract, the study solves the problems of redundant input and low coverage in the smart contract fuzz. In this paper, a taint analysis method based on EVM is proposed to reduce the invalid input, a dangerous operation database is designed to identify the dangerous input, and genetic algorithm is used to optimize the… More >

Tianjun Wu, Yuexiang Yang

Intelligent Automation & Soft Computing, Vol.25, No.4, pp. 755-766, 2019, DOI:10.31209/2019.100000079

Abstract While many research efforts have been around auditing individual android apps, the security issues related to the interaction among multiple apps are less studied. Due to the hidden nature of Inter-App communications, few existing security tools are able to detect such related vulnerable behaviors. This paper proposes to perform overall security auditing using dynamic analysis techniques. We focus on data leakage as it is one of the most common vulnerabilities for Android applications. We present an app auditing system AppWalker, which uses concolic execution on a set of apps. We use static Inter-App taint analysis to guide the dynamic auditing… More >

Zaoyu Wei^{1, *}, Jiaqi Wang², Xueqi Shen¹, Qun Luo¹

Journal of Quantum Computing, Vol.2, No.1, pp. 11-24, 2020, DOI:10.32604/jqc.2020.010815

Abstract Smart contract has greatly improved the services and capabilities of blockchain, but it has become the weakest link of blockchain security because of its code nature. Therefore, efficient vulnerability detection of smart contract is the key to ensure the security of blockchain system. Oriented to Ethereum smart contract, the study solves the problems of redundant input and low coverage in the smart contract fuzz. In this paper, a taint analysis method based on EVM is proposed to reduce the invalid input, a dangerous operation database is designed to identify the dangerous input, and genetic algorithm is used to optimize the… More >