2023安全与软工顶会/刊中区块链智能合约相关论文
前言
主要整理了2023年四大安全顶会、四大软工顶会和两个软工顶刊中,有关区块链智能合约的相关论文。
搜索方式是:在 dblp 中该顶会的页面列表直接使用 Ctrl + F 搜索 block 、smart contract,所以如若名字中没有,可能会有遗漏。
搜集包含有:
软工顶会:ISSTA、FSE、ASE、ICSE
软工顶刊:TOSEM、TSE
安全顶会:S&P、USENIX Security、CCS、NDSS
软工顶会
ISSTA
1、ItyFuzz: Snapshot-Based Fuzzer for Smart Contract.
2、Definition and Detection of Defects in NFT Smart Contracts.
3、iSyn: Semi-automated Smart Contract Synthesis from Legal Financial Agreements.
4、SmartState: Detecting State-Reverting Vulnerabilities in Smart Contracts via Fine-Grained State-Dependency Analysis.
5、DeFiTainter: Detecting Price Manipulation Vulnerabilities in DeFi Protocols.
6、Beyond "Protected" and "Private": An Empirical Security Analysis of Custom Function Modifiers in Smart Contracts.
7、Automated Generation of Security-Centric Descriptions for Smart Contract Bytecode.
8、Toward Automated Detecting Unanticipated Price Feed in Smart Contract.
FSE
未出,11.17完会。
ASE
未出,9.15完会。
ICSE
1、Smartmark: Software Watermarking Scheme for Smart Contracts.
2、Turn the Rudder: A Beacon of Reentrancy Detection for Smart Contracts on Ethereum.
3、BSHUNTER: Detecting and Tracing Defects of Bitcoin Scripts.
4、Demystifying Exploitable Bugs in Smart Contracts.
5、AChecker: Statically Detecting Smart Contract Access Control Vulnerabilities.
软工顶刊
TOSEM
1、TokenAware: Accurate and Efficient Bookkeeping Recognition for Token Smart Contracts.
2、Storage State Analysis and Extraction of Ethereum Blockchain Smart Contracts.
3、Is My Transaction Done Yet? An Empirical Study of Transaction Processing Times in the Ethereum Blockchain Platform.
4、Pied-Piper: Revealing the Backdoor Threats in Ethereum ERC Token Contracts.
5、Securing the Ethereum from Smart Ponzi Schemes: Identification Using Static Features.
TSE
1、Large-Scale Empirical Study of Inline Assembly on 7.6 Million Ethereum Smart Contracts.
2、Code Cloning in Smart Contracts on the Ethereum Platform: An Extended Replication Study.
3、Towards Saving Blockchain Fees via Secure and Cost-Effective Batching of Smart-Contract Invocations.
4、Combatting Front-Running in Smart Contracts: Attack Mining, Benchmark Construction and Vulnerability Detector Evaluation.
5、Demystifying Random Number in Ethereum Smart Contract: Taxonomy, Vulnerability Identification, and Attack Detection.
安全顶会
S&P
1、Clockwork Finance: Automated Analysis of Economic Security in Smart Contracts.
2、SoK: Decentralized Finance (DeFi) Attacks.
以下非智能合约,区块链相关:
3、Three Birds with One Stone: Efficient Partitioning Attacks on Interdependent Cryptocurrency Networks.(加密网络)
4、Bitcoin-Enhanced Proof-of-Stake Security: Possibilities and Impossibilities.(比特币)
5、Optimistic Fast Confirmation While Tolerating Malicious Majority in Blockchains.(区块链)
6、Tyr: Finding Consensus Failure Bugs in Blockchain System with Behaviour Divergent Model.(区块链)
USENIX Security
以下根据会议中归属的不同session划分.
Smart Contracts
1、Your Exploit is Mine: Instantly Synthesizing Counterattack Smart Contract.
2、Smart Learning to Find Dumb Contracts.
3、Confusum Contractum: Confused Deputy Vulnerabilities in Ethereum Smart Contracts.
4、Panda: Security Analysis of Algorand Smart Contracts.
5、Proxy Hunting: Understanding and Characterizing Proxy-based Upgradeable Smart Contracts in Blockchains.
Security-Adjacent Worker Perspectives
6、A Mixed-Methods Study of Security Practices of Smart Contract Developers.
Ethereum Security
7、A Large Scale Study of the Ethereum Arbitrage Ecosystem.
8、ACon2: Adaptive Conformal Consensus for Provable Blockchain Oracles.
9、Snapping Snap Sync: Practical Attacks on Go Ethereum Synchronising Nodes.
10、Token Spammers, Rug Pulls, and Sniper Bots: An Analysis of the Ecosystem of Tokens in Ethereum and in the Binance Smart Chain (BNB).
11、Automated Inference on Financial Security of Ethereum Smart Contracts.
It's All Fun and Games Until...
12、The Blockchain Imitation Game.
Decentralized Finance
13、Anatomy of a High-Profile Data Breach: Dissecting the Aftermath of a Crypto-Wallet Case.
14、Glimpse: On-Demand PoW Light Client with Constant-Size Storage for DeFi.
15、Mixed Signals: Analyzing Ground-Truth Data on the Users and Economics of a Bitcoin Mixing Service.
16、Is Your Wallet Snitching On You? An Analysis on the Privacy Implications of Web3.
CCS
未出,11.30完会。
NDSS
1、Smarter Contracts: Detecting Vulnerabilities in Smart Contracts with Deep Transfer Learning.
2、POSE: Practical Off-chain Smart Contract Execution.
以下非智能合约,区块链相关:
3、On the Anonymity of Peer-To-Peer Network Anonymity Schemes Used by Cryptocurrencies.(加密网络)
4、LOKI: State-Aware Fuzzing Framework for the Implementation of Blockchain Consensus Protocols.(区块链 共识)
5、Partitioning Ethereum without Eclipsing It.(以太坊分区攻击)
6、Real Threshold ECDSA.(签名算法)
7、Cryptographic Oracle-based Conditional Payments.(支付场景)
8、BlockScope: Detecting and Investigating Propagated Vulnerabilities in Forked Blockchain Projects.(区块链漏洞)
9、Breaking and Fixing Virtual Channels: Domino Attack and Donner.(虚拟通道)
10、He-HTLC: Revisiting Incentives in HTLC.(哈希时间锁定合约)
11、Double and Nothing: Understanding and Detecting Cryptocurrency Giveaway Scams.(Giveaway scams)