Vulseye: Detect Smart Contract Vulnerabilities via Stateful Directed Graybox Fuzzing

Liang, Ruichao; Chen, Jing; Wu, Cong; He, Kun; Wu, Yueming; Cao, Ruochen; Du, Ruiying; Zhao, Ziming; Liu, Yang

doi:10.1109/tifs.2025.3537827

articleIEEE Transactions on Information Forensics and SecurityJan 1, 2025Closed access

Vulseye: Detect Smart Contract Vulnerabilities via Stateful Directed Graybox Fuzzing

RLRuichao Liang JCJing Chen CWCong Wu KHKun He YWYueming Wu

Wuhan University · Nanyang Technological University · +1 more institution

Indexed incrossref

Abstract

Smart contracts, the cornerstone of decentralized applications, have become increasingly prominent in revolutionizing the digital landscape. However, vulnerabilities in smart contracts pose great risks to user assets and undermine overall trust in decentralized systems. Fuzzing, a prominent security testing technique, is extensively explored to detect vulnerabilities. But current smart contract fuzzers fall short of expectations in testing efficiency for two primary reasons. Firstly, smart contracts are stateful programs, and existing approaches, primarily coverage-guided, lack effective feedback from the contract state. Consequently, they struggle to effectively explore the contract state space. Secondly,…

Citation impact

51

total citations

FWCI: 94.42
Percentile: 100%
References: 43

Citations per year

Authors

9

Topics & keywords

Topics

Imbalanced Data Classification Techniques90%

Keywords

Fuzz testing
Stateful firewall
Computer science
Computer security
Programming language
Software
Network packet

No related works found for this paper.