Detecting Vulnerabilities in Smart Contract within Blockchain: A Review and Comparative Analysis of Key Approaches
Version: 1,
Uploaded by: Administrator,
Date Uploaded:
26 November 2022
Warning
You are about to be redirected to a website not operated by the Mauritius Research and Innovation Council. Kindly note that we are not responsible for the availability or content of the linked site. Are you sure you want to leave this page?
Blockchain technology was created with security
in mind. However, in recent years, there has been various
confirmed cases of breach, worth billions of dollars loss in
Blockchain associated to smart contracts. In order to address
this growing concern, it is crucial to investigate detection and
mitigation of vulnerabilities in smart contract, and this paper
critically reviews and analyses key approaches for detecting
vulnerabilities in smart contract within Blockchain. In order to
achieve the purpose of this paper, five key approaches, notably
the application of OWASP Top 10, SCSVS, vulnerability
detection tools, fuzz testing and the AI-driven approaches are
critically reviewed and compared. As part of the comparison
performed, a penetration testing quality model was applied to
study six quality metrics, notably extensibility, maintainability,
domain coverage, usability, availability and reliability. Results
revealed limitations of the studied vulnerability detection
approaches and findings are expected to help in decision making
especially when selecting approaches to be used during security
analysis and pen-testing.