利用情境感知分析於變異智能合約偵測組合式去中心化金融攻擊

吳家謙; Chia-Chien Wu

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/90575

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	蕭旭君	zh_TW
dc.contributor.advisor	Hsu-Chun Hsiao	en
dc.contributor.author	吳家謙	zh_TW
dc.contributor.author	Chia-Chien Wu	en
dc.date.accessioned	2023-10-03T16:42:02Z	-
dc.date.available	2023-11-10	-
dc.date.copyright	2023-10-03	-
dc.date.issued	2023	-
dc.date.submitted	2023-03-14	-
dc.identifier.citation	P. Bose, D. Das, Y. Chen, Y. Feng, C. Kruegel, and G. Vigna. Sailfish: Vetting smart contract state-inconsistency bugs in seconds. 2022 IEEE Symposium on Security and Privacy (SP), pages 161–178, 2022. L. Brent, N. Grech, S. Lagouvardos, B. Scholz, and Y. Smaragdakis. Ethainter: A smart contract security analyzer for composite vulnerabilities. In Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2020, page 454–469, New York, NY, USA, 2020. Asso- ciation for Computing Machinery. E. Cecchetti, S. Yao, H. Ni, and A. C. Myers. Compositional security for reen- trant applications. In 42nd IEEE Symposium on Security and Privacy, SP 2021, San Francisco, CA, USA, 24-27 May 2021, pages 1249–1267, 2021. CHAINSECURITY. Heartbreaks & curve lp oracles, August 2022. T. Chen, R. Cao, T. Li, X. Luo, G. Gu, Y. Zhang, Z. Liao, H. Zhu, G. Chen, Z. He, Y. Tang, X. Lin, and X. Zhang. SODA: A generic online detection frame-work for smart contracts. In 27th Annual Network and Distributed System Security Symposium, NDSS 2020, San Diego, California, USA, February 23-26, 2020. The Internet Society, 2020. P. Daian, S. Goldfeder, T. Kell, Y. Li, X. Zhao, I. Bentov, L. Breidenbach, and A. Juels. Flash boys 2.0: Frontrunning, transaction reordering, and consensus insta- bility in decentralized exchanges, 2019. J. Feist, G. Grieco, and A. Groce. Slither: A static analysis framework for smart contracts. In 2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), pages 8–15, 2019. J. Finneseth. Mango markets gets hacked for $100 million, but the culprit may al- ready have been identified, October 2022. G. Grieco, W. Song, A. Cygan, J. Feist, and A. Groce. Echidna: Effective, usable, and fast fuzzing for smart contracts. In Proceedings of the 29th ACM SIGSOFT InternationalSymposiumonSoftwareTestingandAnalysis,ISSTA2020,page557– 560, New York, NY, USA, 2020. Association for Computing Machinery. D. Havolli. Lossless defi helps recover $16.7m of cream finance exploit, October 2021. J. Huang, S. Han, W. You, W. Shi, B. Liang, J. Wu, and Y. Wu. Hunting vulnerable smart contracts via graph embedding based bytecode matching. IEEE Transactions on Information Forensics and Security, 16:2144–2156, 2021. J. Krupp and C. Rossow. teether: Gnawing at ethereum to automatically exploit smart contracts. In 27th USENIX Security Symposium (USENIX Security 18), pages 1317–1333, Baltimore, MD, Aug. 2018. USENIX Association. M.Mossberg,F.Manzano,E.Hennenfent,A.Groce,G.Grieco,J.Feist,T.Brunson, and A. Dinaburg. Manticore: A user-friendly symbolic execution framework for binaries and smart contracts. In 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE), pages 1186–1189, 2019. Peckshield.Uniswap/lendf.mehacks:Rootcauseandlossanalysis,November2022. N. Protocol. Post-mortem —flash-loan exploit in single nxusd market. . Accessed: 2022-1031. K. Qin, L. Zhou, and A. Gervais. Quantifying blockchain extractable value: How dark is the forest? In 2022 IEEE Symposium on Security and Privacy (SP), pages 198–214. IEEE, 2022. K. Qin, L. Zhou, B. Livshits, and A. Gervais. Attacking the defi ecosystem with flash loans for fun and profit. In Financial Cryptography and Data Security: 25th International Conference, FC 2021, Virtual Event, March 1–5, 2021, Revised Selected Papers, Part I, page 3–32, Berlin, Heidelberg, 2021. Springer-Verlag. M. Rodler, W. Li, G. O. Karame, and L. Davi. Sereum: Protecting existing smart contracts against re-entrancy attacks. arXiv preprint arXiv:1812.05934, 2018. D. Siegel. Understanding the dao hack for journalists, June 2016. Y. Smaragdakis, N. Grech, S. Lagouvardos, K. Triantafyllou, and I. Tsatiris. Sym- bolic value-flow static analysis: Deep, precise, complete modeling of ethereum smart contracts. Proc. ACM Program. Lang., 5(OOPSLA), oct 2021. P. Tolmach, Y. Li, S.-W. Lin, and Y. Liu. Formal analysis of composable defi pro- tocols, 2021. C. Torres, A. Iannillo, A. Gervais, and R. State. Confuzzius: A data dependency- aware hybrid fuzzer for smart contracts. In 2021 IEEE European Symposium on Security and Privacy (EuroS&P;P), pages 103–119, Los Alamitos, CA, USA, sep 2021. IEEE Computer Society. P. Tsankov, A. Dan, D. Drachsler-Cohen, A. Gervais, F. Bünzli, and M. Vechev. Securify: Practical security analysis of smart contracts. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS ’18, page 67–82, New York, NY, USA, 2018. Association for Computing Machinery. D. Wang, S. Wu, Z. Lin, L. Wu, X. Yuan, Y. Zhou, H. Wang, and K. Ren. To- wards a first step to understand flash loan and its applications in defi ecosystem. In Proceedings of the Ninth International Workshop on Security in Blockchain and Cloud Computing, SBC ’21, page 23–28, New York, NY, USA, 2021. Association for Computing Machinery. S.-H. Wang, C.-C. Wu, Y.-C. Liang, L.-H. Hsieh, and H.-C. Hsiao. Promutator: Detecting vulnerable price oracles in defi by mutated transactions. In 2021 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pages 380– 385, 2021. G. Wood et al. Ethereum: A secure decentralised generalised transaction ledger. Ethereum project yellow paper, 151(2014):1–32, 2014. S. Wu, D. Wang, J. He, Y. Zhou, L. Wu, X. Yuan, Q. He, and K. Ren. Defiranger: Detecting price manipulation attacks on defi applications, 2021. J. Xu, K. Paruch, S. Cousaert, and Y. Feng. SoK: Decentralized exchanges (DEX) with automated market maker (AMM) protocols. ACM Computing Surveys, nov 2022. M. Zhang, X. Zhang, Y. Zhang, and Z. Lin. TXSPECTOR: Uncovering attacks in ethereum from transactions. In 29th USENIX Security Symposium (USENIX Security 20), pages 2775–2792. USENIX Association, Aug. 2020. L.Zhou,K.Qin,A.Cully,B.Livshits,andA.Gervais.Onthejust-in-timediscovery of profit-generating transactions in defi protocols. In 2021 IEEE Symposium on Security and Privacy (SP), pages 919–936. IEEE, 2021. L. Zhou, X. Xiong, J. Ernstberger, S. Chaliasos, Z. Wang, Y. Wang, K. Qin, R. Wat- tenhofer, D. Song, and A. Gervais. Sok: Decentralized finance (defi) incidents, 2022.	-
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/90575	-
dc.description.abstract	去中心化金融（DeFi）攻擊在過去四年中造成超過36億美元的損失。然而，由於DeFi協議的可組合性，智能合約安全工具在攻擊前檢測這些漏洞的表現仍然很差。為了解決這個問題，我們提出了 DeFiMutator，這是第一個有效檢測導致價格操縱或獎勵操縱攻擊的DeFi組合漏洞的工具。受智能合約審計流程啟發，DeFiMutator首先根據常見的DeFi使用模式解碼合約互動情形。然後，在檢測到關鍵的外部調用時，DeFiMutator 會將漏洞動態插入到智能合約中。最後，使用上下文感知的污點分析來過濾插入的漏洞的誤報。當應用於19個收集的過去的DeFi攻擊事件時，DeFiMutator能夠檢測到其中的68％，而現有最先進的工具僅檢測到37％。此外，通過分析七天的交易數據，DeFiMutator在以太坊和BNB智能鏈上發現了197個易受攻擊的合約，並且有57％的準確率。	zh_TW
dc.description.abstract	Decentralized finance (DeFi) attacks have resulted in losses of more than US$3.6 billion in the past four years. Nevertheless, smart contract security tools still perform badly at detecting these vulnerabilities before attacks due to the composability of DeFi protocols. To address this problem, we present DeFiMutator, a first tool that efficiently detects DeFi compositional vulnerabilities leading to price-manipulation or reward-manipulation attacks. Inspired by the practices of human auditors, DeFiMutator first decodes protocol interactions according to common DeFi usage patterns. Then, when critical external calls are detected, the bugs are dynamically inserted into the smart contracts. Finally, false positives created by the inserted bugs are filtered using context-aware taint analysis. When applied to 19 collected past DeFi attack incidents, DeFiMutator was able to detect 68% of them, whereas a state-of-the-art tool only detected 37%. Furthermore, by analyzing seven days of transaction data, DeFiMutator discovered 197 vulnerable contracts on the Ethereum and BNB Smart Chain, with a 57% of accuracy rate.	en
dc.description.provenance	Submitted by admin ntu (admin@lib.ntu.edu.tw) on 2023-10-03T16:42:02Z No. of bitstreams: 0	en
dc.description.provenance	Made available in DSpace on 2023-10-03T16:42:02Z (GMT). No. of bitstreams: 0	en
dc.description.tableofcontents	摘要 iii Abstract v Contents vii Chapter 1 Introduction 1 Chapter 2 Background 5 2.1 Smart Contract 5 2.2 Decentralized Finance 6 2.2.1 Automated Market Maker 6 2.2.2 Price Oracle 6 2.2.3 Flash Loan 7 2.3 DeFi Composability 7 2.3.1 Price Dependency 8 2.3.2 Token-balance Dependency 9 Chapter 3 Challenges and Insights 11 3.1 Motivating Example 11 3.2 Challenges of Detecting DeFi Compositional Vulnerabilities 13 3.2.1 Identifying Interactions between DeFi Protocols 13 3.2.2 Defining DeFi Attacks 14 3.2.3 Buliding Multi-step Exploit Paths 15 3.3 Insight: The Auditing Process 16 3.3.1 Understanding DeFi Protocols through Analysis of Eeisting Transactions 16 3.3.2 Verifying Vulnerabilities through Proof-of Concept Exploits 17 Chapter 4 Design 19 4.1 Arcgutecture and Workflow 20 4.2 Understanding the DeFi with Existing Transactions and DeFi Context 21 4.3 Detecting DeFi Attacks with Inserted Bugs and DeFi Context 22 Chapter 5 Implementation 25 5.1 Instrumented EVM 25 5.2 Symbolic Virtual Machine (VM) 26 5.3 Vulnerability Detector 28 5.3.1 Customized Bugs 29 5.3.2 DeFi Vulnerability Patterns 29 Chapter 6 Evaluation 31 6.1 AMM Price-manipulation Vulnerabilities 31 6.2 Reward-manipulation Vulnerabilities 33 6.3 Past Attacks 35 6.4 Real-world Vulnerabilities 37 6.4.1 Comparison to ProMutator 39 Chapter 7 Related work 41 Chapter 8 Discussion and Research Directions 45 8.1 Ethical Considerations and Responsible Reporting 45 8.2 Falsely Inserted Bugs Leading to False Positives 46 Chapter 9 Conclusion 49 References 51	-
dc.language.iso	en	-
dc.subject	預言機操縱攻擊	zh_TW
dc.subject	去中心化金融安全	zh_TW
dc.subject	智能合約安全	zh_TW
dc.subject	DeFi Security	en
dc.subject	Price Oracle Attacks	en
dc.subject	Smart Contract Security	en
dc.title	利用情境感知分析於變異智能合約偵測組合式去中心化金融攻擊	zh_TW
dc.title	Detecting Compositional DeFi Attacks using Context-aware Analysis on Mutated Smart Contracts	en
dc.type	Thesis	-
dc.date.schoolyear	111-2	-
dc.description.degree	碩士	-
dc.contributor.oralexamcommittee	廖世偉;陳昱圻;郭博鈞	zh_TW
dc.contributor.oralexamcommittee	Shih-Wei Liao;Yu-Chi Chen;Po-Chun Kuo	en
dc.subject.keyword	去中心化金融安全,預言機操縱攻擊,智能合約安全,	zh_TW
dc.subject.keyword	DeFi Security,Price Oracle Attacks,Smart Contract Security,	en
dc.relation.page	56	-
dc.identifier.doi	10.6342/NTU202300202	-
dc.rights.note	未授權	-
dc.date.accepted	2023-03-14	-
dc.contributor.author-college	電機資訊學院	-
dc.contributor.author-dept	資訊工程學系	-
顯示於系所單位：	資訊工程學系

文件中的檔案：

檔案	大小	格式
ntu-111-2.pdf 未授權公開取用	986.02 kB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。