AI-Driven Smart Contract Security: A Deep Learning Approach to Vulnerability Detection
DOI:
https://doi.org/10.15662/IJARCST.2025.0801004Keywords:
Smart contract security, vulnerability detection, graph neural networks, CodeBERT, multimodal deep learning, blockchainAbstract
Smart contracts, which allow for decentralized, automated transactions on blockchains, have been the source of repeated financial loss from hacking and coding flaws. This article introduces an AI-based deep learning approach to automated detection of vulnerabilities in smart contracts on Ethereum. The architecture integrates code-token embeddings (CodeBERT-style), control- and data-flow graph representations, and a hierarchical graph neural network (HGNN) with attention-based multimodal fusion to allow for comprehensive understanding of human-written programs. We train on labelled datasets from real-world contracts, utilising data augmentation and addressing class imbalance (focal loss + over sampling). For the experimental study, we compare the performance of our framework with existing solely-static and sequence-based transformers approaches apart from other GNN models on public datasets; ScrawlD, SmartBugs and manually curated Github-derived samples. Results The fused HGNN model performs with an average F1-score of 0.91, precision of 0.89, recall of 0.93 and AUC of 0.95 better than transformer-only (F1 = 0.86) and static-tool baselines (F1 = 0.71). The method shows strong generality to a wide range of vulnerability forms (reentrancy, integer overflow, unchecked calls, access control bugs) and enhances the precision for function-level localization. We further develop an interpretation module to map attention weights back to AST/CFG regions for human auditors. The paper also addresses limitations on dataset bias, obfuscation-resilience and adversarial examples and provides ideas for further investigation such as few-shot adaptation with one-class VAEs, integration with continuous deployment pipelines. The contributions: a multimodal deep-learning model for vulnerability detection and localization, an empirical study on state-of-the-art performance in multiple benchmark projects with large amounts of code; and advice how to deploy the AI-assisted contract auditing in development workflows.
References
[1] Z. Xu, Y. Liu, and L. Chen, “Deep learning-based vulnerability detection in Ethereum smart contracts,” IEEE Transactions on Dependable and Secure Computing, vol. 20, no. 2, pp. 489–502, 2023.
[2] Z. Liu, P. Qian, X. Wang, Y. Zhuang, L. Qiu and X. Wang, "Combining Graph Neural Networks With Expert Knowledge for Smart Contract Vulnerability Detection," in IEEE Transactions on Knowledge and Data Engineering, vol. 35, no. 2, pp. 1296-1310, 1 Feb. 2023, doi: 10.1109/TKDE.2021.3095196.
[3] D. Joshi, S. Patil, S. Chauhan, T. Baware, R. Thakur and S. Naik, "Smart Contract Vulnerability detection using Natural Language Processing," 2023 International Conference on Recent Advances in Science and Engineering Technology (ICRASET), B G NAGARA, India, 2023, pp. 1-6, doi: 10.1109/ICRASET59632.2023.10420108.
[4] Mishra, S. Blockchain and Machine Learning-Based Hybrid IDS to Protect Smart Networks and Preserve Privacy. Electronics 2023, 12, 3524. https://doi.org/10.3390/electronics12163524
[5] T. -T. -H. Le, J. Kim, S. Lee and H. Kim, "Robust Vulnerability Detection in Solidity-Based Ethereum Smart Contracts Using Fine-Tuned Transformer Encoder Models," in IEEE Access, vol. 12, pp. 154700-154717, 2024, doi: 10.1109/ACCESS.2024.3482389.
[6] P. Praitheeshan, L. Pan, J. Yu, J. Liu, and R. Doss, “Security Analysis Methods on Ethereum Smart Contract Vulnerabilities: A Survey,” Aug. 2019, doi: https://doi.org/10.48550/arxiv.1908.08605.
[7] P. Weber, K. V. Carl, and O. Hinz, ‘‘Applications of explainable artificial intelligence in finance—A systematic review of finance, information systems, and computer science literature,’’ Manage. Rev. Quart., vol. 74, no. 2, pp. 867–907, Jun. 2024.
[8] L. Zhang, J. Wang, W. Wang, Z. Jin, Y. Su, and H. Chen, “Smart contract vulnerability detection combined with multi-objective detection,” Computer Networks, vol. 217, p. 109289, Nov. 2022, doi: https://doi.org/10.1016/j.comnet.2022.109289.
[9] J. Sah, S. Padma, R. Yanamandra, and M. Irfan, ‘‘Risk management of future of Defi using artificial intelligence as a tool,’’ in AI-Driven Decentralized Finance Future Finance. Hershey, PA, USA: IGI Global, 2024, pp. 252–272
[10] F. Louati, F. B. Ktata, and I. Amous, ‘‘Big-IDS: A decentralized multi agent reinforcement learning approach for distributed intrusion detection in big data networks,’’ Cluster Comput., vol. 27, no. 5, pp. 6823–6841, Aug. 2024.
[11] J. Su, H.-N. Dai, L. Wang, Z. Zheng, and X. Luo, “Effectively Generating Vulnerable Transaction Sequences in Smart Contracts with Reinforcement Learning-guided Fuzzing,” Oct. 2022, doi: https://doi.org/10.1145/3551349.3560429
[12] Celik, Y., Barbero, I., Hodorog, A. et al. Blockchain for energy efficiency training in the construction industry. Educ Inf Technol 29, 323–349 (2024). https://doi.org/10.1007/s10639-023-12261-y
[13] S. HajiHosseinKhani, A. H. Lashkari, and A. M. Oskui, ‘‘Unveiling vulnerable smart contracts: Toward profiling vulnerable smart contracts using genetic algorithm and generating benchmark dataset,’’ Blockchain: Res. Appl., vol. 5, no. 1, Mar. 2024, Art. no. 100171
[14] Bharat Gami, M. Agrawal, D. K. Mishra, Danish Quasim, and Pawan Singh Mehra, “Artificial intelligence‐based blockchain solutions for intelligent healthcare: A comprehensive review on privacy preserving techniques,” Transactions on Emerging Telecommunications Technologies, vol. 34, no. 9, Jul. 2023, doi: https://doi.org/10.1002/ett.4824.
[15] Z. Gao, “When deep learning meets smart contracts,” arXiv (Cornell University), Dec. 2020, doi: https://doi.org/10.1145/3324884.3418918.
[16] Cholevas C, Angeli E, Sereti Z, Mavrikos E, Tsekouras GE. Anomaly Detection in Blockchain Networks Using Unsupervised Learning: A Survey. Algorithms. 2024; 17(5):201. https://doi.org/10.3390/a17050201
[17] H. Liu, Y. Fan, L. Feng, and Z. Wei, “Vulnerable smart contract function locating based on Multi-Relational Nested Graph Convolutional Network,” Journal of Systems and Software, vol. 204, pp. 111775–111775, Oct. 2023, doi: https://doi.org/10.1016/j.jss.2023.111775.
[18] Peddamukkula, P. K. (2024). The Impact of AI-Driven Automated Underwriting on the Life Insurance Industry. International Journal of Computer Technology and Electronics Communication, 7(5), 9437-9446.
[19] T. Murakami, S. Wu, J.-Z. Zhang, D.-M. Zhang, K. Asano, Y. Otake, and K.-K. Phoon, ‘‘Differential privacy in geotechnical engineering,’’ Geodata AI, vol. 1, Sep. 2024, Art. no. 100004.
[20] Q. Umer, J. -W. Li, M. R. Ashraf, R. N. Bashir and H. Ghous, "Ensemble Deep Learning-Based Prediction of Fraudulent Cryptocurrency Transactions," in IEEE Access, vol. 11, pp. 95213-95224, 2023, doi: 10.1109/ACCESS.2023.3310576.
[21] P. Singh, M. Masud, M. S. Hossain, and A. Kaur, “Cross-domain secure data sharing using blockchain for industrial IoT,” Journal of Parallel and Distributed Computing, vol. 156, pp. 176–184, Oct. 2021, doi: https://doi.org/10.1016/j.jpdc.2021.05.007
