ML Study of MaliciousTransactions in Ethereum
This work addresses security vulnerabilities in Ethereum smart contracts for blockchain users and developers, but it appears incremental as it builds on existing methods like GPT2, CodeLlama, and XGBOOST without introducing a fundamentally new paradigm.
The paper tackles the problem of detecting malicious smart contracts and transactions in Ethereum by presenting three approaches: GPT2-based opcode analysis, LORA fine-tuned CodeLlama for Solidity source code, and an XGBOOST model combining gas properties and hexadecimal signatures, achieving unspecified detection results.
Smart contracts are a major tool in Ethereum transactions. Therefore hackers can exploit them by adding code vulnerabilities to their sources and using these vulnerabilities for performing malicious transactions. This paper presents two successful approaches for detecting malicious contracts: one uses opcode and relies on GPT2 and the other uses the Solidity source and a LORA fine-tuned CodeLlama. Finally, we present an XGBOOST model that combines gas properties and Hexa-decimal signatures for detecting malicious transactions. This approach relies on early assumptions that maliciousness is manifested by the uncommon usage of the contracts' functions and the effort to pursue the transaction.