From Rule-Driven to Data-Driven: Technological Evolution, Challenges, and Future Trends in Smart Contract Vulnerability Detection

Authors

  • Qiheng Yu

DOI:

https://doi.org/10.62051/c9jgtf18

Keywords:

Smart Contract Security, Deep Learning, Graph Neural Networks, Vulnerability Detection, Blockchain.

Abstract

Smart contract vulnerability detection is undergoing a paradigm shift from rule-driven to data-driven approaches. While traditional methods relying on predefined patterns struggle with evolving attack vectors, machine learning enables novel solutions through multi-level feature learning. This study systematically traces technological evolution: Early research established foundational frameworks using syntax tree features with classical classifiers. Deep learning advancements introduced temporal models capturing execution dynamics, spatial convolutional networks decoding bytecode structures, and graph neural networks modeling cross-contract dependencies, collectively enabling precise identification of complex vulnerabilities. Semi-supervised learning and hybrid architectures further maintain detection robustness under limited labeled data. Three evolutionary trends emerge: detection scope expanding from single-contract code to multi-protocol interaction networks, feature representation transitioning from manual design to neural self-encoding, and training paradigms shifting from fully-supervised to collaborative weak supervision. Persistent challenges include unverified model interpretability, inadequate adaptation to dynamic on-chain environments, and insufficient traceability of cross-chain attack paths. Future solutions require integrating neuro-symbolic verifiability, dynamic graph networks' real-time perception, and federated knowledge-sharing mechanisms to develop adaptive, auditable next-generation detection systems.

Downloads

Download data is not yet available.

References

[1] S. Nakamoto, "Bitcoin: A peer-to-peer electronic cash system," (2008). [Online]. Available: https://bitcoin.org/bitcoin.pdf

[2] S. N. Khan, F. Loukil, C. Ghedira-Guegan et al., Peer-to-Peer Netw. Appl. 14, 2901–2925 (2021).

[3] Metz C. A $50 Million Hack Just Showed That the DAO Was All Too Human [EB/OL]. WIRED,2016-06-17[2025-04-04]. https://www.wired.com/2016/06/50-million-hack-just-showed-dao-human/.

[4] P. Momeni, Y. Wang, and R. Samavi, "Machine learning model for smart contracts security analysis," in 2019 17th International Conference on Privacy, Security and Trust (PST), IEEE, (2019), pp. 1–6.

[5] P. Qian, Z. Liu, Q. He et al., IEEE Access 8, 19685–19695 (2020).

[6] T. T. H. D. Huang, "Hunting the ethereum smart contract: Color-inspired inspection of potential attacks," arXiv preprint arXiv:1807.01868, (2018).

[7] Z. Liu, P. Qian, X. Wang et al., IEEE Trans. Knowl. Data Eng. 35, 1296–1310 (2021).

[8] X. Sun, L. Tu, J. Zhang et al., J. Inf. Secur. Appl. 73, 103423 (2023).

[9] N. Atzei, M. Bartoletti, and T. Cimoli, "A survey of attacks on ethereum smart contracts," in International Conference on Principles of Security and Trust, Springer Berlin Heidelberg, (2017), pp. 164–186.

[10] I. Grishchenko, M. Maffei, and C. Schneidewind, "A semantic framework for the security analysis of ethereum smart contracts," in Principles of Security and Trust: 7th International Conference, POST 2018, Springer International Publishing, (2018), pp. 243–269.

[11] L. Luu, D. H. Chu, H. Olickel et al., "Making smart contracts smarter," in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, (2016), pp. 254–269.

[12] J. W. Liao, T. T. Tsai, C. K. He et al., "Soliaudit: Smart contract vulnerability assessment based on machine learning and fuzz testing," in 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS), IEEE, (2019), pp. 458–465.

[13] J. Feist, G. Grieco, and A. Groce, "Slither: A static analysis framework for smart contracts," in 2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), IEEE, (2019), pp. 8–15.

[14] P. Tsankov, A. Dan, D. Drachsler-Cohen et al., "Securify: Practical security analysis of smart contracts," in Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, (2018), pp. 67–82.

[15] B. Mueller, "Smashing ethereum smart contracts for fun and real profit," HITB SECCONF Amsterdam 9, 4–17 (2018).

[16] W. J. W. Tann, X. J. Han, S. S. Gupta et al., "Towards safer smart contracts: A sequence learning approach to detecting security threats," arXiv preprint arXiv:1811.06632, (2018).

[17] S. J. Hwang, S. H. Choi, J. Shin et al., IEEE Access 10, 32595–32607 (2022).

[18] Y. Zhuang, Z. Liu, P. Qian et al., "Smart contract vulnerability detection using graph neural networks," in Proceedings of the Twenty-Ninth International Conference on International Joint Conferences on Artificial Intelligence, (2021), pp. 3283–3290.

Downloads

Published

10-07-2025

Conference Proceedings Volume

Vol. 9 (2025): 3rd International Conference on Artificial Intelligence, Database and Machine Learning (AIDML 2025)

Section

Articles

License

Copyright (c) 2025 Transactions on Computer Science and Intelligent Systems Research

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

How to Cite

Yu, Q. (2025) “From Rule-Driven to Data-Driven: Technological Evolution, Challenges, and Future Trends in Smart Contract Vulnerability Detection”, Transactions on Computer Science and Intelligent Systems Research, 9, pp. 703–709. doi:10.62051/c9jgtf18.
Crossref
Scopus
Google Scholar
Europe PMC