Blockchain technology (BT) Ethereum Smart Contracts allows programmable transactions that involve the transfer of monetary assets among peers on a BT network independent of a central authorizing agency. Ethereum Smart Contracts are programs that are deployed as decentralized applications, having the building blocks of the blockchain consensus protocol. This technology enables consumers to make agreements in a transparent and conflict-free environment. However, the security vulnerabilities within these smart contracts are a potential threat to the applications and their consumers and have shown in the past to cause huge financial losses. In this paper, we propose a framework that combines static and dynamic analysis to detect Denial of Service (DoS) vulnerability due to an unexpected revert in Ethereum Smart Contracts. Our framework, SmartScan, statically scans smart contracts under test (SCUTs) to identify patterns that are potentially vulnerable in these SCUTs and then uses dynamic analysis to precisely confirm their exploitability of the DoS-Unexpected Revert vulnerability, thus achieving increased performance and more precise results. We evaluated SmartScan on a set of 500 smart contracts collected from the Etherscan. Our approach shows an improvement in precision and recall when compared to available state-of-the-art techniques.

中文翻译：

---

SmartScan：一种检测以太坊智能合约中拒绝服务漏洞的方法

区块链技术（BT）以太坊智能合约允许可编程交易，涉及独立于中央授权机构的BT网络上的同伴之间的货币资产转移。以太坊智能合约是作为去中心化应用程序部署的程序，具有区块链共识协议的基础。这项技术使消费者能够在透明，无冲突的环境中达成协议。但是，这些智能合约中的安全漏洞是对应用程序及其使用者的潜在威胁，并且在过去已经证明会造成巨大的财务损失。在本文中，我们提出了一个框架，该框架结合了静态和动态分析以检测由于以太坊智能合约意外恢复而导致的拒绝服务（DoS）漏洞。我们的框架SmartScan 静态扫描被测智能合约（SCUT）以识别在这些SCUT中可能易受攻击的模式，然后使用动态分析来精确确认其对DoS-Unexpected Revert漏洞的可利用性，从而获得更高的性能和更精确的结果。我们根据从Etherscan收集的500份智能合约对SmartScan进行了评估。与可用的最新技术相比，我们的方法显示出精度和召回率的提高。我们根据从Etherscan收集的500份智能合约对SmartScan进行了评估。与可用的最新技术相比，我们的方法显示出精度和召回率的提高。我们根据从Etherscan收集的500份智能合约对SmartScan进行了评估。与可用的最新技术相比，我们的方法显示出精度和召回率的提高。