[1] |
NAKAMOTO S . Bitcoin:a peer-to-peer electronic cash system[EB].
|
[2] |
BUTERIN V . A next-generation smart contract and decentralized application platform[J].
|
[3] |
ATZEI N , BARTOLETTI M , CIMOLI T . A survey of attacks on Ethereum smart contracts (SoK)[C]// International Conference on Principles of Security and Trust. 2017: 164-186.
|
[4] |
KRUPP J , ROSSOW C . Teether:gnawing at Ethereum to automatically exploit smart contracts[C]// 27th USENIX Security Symposium (USENIX Security 18). 2018: 1317-1333.
|
[5] |
CHEN T , LI X , LUO X , ZHANG X . Under-optimized smart contracts devour your money[C]// Software Analysis,Evolution and Reengineering (SANER). 2017: 442-446.
|
[6] |
KALRA S , GOEL S , DHAWAN M ,et al. ZEUS:analyzing safety of smart contracts[C]// NDSS. 2018.
|
[7] |
BRENT L . Vandal:a scalable security analysis framework for smart contracts[J]. arXiv preprint arXiv:1809.03981, 2018
|
[8] |
ZAKRZEWSKI J , . Towards verification of Ethereum smart contracts:a formalization of core of solidity[C]// Working Confer-ence on Verified Software:Theories,Tools,and Experiments. 2018: 229-247.
|
[9] |
NIKOLI? I , KOLLURI A , SERGEY I ,et al. Finding the greedy,prodigal,and suicidal contracts at scale[C]// The 34th Annual Computer Security Applications Conference. 2018: 653-663.
|
[10] |
GRECH N , KONG M , JURISEVIC A ,et al. MadMax:surviving out-of-gas conditions in Ethereum smart contracts[J]. Proceedings of the ACM on Programming Languages, 2018,2: 1-27.
|
[11] |
JIANG B , LIU Y , CHAN W K . Contract fuzzer:fuzzing smart contracts for vulnerability detection[C]// 33rd ACM/IEEE International Conference on Automated Soft-ware Engineering. 2018: 259-269
|
[12] |
LIAO H J , LIN C H R , LIN Y C ,et al. Intrusion detection system:a comprehensive review[J]. Journal of Network and Computer Applications, 2013(36): 16-24.
|
[13] |
Understanding the DAO attack[EB].
|
[14] |
Parity multisig hacked again[EB].
|
[15] |
ZHANG T , ZHUANG X , PANDE S ,et al. Anomalous path detection with hardware support[C]// The 2005 International Conference on Compilers,Architectures and Synthesis for Embedded Systems. 2005: 43-54.
|
[16] |
FENG H H , KOLESNIKOV O M , FOGLA P ,et al. Anomaly detection using call stack information[C]// 2003 Symposium on Security and Privacy. 2003: 62-75.
|
[17] |
GARFINKEL T , ROSENBLUM M . A virtual machine introspection based architecture for intrusion detection[C]// NDSS. 2003: 191-206.
|
[18] |
WOOD G . Ethereum yellow paper[EB].
|
[19] |
GIFFIN J T , JHA S , MILLER B P . Efficient context-sensitive intrusion detection[C]// NDSS. 2004.
|
[20] |
XU H , DU W , CHAPIN S J . Context sensitive anomaly monitoring of process control flow to detect mimicry attacks and impossible paths[C]// International Workshop on Recent Advances in Intrusion Detection. 2004: 21-38.
|
[21] |
BALL T , LARUS J R . Efficient path profiling[C]// 29th Annual ACM/IEEE International Symposium on Microarchitecture, 1996: 46-57.
|
[22] |
BELAZZOUGUID , BOTELHO F C , DIETZFELBINGER M . Hash,displace,and compress[C]// European Symposium on Algorithms. 2009: 682-693.
|
[23] |
LUU L , CHU D H , OLICKEL H ,et al. Making smart contracts smarter[C]// 2016 ACM SIGSAC Conference on Computer and Communications Security. 2016: 254-269.
|
[24] |
GROSSMAN S , . Online detection of effectively callback free objects with applications to smart contracts[C]// ACM on Programming Languages, 2017(2):48.
|
[25] |
GRISHCHENKO I , MAFFEI M , SCHNEIDEWIND C . a semantic framework for the security analysis of Ethereum smart contracts[C]// International Conference on Principles of Security and Trust, 2018: 243-269.
|
[26] |
LARUS J R , . Whole program paths[C]// ACM SIGPLAN 1999 Conference on Programming Language Design and Implementation (PLDI). 1999,34: 259-269.
|
[27] |
MELSKI D , REPS T . Interprocedural path profiling[C]// International Conference on Compiler Construction. 1999: 47-62.
|
[28] |
D’ELIA D C , DEMETRESCU C . Ball-larus path profiling across multiple loop iterations[J]. ACM Sigplan Notices, 2013,48: 373-390.
|
[29] |
SUMNER W N , ZHENG Y , WEERATUNGE D ,et al. Precise calling context encoding[J]. IEEE Transactions on Software Engineering, 2012,38(5): 1160-1177.
|
[30] |
AMMONS G , LARUS J R . Improving dataflow analysis with path profiles[J]. ACM SIGPLAN Notices, 1998,33: 72-84.
|
[31] |
ERNST M D , COCKRELL J , GRISWOLD W G ,et al. Dynamically discovering likely program invariants to support program evolution[J]. IEEE Transactions on Software Engineering, 2001,27(2): 99-123.
|
[32] |
KUMAR V , SANGWAN O P . Signature based intrusion detection system using SNORT[J]. International Journal of Computer Applications & Information Technology, 2012,1(3): 35-41.
|
[33] |
CUI W , PEINADO M , WANG H J ,et al. Shieldgen:automatic data patch generation for unknown vulnerabilities with informed probing[C]// 2007 IEEE Symposium on Security and Privacy (SP’07). 2007: 252-266.
|
[34] |
DANNEN C . Introducing Ethereum and solidity[M]. Berlin: SpringerPress, 2017.
|
[35] |
ZHUANG X , SERRANO M J , CAIN H W ,et al. Accurate,efficient,and adaptive calling context profiling[J]. ACM Sigplan Notices, 2006(41): 263-271.
|
[36] |
LI X , JIANG P , CHEN T ,et al. A survey on the security of blockchain systems[C]// Future Generation Computer Systems. 2017.
|
[37] |
MANNING D A . Solidity security:comprehensive list of known attack vectors and common antipatterns[J].
|
[38] |
DERIVATIVES D N | T . A survey of solidity security vulnerability[EB].
|
[39] |
BEC spiked 4000% on first trading day,another pump-and-dump scheme[EB].
|
[40] |
WANG X , CHEUNG S C , CHAN W K ,et al. Taming coincidental correctness:coverage refinement with context patterns[C]// ICSE. 2009: 45-55.
|
[41] |
Truffle Suite.Sweet Contracts[EB].
|
[42] |
BALL T , LARUS J R . Optimally profiling and tracing programs[J]. ACM Transactions on Programming Languages and Systems (TOPLAS), 1994,16(4): 1319-1360.
|
[43] |
TJHAI G C , PAPADAKI M , FURNELL S M ,et al. Clarke,investigating the problem of IDS false alarms:an experimental study using snort[C]// IFIP International Information Security Conference. 2008: 253-267.
|
[44] |
Understanding the DAO attack[EB].
|
[45] |
An in-depth look at the parity multisig bug[EB].
|
[46] |
Post-mortem[EB].
|
[47] |
Detecting integer arithmetic bugs in Ethereum smart contracts[EB].
|
[48] |
Smart contract wallets created in frontier are vulnerable to phishing attacks[EB].
|
[49] |
MerdeToken[EB].
|
[50] |
CryptoKitty[EB].
|
[51] |
StatusNetwork[EB].
|
[52] |
DecentralizedVoting[EB].
|
[53] |
PoolShark[EB].
|
[54] |
Etherscan[EB].
|
[55] |
SafeMath OpenZeppelin[EB].
|