{"id":"https://openalex.org/W4415707895","doi":"https://doi.org/10.1109/tifs.2025.3626979","title":"Penetrating the Hostile: Detecting DeFi Protocol Exploits Through Cross-Contract Analysis","display_name":"Penetrating the Hostile: Detecting DeFi Protocol Exploits Through Cross-Contract Analysis","publication_year":2025,"publication_date":"2025-01-01","ids":{"openalex":"https://openalex.org/W4415707895","doi":"https://doi.org/10.1109/tifs.2025.3626979"},"language":null,"primary_location":{"id":"doi:10.1109/tifs.2025.3626979","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2025.3626979","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100634702","display_name":"Xiaoqi Li","orcid":"https://orcid.org/0000-0002-6012-9178"},"institutions":[{"id":"https://openalex.org/I20942203","display_name":"Hainan University","ror":"https://ror.org/03q648j11","country_code":"CN","type":"education","lineage":["https://openalex.org/I20942203"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Xiaoqi Li","raw_affiliation_strings":["Hainan University, Haikou, China"],"raw_orcid":"https://orcid.org/0000-0002-6012-9178","affiliations":[{"raw_affiliation_string":"Hainan University, Haikou, China","institution_ids":["https://openalex.org/I20942203"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053791262","display_name":"Wenkai Li","orcid":"https://orcid.org/0000-0002-4238-8846"},"institutions":[{"id":"https://openalex.org/I20942203","display_name":"Hainan University","ror":"https://ror.org/03q648j11","country_code":"CN","type":"education","lineage":["https://openalex.org/I20942203"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wenkai Li","raw_affiliation_strings":["Hainan University, Haikou, China"],"raw_orcid":"https://orcid.org/0000-0002-4238-8846","affiliations":[{"raw_affiliation_string":"Hainan University, Haikou, China","institution_ids":["https://openalex.org/I20942203"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5062494507","display_name":"Zhiquan Liu","orcid":"https://orcid.org/0000-0002-3934-2177"},"institutions":[{"id":"https://openalex.org/I159948400","display_name":"Jinan University","ror":"https://ror.org/02xe5ns62","country_code":"CN","type":"education","lineage":["https://openalex.org/I159948400"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhiquan Liu","raw_affiliation_strings":["Jinan University, Guangzhou, China"],"raw_orcid":"https://orcid.org/0000-0002-3934-2177","affiliations":[{"raw_affiliation_string":"Jinan University, Guangzhou, China","institution_ids":["https://openalex.org/I159948400"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100401884","display_name":"Yuqing Zhang","orcid":"https://orcid.org/0000-0001-8306-7195"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yuqing Zhang","raw_affiliation_strings":["University of Chinese Academy of Sciences, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0001-8306-7195","affiliations":[{"raw_affiliation_string":"University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5104242014","display_name":"Yingjie Mao","orcid":null},"institutions":[{"id":"https://openalex.org/I20942203","display_name":"Hainan University","ror":"https://ror.org/03q648j11","country_code":"CN","type":"education","lineage":["https://openalex.org/I20942203"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yingjie Mao","raw_affiliation_strings":["Hainan University, Haikou, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Hainan University, Haikou, China","institution_ids":["https://openalex.org/I20942203"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5100634702"],"corresponding_institution_ids":["https://openalex.org/I20942203"],"apc_list":null,"apc_paid":null,"fwci":5.8102,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.96467307,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":99},"biblio":{"volume":"20","issue":null,"first_page":"11759","last_page":"11774"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.3635999858379364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.3635999858379364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.120899997651577,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.08709999918937683,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.8924000263214111},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.5867000222206116},{"id":"https://openalex.org/keywords/path","display_name":"Path (computing)","score":0.45010000467300415},{"id":"https://openalex.org/keywords/state","display_name":"State (computer science)","score":0.4187000095844269},{"id":"https://openalex.org/keywords/control-flow-graph","display_name":"Control flow graph","score":0.37380000948905945},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.37369999289512634},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.35100001096725464},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.34290000796318054}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.9143000245094299},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.8924000263214111},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.5867000222206116},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.47130000591278076},{"id":"https://openalex.org/C2777735758","wikidata":"https://www.wikidata.org/wiki/Q817765","display_name":"Path (computing)","level":2,"score":0.45010000467300415},{"id":"https://openalex.org/C48103436","wikidata":"https://www.wikidata.org/wiki/Q599031","display_name":"State (computer science)","level":2,"score":0.4187000095844269},{"id":"https://openalex.org/C27458966","wikidata":"https://www.wikidata.org/wiki/Q1187693","display_name":"Control flow graph","level":2,"score":0.37380000948905945},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.37369999289512634},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.35100001096725464},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.34290000796318054},{"id":"https://openalex.org/C160191386","wikidata":"https://www.wikidata.org/wiki/Q868299","display_name":"Control flow","level":2,"score":0.34139999747276306},{"id":"https://openalex.org/C167822520","wikidata":"https://www.wikidata.org/wiki/Q176452","display_name":"Finite-state machine","level":2,"score":0.33550000190734863},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.329800009727478},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3269999921321869},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.32339999079704285},{"id":"https://openalex.org/C2780741293","wikidata":"https://www.wikidata.org/wiki/Q4818019","display_name":"Attack patterns","level":3,"score":0.29820001125335693},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.29510000348091125},{"id":"https://openalex.org/C40305131","wikidata":"https://www.wikidata.org/wiki/Q2616305","display_name":"Obfuscation","level":2,"score":0.27619999647140503},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.27219998836517334},{"id":"https://openalex.org/C2779201187","wikidata":"https://www.wikidata.org/wiki/Q2775060","display_name":"Information leakage","level":2,"score":0.26739999651908875},{"id":"https://openalex.org/C67186912","wikidata":"https://www.wikidata.org/wiki/Q367664","display_name":"Data modeling","level":2,"score":0.267300009727478},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.2667999863624573},{"id":"https://openalex.org/C137822555","wikidata":"https://www.wikidata.org/wiki/Q2587068","display_name":"Information sensitivity","level":2,"score":0.26100000739097595},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.25859999656677246}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tifs.2025.3626979","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2025.3626979","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1792305625","display_name":null,"funder_award_id":"HNJG2023-10","funder_id":"https://openalex.org/F4320324882","funder_display_name":"Hainan Provincial Department of Science and Technology"},{"id":"https://openalex.org/G4955479608","display_name":null,"funder_award_id":"62362021","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G969737726","display_name":null,"funder_award_id":"62402146","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320324882","display_name":"Hainan Provincial Department of Science and Technology","ror":"https://ror.org/03rbw2w25"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":63,"referenced_works":["https://openalex.org/W2539190473","https://openalex.org/W2789063661","https://openalex.org/W2907492528","https://openalex.org/W2963610883","https://openalex.org/W2963626623","https://openalex.org/W2970809537","https://openalex.org/W2981088827","https://openalex.org/W2985495886","https://openalex.org/W2994373027","https://openalex.org/W2999378142","https://openalex.org/W3034136313","https://openalex.org/W3035733952","https://openalex.org/W3133932565","https://openalex.org/W3134196592","https://openalex.org/W3137707325","https://openalex.org/W3162209499","https://openalex.org/W3173753074","https://openalex.org/W3182763642","https://openalex.org/W3207487452","https://openalex.org/W3211314335","https://openalex.org/W3213446005","https://openalex.org/W3214248890","https://openalex.org/W4206712151","https://openalex.org/W4211181447","https://openalex.org/W4285490412","https://openalex.org/W4288057718","https://openalex.org/W4296440242","https://openalex.org/W4306406277","https://openalex.org/W4308632432","https://openalex.org/W4311777171","https://openalex.org/W4316022171","https://openalex.org/W4316661173","https://openalex.org/W4324007147","https://openalex.org/W4367046762","https://openalex.org/W4375929685","https://openalex.org/W4384154512","https://openalex.org/W4384155542","https://openalex.org/W4384155611","https://openalex.org/W4384155618","https://openalex.org/W4384302865","https://openalex.org/W4384304916","https://openalex.org/W4384345633","https://openalex.org/W4385080392","https://openalex.org/W4385730452","https://openalex.org/W4388483249","https://openalex.org/W4388857350","https://openalex.org/W4390204305","https://openalex.org/W4393186154","https://openalex.org/W4394769109","https://openalex.org/W4394769500","https://openalex.org/W4396523209","https://openalex.org/W4396844343","https://openalex.org/W4396918181","https://openalex.org/W4400121127","https://openalex.org/W4402264101","https://openalex.org/W4402264471","https://openalex.org/W4402288736","https://openalex.org/W4402442646","https://openalex.org/W4402443213","https://openalex.org/W4403577695","https://openalex.org/W4404060141","https://openalex.org/W4407097963","https://openalex.org/W4411552321"],"related_works":[],"abstract_inverted_index":{"Decentralized":[0],"finance":[1],"(DeFi)":[2],"protocols":[3,71],"are":[4],"crypto":[5],"projects":[6],"developed":[7],"on":[8,16,133],"the":[9,40,55,59,96,116,124,137,146,155,170,182,187,194,202,214,242],"blockchain":[10],"to":[11,57,86,164,168,200,234],"manage":[12],"digital":[13],"assets.":[14],"Attacks":[15],"DeFi":[17,70,134,147,205],"have":[18,22],"been":[19],"frequent":[20],"and":[21,32,109,142,160,222,267],"resulted":[23],"in":[24,36,74,127,174,219,224],"losses":[25],"exceeding":[26],"$80":[27],"billion.":[28],"Current":[29],"tools":[30,85],"detect":[31,235],"locate":[33],"possible":[34],"vulnerabilities":[35],"contracts":[37],"by":[38,185],"analyzing":[39],"state":[41],"changes":[42],"that":[43,101,131,211],"may":[44],"occur":[45,132],"during":[46],"malicious":[47,129,236],"events.":[48],"However,":[49],"this":[50,91],"victim-only":[51],"approaches":[52],"seldom":[53],"possess":[54],"capability":[56,233],"cover":[58],"attacker\u2019s":[60],"interaction":[61],"intention":[62],"logic.":[63],"Furthermore,":[64,191],"only":[65],"a":[66,79],"minuscule":[67],"percentage":[68],"of":[69,172,204,254],"experience":[72],"attacks":[73],"real-world":[75,128],"scenarios,":[76],"which":[77],"poses":[78],"significant":[80],"challenge":[81],"for":[82,106],"these":[83],"detection":[84],"demonstrate":[87],"practical":[88],"effectiveness.":[89],"In":[90],"paper,":[92],"we":[93,192,249],"propose":[94],"DeFiTail,":[95],"<italic":[97],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[98],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">first</i>":[99],"framework":[100],"utilizes":[102],"deep":[103],"learning":[104],"technology":[105],"access":[107,220],"control":[108,221],"flash":[110,225],"loan":[111,226],"exploit":[112],"detection.":[113],"Through":[114],"feeding":[115],"cross-contract":[117],"static":[118],"data":[119,183,195],"flow,":[120],"DeFiTail":[121,180,212,228],"automatically":[122],"learns":[123],"attack":[125],"logic":[126],"events":[130,149],"protocols,":[135],"capturing":[136],"threat":[138],"patterns":[139],"between":[140],"attacker":[141],"victim":[143],"contracts.":[144],"Since":[145],"protocol":[148],"involve":[150],"interactions":[151],"with":[152,158,217],"multi-account":[153],"transactions,":[154],"execution":[156,189],"path":[157,184],"external":[159],"internal":[161],"transactions":[162],"requires":[163],"be":[165],"unified.":[166],"Moreover,":[167],"mitigate":[169],"impact":[171],"mistakes":[173],"Control":[175],"Flow":[176],"Graph":[177],"(CFG)":[178],"connections,":[179],"validates":[181],"employing":[186],"symbolic":[188],"stack.":[190],"feed":[193],"paths":[196],"through":[197],"our":[198],"model":[199],"achieve":[201],"inspection":[203],"protocols.":[206],"Comparative":[207],"experiment":[208],"results":[209],"indicate":[210],"achieves":[213],"highest":[215],"accuracy,":[216],"98.39%":[218],"97.43%":[223],"exploits.":[227],"also":[229],"demonstrates":[230],"an":[231],"enhanced":[232],"contracts,":[237,248],"identifying":[238],"86.67%":[239],"accuracy":[240],"from":[241],"CVE":[243],"dataset.":[244],"By":[245],"monitoring":[246],"existing":[247],"identified":[250],"five":[251],"distinct":[252],"categories":[253],"vulnerabilities:":[255],"repetition":[256],"abuse,":[257],"unsafe":[258],"unintended":[259],"exploitation,":[260,263,266],"signature":[261],"violated":[262],"insecure":[264],"interfaces":[265],"unrestricted":[268],"token":[269],"transfer.":[270]},"counts_by_year":[{"year":2026,"cited_by_count":2}],"updated_date":"2025-11-08T23:21:52.890332","created_date":"2025-10-30T00:00:00"}