{"id":"https://openalex.org/W3026203297","doi":"https://doi.org/10.1145/3395363.3397385","title":"How effective are smart contract analysis tools? evaluating smart contract static analysis tools using bug injection","display_name":"How effective are smart contract analysis tools? evaluating smart contract static analysis tools using bug injection","publication_year":2020,"publication_date":"2020-07-13","ids":{"openalex":"https://openalex.org/W3026203297","doi":"https://doi.org/10.1145/3395363.3397385","mag":"3026203297"},"language":"en","primary_location":{"id":"doi:10.1145/3395363.3397385","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3395363.3397385","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis","raw_type":"proceedings-article"},"type":"article","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2005.11613","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Asem Ghaleb","orcid":null},"institutions":[{"id":"https://openalex.org/I141945490","display_name":"University of British Columbia","ror":"https://ror.org/03rmrcq20","country_code":"CA","type":"education","lineage":["https://openalex.org/I141945490"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Asem Ghaleb","raw_affiliation_strings":["University of British Columbia, Canada"],"affiliations":[{"raw_affiliation_string":"University of British Columbia, Canada","institution_ids":["https://openalex.org/I141945490"]}]},{"author_position":"last","author":{"id":null,"display_name":"Karthik Pattabiraman","orcid":null},"institutions":[{"id":"https://openalex.org/I141945490","display_name":"University of British Columbia","ror":"https://ror.org/03rmrcq20","country_code":"CA","type":"education","lineage":["https://openalex.org/I141945490"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Karthik Pattabiraman","raw_affiliation_strings":["University of British Columbia, Canada"],"affiliations":[{"raw_affiliation_string":"University of British Columbia, Canada","institution_ids":["https://openalex.org/I141945490"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I141945490"],"apc_list":null,"apc_paid":null,"fwci":22.8058,"has_fulltext":false,"cited_by_count":180,"citation_normalized_percentile":{"value":0.99447233,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"415","last_page":"427"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9952999949455261,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.8019000291824341},{"id":"https://openalex.org/keywords/static-program-analysis","display_name":"Static program analysis","score":0.5418000221252441},{"id":"https://openalex.org/keywords/security-analysis","display_name":"Security analysis","score":0.5174000263214111},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.49459999799728394},{"id":"https://openalex.org/keywords/security-bug","display_name":"Security bug","score":0.4196999967098236},{"id":"https://openalex.org/keywords/application-security","display_name":"Application security","score":0.4058000147342682},{"id":"https://openalex.org/keywords/smart-contract","display_name":"Smart contract","score":0.37869998812675476}],"concepts":[{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.8019000291824341},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6470999717712402},{"id":"https://openalex.org/C137287247","wikidata":"https://www.wikidata.org/wiki/Q1329550","display_name":"Static program analysis","level":4,"score":0.5418000221252441},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.5174000263214111},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5041000247001648},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.49459999799728394},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.4196999967098236},{"id":"https://openalex.org/C77109596","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Application security","level":5,"score":0.4058000147342682},{"id":"https://openalex.org/C2779950589","wikidata":"https://www.wikidata.org/wiki/Q7544035","display_name":"Smart contract","level":3,"score":0.37869998812675476},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.37450000643730164},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.34130001068115234},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.33559998869895935},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3273000121116638},{"id":"https://openalex.org/C2779639559","wikidata":"https://www.wikidata.org/wiki/Q7661178","display_name":"Symbolic execution","level":3,"score":0.30000001192092896},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.2888999879360199},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.26269999146461487},{"id":"https://openalex.org/C110406131","wikidata":"https://www.wikidata.org/wiki/Q41349","display_name":"Smart card","level":2,"score":0.25209999084472656}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3395363.3397385","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3395363.3397385","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2005.11613","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2005.11613","pdf_url":"https://arxiv.org/pdf/2005.11613","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2005.11613","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2005.11613","pdf_url":"https://arxiv.org/pdf/2005.11613","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":16,"referenced_works":["https://openalex.org/W1480909796","https://openalex.org/W2019230987","https://openalex.org/W2515236103","https://openalex.org/W2538848838","https://openalex.org/W2539190473","https://openalex.org/W2560041978","https://openalex.org/W2769609281","https://openalex.org/W2778144710","https://openalex.org/W2788841915","https://openalex.org/W2805052744","https://openalex.org/W2805827286","https://openalex.org/W2846896781","https://openalex.org/W2888928288","https://openalex.org/W2890728226","https://openalex.org/W2970809537","https://openalex.org/W2999378142"],"related_works":[],"abstract_inverted_index":{"Security":[0],"attacks":[1],"targeting":[2],"smart":[3,32,50,83,103],"contracts":[4,33,165],"have":[5,11,42],"been":[6,43],"on":[7,91],"the":[8,54,65,113,118,124,127,137,182,197],"rise,":[9],"which":[10],"led":[12],"to":[13,24,27,63,105,131,145,191],"financial":[14],"loss":[15],"and":[16,68,78,122,158,195],"erosion":[17],"of":[18,38,163,175,188],"trust.":[19],"Therefore,":[20],"it":[21],"is":[22,59,89,143],"important":[23],"enable":[25],"developers":[26],"discover":[28],"security":[29,47,108],"vulnerabilities":[30],"in":[31,49,101],"before":[34],"deployment.":[35],"A":[36],"number":[37],"static":[39,85,119,149],"analysis":[40,86,120,150],"tools":[41,67,128,184,198],"developed":[44],"for":[45,81],"finding":[46],"bugs":[48,93,125,138,176],"contracts.":[51],"However,":[52],"despite":[53,185],"numerous":[55],"bug-finding":[56],"tools,":[57,121,151],"there":[58],"no":[60],"systematic":[61,79],"approach":[62,80],"evaluate":[64,146],"proposed":[66],"gauge":[69],"their":[70,186],"effectiveness.":[71],"This":[72],"paper":[73],"proposes":[74],"SolidiFI,":[75],"an":[76],"automated":[77],"evaluating":[82],"contract":[84,104,116],"tools.":[87],"SolidiFI":[88,110,142],"based":[90],"injecting":[92],"(i.e.,":[94],"code":[95],"defects)":[96],"into":[97],"all":[98,196],"potential":[99],"locations":[100],"a":[102,161],"introduce":[106],"targeted":[107],"vulnerabilities.":[109],"then":[111],"checks":[112],"generated":[114],"buggy":[115],"using":[117,160],"identifies":[123],"that":[126,177],"are":[129,178],"unable":[130],"detect":[132,192],"(false-negatives)":[133],"along":[134],"with":[135],"identifying":[136],"reported":[139],"as":[140],"false-positives.":[141],"used":[144],"six":[147],"widely-used":[148],"namely,":[152],"Oyente,":[153],"Securify,":[154],"Mythril,":[155],"SmartCheck,":[156],"Manticore":[157],"Slither,":[159],"set":[162],"50":[164],"injected":[166],"by":[167,181],"9369":[168],"distinct":[169],"bugs.":[170],"It":[171],"finds":[172],"several":[173],"instances":[174],"not":[179],"detected":[180],"evaluated":[183],"claims":[187],"being":[189],"able":[190],"such":[193],"bugs,":[194],"report":[199],"many":[200],"false":[201],"positives":[202]},"counts_by_year":[{"year":2026,"cited_by_count":4},{"year":2025,"cited_by_count":43},{"year":2024,"cited_by_count":51},{"year":2023,"cited_by_count":41},{"year":2022,"cited_by_count":30},{"year":2021,"cited_by_count":11}],"updated_date":"2026-03-27T14:29:43.386196","created_date":"2020-05-29T00:00:00"}