How effective can we detect software vulnerabilities using code clones? - A Case Study on Ethereum Smart Contracts

dc.contributor.advisorJiang, ZhenMing
dc.contributor.authorMa, Yinghang
dc.date.accessioned2023-12-08T14:36:22Z
dc.date.available2023-12-08T14:36:22Z
dc.date.issued2023-12-08
dc.date.updated2023-12-08T14:36:21Z
dc.degree.disciplineElectrical and Computer Engineering
dc.degree.levelMaster's
dc.degree.nameMASc - Master of Applied Science
dc.description.abstractSmart contracts are self-executing programs that are deployed on blockchain platforms to provide services and handle transactions. Solidity contracts exhibit different code characteristics compared to software projects written in conventional programming languages and have a much higher level of code-to-clone ratio. These differences can impose a wider spread of security risks, and cloned code snippets may suffer from the same security problems as their cloned counterpart. In this thesis, we have conducted an empirical study on the effectiveness of leveraging code detection techniques to identify software vulnerabilities in the Solidity contract code. We have experimented with a set of configuration tuning approaches while keeping everything else constant. After carefully tuning these configurations, the tools tuned under the context-specific tuning approaches can achieve significant improvement while detecting vulnerabilities. This thesis highlighted the need for further research into context-specific clone detection and management and motivating studies in the domain of blockchain-based applications.
dc.identifier.urihttps://hdl.handle.net/10315/41695
dc.languageen
dc.rightsAuthor owns copyright, except where explicitly noted. Please contact the author directly with licensing requests.
dc.subjectComputer engineering
dc.subjectComputer science
dc.subject.keywordsGenetic algorithm
dc.subject.keywordsClone detection
dc.subject.keywordsVulnerability detection
dc.subject.keywordsEthereum
dc.subject.keywordsSolidity
dc.subject.keywordsSmart contract
dc.subject.keywordsCommon vulnerabilities and exposures
dc.titleHow effective can we detect software vulnerabilities using code clones? - A Case Study on Ethereum Smart Contracts
dc.typeElectronic Thesis or Dissertation

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Ma_Yinghang_2023_Master.pdf
Size:
3.58 MB
Format:
Adobe Portable Document Format
License bundle
Now showing 1 - 2 of 2
No Thumbnail Available
Name:
license.txt
Size:
1.87 KB
Format:
Plain Text
Description:
No Thumbnail Available
Name:
YorkU_ETDlicense.txt
Size:
3.39 KB
Format:
Plain Text
Description: