Paper Info
Title
EVMFuzzer - detect EVM vulnerabilities via fuzz testing.
Abstract
Ethereum Virtual Machine (EVM) is the run-time environment for smart contracts and its vulnerabilities may lead to serious problems to the Ethereum ecology. With lots of techniques being continuously developed for the validation of smart contracts, the testing of EVM remains challenging because of the special test input format and the absence of oracles. In this paper, we propose EVMFuzzer, the first tool that uses differential fuzzing technique to detect vulnerabilities of EVM. The core idea is to continuously generate seed contracts and feed them to the target EVM and the benchmark EVMs, so as to find as many inconsistencies among execution results as possible, eventually discover vulnerabilities with output cross-referencing. Given a target EVM and its APIs, EVMFuzzer generates seed contracts via a set of predefined mutators, and then employs dynamic priority scheduling algorithm to guide seed contracts selection and maximize the inconsistency. Finally, EVMFuzzer leverages benchmark EVMs as cross-referencing oracles to avoid manual checking. With EVMFuzzer, we have found several previously unknown security bugs in four widely used EVMs, and 5 of which had been included in Common Vulnerabilities and Exposures (CVE) IDs in U.S. National Vulnerability Database. The video is presented at https://youtu.be/9Lejgf2GSOk.
Year
DOI
Venue
2019
10.1145/3338906.3341175
ESEC/SIGSOFT FSE
Keywords
Field
DocType
Differential testing,fuzzing,domain-specific mutation,EVM
Fuzz testing,Software engineering,Computer science,Real-time computing,Vulnerability
Conference
ISBN
Citations 
PageRank 
978-1-4503-5572-8
3
0.40
References 
Authors
0
8
Name
Order
Citations
PageRank
Ying Fu110433.62
Meng Ren2122.62
Fuchen Ma3122.96
Heyuan Shi4146.02
Xin Yang5152.67
Yu Jiang634656.49
Huizhong Li7112.62
Xiang Shi870.82