Collaborative Learning Framework to Detect Attacks in Transactions and Smart Contracts

TL;DR

This work addresses the challenge of detecting attacks in blockchain transactions and smart contracts by proposing a privacy-preserving, decentralized framework that leverages a novel Bytecode-to-image representation of pending transactions. Each mining node locally trains a CNN detector on image-processed features and participates in collaborative learning to form a global model without sharing raw data, reducing network overhead. The authors introduce the BTAT dataset, built in a lab on a private Ethereum network, and demonstrate up to ~94% simulated accuracy and ~91% real-time accuracy with throughput exceeding 2,150 tps in favorable hardware, while handling diverse attack types including low-level Bytecode exploits. The approach preserves data privacy, scales across distributed nodes, and provides real-time monitoring capabilities, making it practically impactful for securing decentralized blockchain systems.

Abstract

With the escalating prevalence of malicious activities exploiting vulnerabilities in blockchain systems, there is an urgent requirement for robust attack detection mechanisms. To address this challenge, this paper presents a novel collaborative learning framework designed to detect attacks in blockchain transactions and smart contracts by analyzing transaction features. Our framework exhibits the capability to classify various types of blockchain attacks, including intricate attacks at the machine code level (e.g., injecting malicious codes to withdraw coins from users unlawfully), which typically necessitate significant time and security expertise to detect. To achieve that, the proposed framework incorporates a unique tool that transforms transaction features into visual representations, facilitating efficient analysis and classification of low-level machine codes. Furthermore, we propose an advanced collaborative learning model to enable real-time detection of diverse attack types at distributed mining nodes. Our model can efficiently detect attacks in smart contracts and transactions for blockchain systems without the need to gather all data from mining nodes into a centralized server. In order to evaluate the performance of our proposed framework, we deploy a pilot system based on a private Ethereum network and conduct multiple attack scenarios to generate a novel dataset. To the best of our knowledge, our dataset is the most comprehensive and diverse collection of transactions and smart contracts synthesized in a laboratory for cyberattack detection in blockchain systems. Our framework achieves a detection accuracy of approximately 94% through extensive simulations and 91% in real-time experiments with a throughput of over 2,150 transactions per second.

Figures (10)

• Figure 1: The system model of our proposed framework. While receiving transactions, our framework will perform preprocessing to extract important information. After that, our collaborative learning will perform the attack detection process to detect network normal behavior or a type of attack.
• Figure 2: The processes of our proposed framework: The captured pending transactions are preprocessed using the BCEC tool. This tool extracts important features of transactions and converts them into images. After that, the images are processed by the CNN and collaborative learning models to detect attacks.
• Figure 3: Real-time experiment setup.
• Figure 4: Visualization using t-SNE of BTAT dataset: (a) Visualization in 3D. (b) Visualization in 2D.
• Figure 5: The results of the preprocessing processes in different schemes.