Defects and Vulnerabilities in Smart Contracts, a Classification using the NIST Bugs Framework

Wesley Dingman; Aviel Cohen; Nick Ferrara; Adam Lynch; Patrick Jasinski; Paul E. Black; Lin Deng

doi:10.2991/ijndc.k.190710.003

<Previous Article In Issue

Next Article In Issue>

Volume 7, Issue 3, July 2019, Pages 121 - 132

Defects and Vulnerabilities in Smart Contracts, a Classification using the NIST Bugs Framework

Authors

Wesley Dingman¹, Aviel Cohen¹, Nick Ferrara¹, Adam Lynch¹, Patrick Jasinski¹, Paul E. Black², Lin Deng¹^{, *}

¹Department of Computer and Information Sciences, Towson University, 8000 York Road, Towson, MD 21252, USA

²Software Quality Group, Systems and Software Division, Information Technology Laboratory, National Institute of Standards and Technology, 100 Bureau Drive, Gaithersburg, MD 20899, USA

^*Corresponding author. Email: ldeng@towson.edu

Corresponding Author

Lin Deng

Received 23 March 2019, Accepted 20 May 2019, Available Online 23 July 2019.

DOI: 10.2991/ijndc.k.190710.003 How to use a DOI?
Keywords: Blockchain; cryptocurrency; bug; smart contract; solidity; ethereum
Abstract: Rising to popularity in the last decade, blockchain technology has become the preferred platform for the transfer of digital currency. Unfortunately, many of these environments are rife with vulnerabilities exploited by financially motivated attackers. Worse yet, is that a structured analysis and classification of these vulnerabilities is lacking. In this paper, we present the first formal classifications of these vulnerabilities using National Institute of Standards and Technologies Bugs (NIST’S) Framework and propose two new classes: distributed system protocol (DSP) and distributed system resource management (DRM).
Copyright: © 2019 The Authors. Published by Atlantis Press SARL.
Open Access: This is an open access article distributed under the CC BY-NC 4.0 license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)
View full text (HTML)

<Previous Article In Issue

Next Article In Issue>

Journal: International Journal of Networked and Distributed Computing
Volume-Issue: 7 - 3
Pages: 121 - 132
Publication Date: 2019/07/23
ISSN (Online): 2211-7946
ISSN (Print): 2211-7938
DOI: 10.2991/ijndc.k.190710.003 How to use a DOI?
Open Access: This is an open access article distributed under the CC BY-NC 4.0 license (http://creativecommons.org/licenses/by-nc/4.0/).

Cite this article

ris enw bib

TY  - JOUR
AU  - Wesley Dingman
AU  - Aviel Cohen
AU  - Nick Ferrara
AU  - Adam Lynch
AU  - Patrick Jasinski
AU  - Paul E. Black
AU  - Lin Deng
PY  - 2019
DA  - 2019/07/23
TI  - Defects and Vulnerabilities in Smart Contracts, a Classification using the NIST Bugs Framework
JO  - International Journal of Networked and Distributed Computing
SP  - 121
EP  - 132
VL  - 7
IS  - 3
SN  - 2211-7946
UR  - https://doi.org/10.2991/ijndc.k.190710.003
DO  - 10.2991/ijndc.k.190710.003
ID  - Dingman2019
ER  -

download .riscopy to clipboard