Showing 1–3 of 3 results for author: Bakkali, H E

SmartLLMSentry: A Comprehensive LLM Based Smart Contract Vulnerability Detection Framework

Authors: Oualid Zaazaa, Hanan El Bakkali

Abstract: Smart contracts are essential for managing digital assets in blockchain networks, highlighting the need for effective security measures. This paper introduces SmartLLMSentry, a novel framework that leverages large language models (LLMs), specifically ChatGPT with in-context training, to advance smart contract vulnerability detection. Traditional rule-based frameworks have limitations in integratin… ▽ More Smart contracts are essential for managing digital assets in blockchain networks, highlighting the need for effective security measures. This paper introduces SmartLLMSentry, a novel framework that leverages large language models (LLMs), specifically ChatGPT with in-context training, to advance smart contract vulnerability detection. Traditional rule-based frameworks have limitations in integrating new detection rules efficiently. In contrast, SmartLLMSentry utilizes LLMs to streamline this process. We created a specialized dataset of five randomly selected vulnerabilities for model training and evaluation. Our results show an exact match accuracy of 91.1% with sufficient data, although GPT-4 demonstrated reduced performance compared to GPT-3 in rule generation. This study illustrates that SmartLLMSentry significantly enhances the speed and accuracy of vulnerability detection through LLMdriven rule integration, offering a new approach to improving Blockchain security and addressing previously underexplored vulnerabilities in smart contracts. △ Less

Submitted 28 November, 2024; originally announced November 2024.

Journal ref: Journal of Metaverse, Year 2024 Volume: 4 Issue: 2

Unveiling the Landscape of Smart Contract Vulnerabilities: A Detailed Examination and Codification of Vulnerabilities in Prominent Blockchains

Authors: Oualid Zaazaa, Hanan El Bakkali

Abstract: With the rise in using immature smart contract programming languages to build a decentralized application, more vulnerabilities have been introduced to the Blockchain and were the main reasons behind critical financial losses. Moreover, the immutability of Blockchain technology makes deployed smart contracts unfixable for the whole life of the Blockchain itself. The lack of complete and up-to-date… ▽ More With the rise in using immature smart contract programming languages to build a decentralized application, more vulnerabilities have been introduced to the Blockchain and were the main reasons behind critical financial losses. Moreover, the immutability of Blockchain technology makes deployed smart contracts unfixable for the whole life of the Blockchain itself. The lack of complete and up-to-date resources that explain those vulnerabilities in detail has also contributed to increasing the number of vulnerabilities in Blockchain. In addition, the lack of a standardized nomination of the existing vulnerabilities has made redundant research and made developers more confused. Therefore, in this paper, we propose the most complete list of smart contract vulnerabilities that exist in the most popular Blockchains with a detailed explanation of each one of them. In addition, we propose a new codification system that facilitates the communication of those vulnerabilities between developers and researchers. This codification, help identify the most uncovered vulnerabilities to focus on in future research. Moreover, the discussed list of vulnerabilities covers multiple Blockchain and could be used for even future built Blockchains. △ Less

Submitted 1 December, 2023; originally announced December 2023.

Journal ref: International Journal of Computer Networks & Communications (IJCNC) Vol.15, No.6, November 2023

A New Trust Reputation System for E-Commerce Applications

Authors: Hasnae Rahimi, Hanan EL Bakkali

Abstract: Robust Trust Reputation Systems (TRS) provide a most trustful reputation score for a specific product or service so as to support relying parties taking the right decision while interacting with an e-commerce application. Thus, TRS must rely on an appropriate architecture and suitable algorithms that are able to improve the selection, storage, generation and classification of textual feedbacks. In… ▽ More Robust Trust Reputation Systems (TRS) provide a most trustful reputation score for a specific product or service so as to support relying parties taking the right decision while interacting with an e-commerce application. Thus, TRS must rely on an appropriate architecture and suitable algorithms that are able to improve the selection, storage, generation and classification of textual feedbacks. In this work, we propose a new architecture for TRS in e-commerce applications. In fact, we propose an intelligent layer which displays to each feedback provider, who has already given his recommendation on a product, a collection of prefabricated feedbacks related to the same product. The proposed reputation algorithm generates better trust degree of the user, trust degree of the feedback and a better global reputation score of the product. △ Less

Submitted 13 May, 2014; originally announced May 2014.

Comments: 7 pages, 12 references. International Journal of Computer Science Issues (IJCSI) 2013