CyLab Blockchain Seminar August 25, 2023 12:00pm — 1:00pm Location: In Person and Remote - ET - Room 2101, Mehrabian Collaborative Innovation Center, and Livestream (Room Change) Speaker: ARTHUR GERVAIS , Associate Professor of Information Security, University College London https://www.arthurgervais.com/ Do you still need a manual smart contract audit? Why pay tens of thousands of USD, and wait weeks for a smart contract security audit? In this paper, we explore the potential of using large language models (LLMs) to perform smart contract security audits. We explore prompt engineering for effective security analysis, while comparing the performance and accuracy of LLMs given a ground-truth dataset of 52 DeFi smart contracts that were attacked in the wild. On vulnerable contracts, our system SmartGPT achieves a hit rate of 40% on the correct vulnerability type, yet exhibits a high false positive rate which still requires manual auditor attention. We find that SmartGPT achieves a 20% better F1-score than a random model. Extending SmartGPT is as easy as providing a new vulnerability type name along its technical description. While there are many possible improvements, this study paves the way for faster, more cost-effective and systematic smart contract security audits using LLMs, revolutionizing the field of smart contract security. — Arthur Gervais is a distinguished computer scientist and Associate Professor of Information Security at University College London, where he leads a research group focused on blockchain security. His expertise spans smart contract security, decentralized systems, and blockchain privacy. Gervais has received numerous accolades for his contributions, including top-ranked computer security faculty status at UCL and Imperial, as well as Best Paper and Best Artifact awards. He has significantly impacted both academia and industry, with thousands of citations and six companies implementing his research. In addition to his position at UCL, Gervais is an Affiliate Faculty at UC Berkeley and a pioneer in blockchain education. He co-instructed the first DeFi Massive Open Online Course alongside renowned experts, attracting over 4,000 students. Gervais actively engages with the blockchain community, regularly speaking at community venues, serving on various committees and advising startups to drive innovation and security in the field. Faculty Host: Nicolas Christin This event is part of the CyLab Seminar Series and is made possible by a generous grant from the Ripple University Blockchain Research Initiative → In Person and Zoom Participation (Internal to CMU only) → This seminar will be publicly live streamed via CyLab’s YouTube channel. Event Website: https://www.cylab.cmu.edu/events/2023/08/25-seminar-gervais.html Add event to Google Add event to iCal
