-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.bib
292 lines (240 loc) · 9.34 KB
/
main.bib
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
% Papers refering to smart contracts vulnerabilities
% ==================================================
@inproceedings{atzei2017survey,
title={A survey of attacks on ethereum smart contracts (sok)},
author={Atzei, Nicola and Bartoletti, Massimo and Cimoli, Tiziana},
booktitle={International conference on principles of security and trust},
pages={164--186},
year={2017},
organization={Springer}
}
% General
===========
@article{nakamoto2008bitcoin,
title={Bitcoin: A peer-to-peer electronic cash system},
author={Nakamoto, Satoshi},
journal={Decentralized Business Review},
pages={21260},
year={2008}
}
@article{buterin2013ethereum,
title={Ethereum white paper},
author={Buterin, Vitalik and others},
journal={GitHub repository},
volume={1},
pages={22--23},
year={2013}
}
% Websites
===========
@misc{connectedpapers,
title={Find and explore academic papers},
howpublished = {\url{https://www.connectedpapers.com/}},
note = {Accessed: 2021-11-04}
}
@misc{coinmarketcap,
title={Coinmarketcap},
howpublished = {\url{https://coinmarketcap.com}},
note = {Accessed: 2022-01-21}
}
@misc{evm,
title={Ethereum Virtual Machine},
howpublished = {\url{https://ethereum.org/en/developers/docs/evm/}},
note = {Accessed: 2022-01-21}
}
@misc{opcodes,
title={Ethereum Virtual Machine opcodes},
howpublished = {\url{https://ethereum.org/en/developers/docs/evm/opcodes}},
note = {Accessed: 2022-01-21}
}
@misc{solidity,
title={Solidity},
howpublished = {\url{https://docs.soliditylang.org/en/v0.8.11/}},
note = {Accessed: 2022-01-21}
}
@misc{gas_fees,
title={Gas Fees},
howpublished = {\url{https://ethereum.org/en/developers/docs/gas/}},
note = {Accessed: 2022-01-21}
}
@misc{dao,
title={The DAO},
howpublished = {\url{https://en.wikipedia.org/wiki/The_DAO_(organization)}},
note = {Accessed: 2022-01-21}
}
@misc{reentrancy,
title={Reentrancy Attack},
howpublished = {\url{https://consensys.github.io/smart-contract-best-practices/known_attacks/}},
note = {Accessed: 2022-01-21}
}
@misc{parity,
title={Parity Wallet},
howpublished = {\url{https://blog.openzeppelin.com/on-the-parity-wallet-multisig-hack-405a8c12e8f7/}},
note = {Accessed: 2022-01-21}
}
@misc{consensys_send,
title={Secure Development Recommendations},
howpublished = {\url{https://consensys.github.io/smart-contract-best-practices/recommendations/}},
note = {Accessed: 2022-01-21}
}
@misc{solidity8,
title={Ethereum Blockchain Developer Guide},
howpublished = {\url{https://ethereum-blockchain-developer.com/010-solidity-basics/03-integer-overflow-underflow/#solidity-08-difference
}},
note = {Accessed: 2022-01-21}
}
@misc{basicBlocks,
title={Basic Blocks in Compiler Design},
howpublished = {\url{https://www.geeksforgeeks.org/basic-blocks-in-compiler-design/}},
note = {Accessed: 2022-01-21}
}
@misc{z3Solver,
title={Z3 Theorem Prover},
howpublished = {\url{https://github.com/Z3Prover/z3}},
note = {Accessed: 2022-01-21}
}
@misc{afl,
title={AFL},
howpublished = {\url{https://lcamtuf.coredump.cx/afl/}},
note = {Accessed: 2022-01-21}
}
% Detecting vulnerabilities papers
% ================================
@article{ashraf2020gasfuzzer,
title={GasFuzzer: Fuzzing Ethereum Smart Contract Binaries to Expose Gas-Oriented Exception Security Vulnerabilities},
author={Ashraf, Imran and Ma, Xiaoxue and Jiang, Bo and Chan, Wing Kwong},
journal={IEEE Access},
volume={8},
pages={99552--99564},
year={2020},
publisher={IEEE}
}
@inproceedings{liu2018reguard,
title={Reguard: finding reentrancy bugs in smart contracts},
author={Liu, Chao and Liu, Han and Cao, Zhao and Chen, Zhong and Chen, Bangdao and Roscoe, Bill},
booktitle={2018 IEEE/ACM 40th International Conference on Software Engineering: Companion (ICSE-Companion)},
pages={65--68},
year={2018},
organization={IEEE}
}
@inproceedings{liao2019soliaudit,
title={Soliaudit: Smart contract vulnerability assessment based on machine learning and fuzz testing},
author={Liao, Jian-Wei and Tsai, Tsung-Ta and He, Chia-Kang and Tien, Chin-Wei},
booktitle={2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS)},
pages={458--465},
year={2019},
organization={IEEE}
}
@inproceedings{zhang2020ethploit,
title={Ethploit: From fuzzing to efficient exploit generation against smart contracts},
author={Zhang, Qingzhao and Wang, Yizhuo and Li, Juanru and Ma, Siqi},
booktitle={2020 IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER)},
pages={116--126},
year={2020},
organization={IEEE}
}
@inproceedings{jiang2018contractfuzzer,
title={Contractfuzzer: Fuzzing smart contracts for vulnerability detection},
author={Jiang, Bo and Liu, Ye and Chan, WK},
booktitle={2018 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE)},
pages={259--269},
year={2018},
organization={IEEE}
}
@inproceedings{bhargavan2016formal,
title={Formal verification of smart contracts: Short paper},
author={Bhargavan, Karthikeyan and Delignat-Lavaud, Antoine and Fournet, C{\'e}dric and Gollamudi, Anitha and Gonthier, Georges and Kobeissi, Nadim and Kulatova, Natalia and Rastogi, Aseem and Sibut-Pinote, Thomas and Swamy, Nikhil and others},
booktitle={Proceedings of the 2016 ACM workshop on programming languages and analysis for security},
pages={91--96},
year={2016}
}
@article{grech2018madmax,
title={Madmax: Surviving out-of-gas conditions in ethereum smart contracts},
author={Grech, Neville and Kong, Michael and Jurisevic, Anton and Brent, Lexi and Scholz, Bernhard and Smaragdakis, Yannis},
journal={Proceedings of the ACM on Programming Languages},
volume={2},
number={OOPSLA},
pages={1--27},
year={2018},
publisher={ACM New York, NY, USA}
}
@inproceedings{nikolic2018finding,
title={Finding the greedy, prodigal, and suicidal contracts at scale},
author={Nikoli{\'c}, Ivica and Kolluri, Aashish and Sergey, Ilya and Saxena, Prateek and Hobor, Aquinas},
booktitle={Proceedings of the 34th Annual Computer Security Applications Conference},
pages={653--663},
year={2018}
}
@inproceedings{mossberg2019manticore,
title={Manticore: A user-friendly symbolic execution framework for binaries and smart contracts},
author={Mossberg, Mark and Manzano, Felipe and Hennenfent, Eric and Groce, Alex and Grieco, Gustavo and Feist, Josselin and Brunson, Trent and Dinaburg, Artem},
booktitle={2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE)},
pages={1186--1189},
year={2019},
organization={IEEE}
}
@inproceedings{luu2016making,
title={Making smart contracts smarter},
author={Luu, Loi and Chu, Duc-Hiep and Olickel, Hrishi and Saxena, Prateek and Hobor, Aquinas},
booktitle={Proceedings of the 2016 ACM SIGSAC conference on computer and communications security},
pages={254--269},
year={2016}
}
@inproceedings{tsankov2018securify,
title={Securify: Practical security analysis of smart contracts},
author={Tsankov, Petar and Dan, Andrei and Drachsler-Cohen, Dana and Gervais, Arthur and Buenzli, Florian and Vechev, Martin},
booktitle={Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security},
pages={67--82},
year={2018}
}
@inproceedings{feist2019slither,
title={Slither: a static analysis framework for smart contracts},
author={Feist, Josselin and Grieco, Gustavo and Groce, Alex},
booktitle={2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB)},
pages={8--15},
year={2019},
organization={IEEE}
}
@inproceedings{tikhomirov2018smartcheck,
title={Smartcheck: Static analysis of ethereum smart contracts},
author={Tikhomirov, Sergei and Voskresenskaya, Ekaterina and Ivanitskiy, Ivan and Takhaviev, Ramil and Marchenko, Evgeny and Alexandrov, Yaroslav},
booktitle={Proceedings of the 1st International Workshop on Emerging Trends in Software Engineering for Blockchain},
pages={9--16},
year={2018}
}
@inproceedings{krupp2018teether,
title={teether: Gnawing at ethereum to automatically exploit smart contracts},
author={Krupp, Johannes and Rossow, Christian},
booktitle={27th $\{$USENIX$\}$ Security Symposium ($\{$USENIX$\}$ Security 18)},
pages={1317--1333},
year={2018}
}
@inproceedings{kalra2018zeus,
title={Zeus: Analyzing safety of smart contracts.},
author={Kalra, Sukrit and Goel, Seep and Dhawan, Mohan and Sharma, Subodh},
booktitle={Ndss},
pages={1--12},
year={2018}
}
@inproceedings{permenev2020verx,
title={Verx: Safety verification of smart contracts},
author={Permenev, Anton and Dimitrov, Dimitar and Tsankov, Petar and Drachsler-Cohen, Dana and Vechev, Martin},
booktitle={2020 IEEE Symposium on Security and Privacy (SP)},
pages={1661--1677},
year={2020},
organization={IEEE}
}
@article{brent2018vandal,
title={Vandal: A scalable security analysis framework for smart contracts},
author={Brent, Lexi and Jurisevic, Anton and Kong, Michael and Liu, Eric and Gauthier, Francois and Gramoli, Vincent and Holz, Ralph and Scholz, Bernhard},
journal={arXiv preprint arXiv:1809.03981},
year={2018}
}
@inproceedings{khan2020ethereum,
title={Ethereum Smart Contracts: Vulnerabilities and their Classifications},
author={Khan, Zulfiqar Ali and Namin, Akbar Siami},
booktitle={2020 IEEE International Conference on Big Data (Big Data)},
pages={1--10},
year={2020},
organization={IEEE}
}