International Journal of Networked and Distributed Computing

Volume 7, Issue 3, August 2019, Pages 121 - 132

Defects and Vulnerabilities in Smart Contracts, a Classification using the NIST Bugs Framework

Authors
Wesley Dingman1, Aviel Cohen1, Nick Ferrara1, Adam Lynch1, Patrick Jasinski1, Paul E. Black2, Lin Deng1, *
1Department of Computer and Information Sciences, Towson University, 8000 York Road, Towson, MD 21252, USA
2Software Quality Group, Systems and Software Division, Information Technology Laboratory, National Institute of Standards and Technology, 100 Bureau Drive, Gaithersburg, MD 20899, USA
*Corresponding author. Email: ldeng@towson.edu
Corresponding Author
Lin Deng
Received 23 March 2019, Accepted 20 May 2019, Available Online 5 August 2019.
DOI
https://doi.org/10.2991/ijndc.k.190710.003How to use a DOI?
Keywords
Blockchain, cryptocurrency, bug, smart contract, solidity, ethereum
Abstract

Rising to popularity in the last decade, blockchain technology has become the preferred platform for the transfer of digital currency. Unfortunately, many of these environments are rife with vulnerabilities exploited by financially motivated attackers. Worse yet, is that a structured analysis and classification of these vulnerabilities is lacking. In this paper, we present the first formal classifications of these vulnerabilities using National Institute of Standards and Technologies Bugs (NIST’S) Framework and propose two new classes: distributed system protocol (DSP) and distributed system resource management (DRM).

Copyright
© 2019 The Authors. Published by Atlantis Press SARL.
Open Access
This is an open access article distributed under the CC BY-NC 4.0 license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)
View full text (HTML)

Journal
International Journal of Networked and Distributed Computing
Volume-Issue
7 - 3
Pages
121 - 132
Publication Date
2019/08
ISSN (Online)
2211-7946
ISSN (Print)
2211-7938
DOI
https://doi.org/10.2991/ijndc.k.190710.003How to use a DOI?
Copyright
© 2019 The Authors. Published by Atlantis Press SARL.
Open Access
This is an open access article distributed under the CC BY-NC 4.0 license (http://creativecommons.org/licenses/by-nc/4.0/).

Cite this article

TY  - JOUR
AU  - Wesley Dingman
AU  - Aviel Cohen
AU  - Nick Ferrara
AU  - Adam Lynch
AU  - Patrick Jasinski
AU  - Paul E. Black
AU  - Lin Deng
PY  - 2019
DA  - 2019/08
TI  - Defects and Vulnerabilities in Smart Contracts, a Classification using the NIST Bugs Framework
JO  - International Journal of Networked and Distributed Computing
SP  - 121
EP  - 132
VL  - 7
IS  - 3
SN  - 2211-7946
UR  - https://doi.org/10.2991/ijndc.k.190710.003
DO  - https://doi.org/10.2991/ijndc.k.190710.003
ID  - Dingman2019
ER  -