{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,26]],"date-time":"2026-02-26T15:25:04Z","timestamp":1772119504463,"version":"3.50.1"},"reference-count":37,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2025,7,22]],"date-time":"2025-07-22T00:00:00Z","timestamp":1753142400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2025,7,22]],"date-time":"2025-07-22T00:00:00Z","timestamp":1753142400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100004377","name":"The Hong Kong Polytechnic University","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100004377","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2025,8]]},"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>Smart contracts and blockchain technology have revolutionized our transactions and interactions with digital systems, yet their vulnerabilities can lead to devastating consequences such as financial losses, data breaches, and compromised system integrity. Existing detection methods, including static analysis, dynamic analysis, and machine learning-based approaches, have their limitations, such as requiring large amounts of labeled data or being computationally expensive. To address these limitations, we propose a novel approach that leverages a One-Class Variational Autoencoder (VAE) with CodeBERT for data pre-processing to detect vulnerabilities in smart contracts. Our approach achieved a higher F1 score (88.93%) compared to the baselines evaluated, even when labeled data is limited. This paper contributes to the development of effective and efficient vulnerability detection methods, ultimately enhancing the security and reliability of smart contracts and blockchain-based systems. By demonstrating superior performance in imbalanced data scenarios, our method offers a practical solution for real-world applications in blockchain security.<\/jats:p>","DOI":"10.1007\/s10207-025-01102-3","type":"journal-article","created":{"date-parts":[[2025,7,22]],"date-time":"2025-07-22T18:45:50Z","timestamp":1753209950000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["A One-class variational autoencoder for smart contract vulnerability detection"],"prefix":"10.1007","volume":"24","author":[{"given":"Shaowei","family":"Guan","sequence":"first","affiliation":[]},{"given":"Ngai Fong","family":"Law","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,7,22]]},"reference":[{"issue":"5","key":"1102_CR1","doi-asserted-by":"publisher","first-page":"63","DOI":"10.7176\/JIEA\/9-5-07","volume":"9","author":"S Nzuva","year":"2019","unstructured":"Nzuva, S.: Smart contracts implementation, applications, benefits, and limitations. Journal of Information Engineering and Applications 9(5), 63\u201375 (2019). https:\/\/doi.org\/10.7176\/JIEA\/9-5-07","journal-title":"Journal of Information Engineering and Applications"},{"key":"1102_CR2","doi-asserted-by":"crossref","unstructured":"Bartoletti, M., Pompianu, L.: An empirical analysis of smart contracts: Platforms, applications, and design patterns. In: Financial Cryptography and Data Security. FC 2017 International Workshops, WAHC, BITCOIN, VOTING, WTSC, and TA, Sliema, Malta (2017)","DOI":"10.1007\/978-3-319-70278-0_31"},{"key":"1102_CR3","doi-asserted-by":"publisher","first-page":"2292","DOI":"10.1109\/access.2016.2566339","volume":"4","author":"K Christidis","year":"2016","unstructured":"Christidis, K., Devetsikiotis, M.: Blockchains and smart contracts for the Internet of Things. IEEE Access. 4, 2292\u20132303 (2016). https:\/\/doi.org\/10.1109\/access.2016.2566339","journal-title":"IEEE Access."},{"key":"1102_CR4","doi-asserted-by":"crossref","unstructured":"Atzei, N., Bartoletti, M., Cimoli, T.: A survey of attacks on Ethereum smart contracts (SoK). In: Principles of Security and Trust: 6th International Conference, POST 2017, Uppsala, Sweden (2017)","DOI":"10.1007\/978-3-662-54455-6_8"},{"key":"1102_CR5","unstructured":"Siegel, D.: Understanding the DAO attack. CoinDesk. https:\/\/www.coindesk.com\/learn\/understanding-the-dao-attack\/ (2016). Accessed 21 Oct. 2024"},{"key":"1102_CR6","unstructured":"Behnke, R.: Explained: The platypus finance hack (October 2023). Halborn. https:\/\/www.halborn.com\/blog\/post\/explained-the-platypus-finance-hack-october-2023 (2023). Accessed 21 Oct. 2024"},{"key":"1102_CR7","doi-asserted-by":"publisher","unstructured":"Tsankov, P., Dan, A., Drachsler-Cohen, D., Gervais, A., B\u00fcnzli, F., Vechev, M.: Securify: Practical security analysis of smart contracts. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 67\u201382 (2018). https:\/\/doi.org\/10.1145\/3243734.3243780","DOI":"10.1145\/3243734.3243780"},{"key":"1102_CR8","doi-asserted-by":"crossref","unstructured":"Chang, J., Gao, B., Xiao, H., Sun, J., Cai, Y., Yang, Z.: sCompile: Critical path identification and analysis for smart contracts. In: Formal Methods and Software Engineering: 21st International Conference on Formal Engineering Methods, ICFEM 2019, Shenzhen, China (2019)","DOI":"10.1007\/978-3-030-32409-4_18"},{"key":"1102_CR9","doi-asserted-by":"publisher","unstructured":"Wang, S., Zhang, C., Su, Z.: Detecting nondeterministic payment bugs in Ethereum smart contracts. Proceedings of ACM on Programming Languages. 3(OOPSLA), 1\u201329 (2019). https:\/\/doi.org\/10.1145\/3360615","DOI":"10.1145\/3360615"},{"key":"1102_CR10","doi-asserted-by":"publisher","unstructured":"Dattaprasad, P., Vijaya, B.: An overview of blockchain technology: Architecture, consensus, and future trends. Int. J. Adv. Res. Sci. Commun. Technol. 293\u2013298 (2023). https:\/\/doi.org\/10.48175\/IJARSCT-8158","DOI":"10.48175\/IJARSCT-8158"},{"key":"1102_CR11","doi-asserted-by":"publisher","unstructured":"Feng, Z., Guo, D., Tang, D., et al.: CodeBERT: A pre-trained model for programming and natural languages. In Findings of the Association for Computational Linguistics: EMNLP 2020. 1536\u20131547 (2020). https:\/\/doi.org\/10.18653\/v1\/2020.findings-emnlp.139","DOI":"10.18653\/v1\/2020.findings-emnlp.139"},{"key":"1102_CR12","doi-asserted-by":"crossref","unstructured":"Liu, C., Liu, H., Cao, Z., Chen, Z., Chen, B., Roscoe, B.: ReGuard: Finding reentrancy bugs in smart contracts. In: Proceedings of the 40th International Conference on Software Engineering: Companion Proceedings, 65-68 (2018)","DOI":"10.1145\/3183440.3183495"},{"key":"1102_CR13","doi-asserted-by":"publisher","unstructured":"Hao, X., Ren, W., Zheng, W., Zhu, T.: SCScan: A SVM-based scanning system for vulnerabilities in blockchain smart contracts. In: 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). IEEE, 1598\u20131605 (2020). https:\/\/doi.org\/10.1109\/TrustCom50675.2020.00221","DOI":"10.1109\/TrustCom50675.2020.00221"},{"issue":"2","key":"1102_CR14","doi-asserted-by":"publisher","first-page":"1133","DOI":"10.1109\/TNSE.2020.2968505","volume":"8","author":"W Wang","year":"2021","unstructured":"Wang, W., Song, J., Xu, G., Li, Y., Wang, H., Su, C.: ContractWard: Automated Vulnerability Detection Models for Ethereum Smart Contracts. IEEE Transactions on Network Science and Engineering. 8(2), 1133\u20131144 (2021). https:\/\/doi.org\/10.1109\/TNSE.2020.2968505","journal-title":"IEEE Transactions on Network Science and Engineering."},{"key":"1102_CR15","doi-asserted-by":"publisher","unstructured":"Lou, Y., Zhang, Y., Chen, S.: Ponzi Contracts Detection Based on Improved Convolutional Neural Network. 2020 IEEE International Conference on Services Computing (SCC), Beijing, China. 353-360 (2020). https:\/\/doi.org\/10.1109\/SCC49832.2020.00053.","DOI":"10.1109\/SCC49832.2020.00053."},{"key":"1102_CR16","doi-asserted-by":"publisher","first-page":"19685","DOI":"10.1109\/ACCESS.2020.2969429","volume":"8","author":"P Qian","year":"2020","unstructured":"Qian, P., Liu, Z., He, Q., Zimmermann, R., Wang, X.: Towards automated reentrancy detection for smart contracts based on sequential models. IEEE Access. 8, 19685\u201319695 (2020). https:\/\/doi.org\/10.1109\/ACCESS.2020.2969429","journal-title":"IEEE Access."},{"key":"1102_CR17","doi-asserted-by":"publisher","unstructured":"Zhuang, Y., Liu, Z., Qian, P., Liu, Q., Wang, X., He, Q.: Smart contract vulnerability detection using graph neural networks. In Proceedings of the Twenty-Ninth International Joint Conference on Artificial Intelligence (IJCAI\u201920). 454, 3283\u20133290 (2021). https:\/\/doi.org\/10.24963\/ijcai.2020\/454","DOI":"10.24963\/ijcai.2020\/454"},{"issue":"1","key":"1102_CR18","doi-asserted-by":"publisher","first-page":"20106","DOI":"10.1038\/s41598-023-47219-0","volume":"13","author":"X Tang","year":"2023","unstructured":"Tang, X., Du, Y., Lai, A., Zhang, Z., Shi, L.: Deep learning-based solution for smart contract vulnerabilities detection. Sci. Rep. 13(1), 20106 (2023). https:\/\/doi.org\/10.1038\/s41598-023-47219-0","journal-title":"Sci. Rep."},{"key":"1102_CR19","doi-asserted-by":"crossref","unstructured":"Jiang, F., Cao, Y., Xiao, J., Yi, H., Lei, G., Liu, M., Deng, S., Wang, H.: VDDL: A deep learning-based vulnerability detection model for smart contracts. In Proceedings of the International Conference on Machine Learning for Cyber Security, Nadi, Fiji. 72\u201386. (2023)","DOI":"10.1007\/978-3-031-20096-0_6"},{"key":"1102_CR20","doi-asserted-by":"publisher","unstructured":"Sun, X., Tu, L., Zhang, J., Cai, J., Li, B., Wang, Y.: ASSBert: Active and semi-supervised bert for smart contract vulnerability detection. Journal of Information Security and Applications. 73, 103423- (2023). https:\/\/doi.org\/10.1016\/j.jisa.2023.103423","DOI":"10.1016\/j.jisa.2023.103423"},{"issue":"5","key":"1102_CR21","doi-asserted-by":"publisher","first-page":"896","DOI":"10.1016\/j.icte.2022.11.006","volume":"9","author":"S Dong","year":"2023","unstructured":"Dong, S., Su, H., Liu, Y.: A-CAVE: Network abnormal traffic detection algorithm based on variational autoencoder. ICT Express. 9(5), 896\u2013902 (2023). https:\/\/doi.org\/10.1016\/j.icte.2022.11.006","journal-title":"ICT Express."},{"key":"1102_CR22","doi-asserted-by":"crossref","unstructured":"Khalid, H., Woo, S.S.: Oc-fakedect: Classifying deepfakes using one-class variational autoencoder. In: Proceedings of the IEEE\/CVF Conference on Computer Vision and Pattern Recognition Workshops, 656-657 (2020)","DOI":"10.1109\/CVPRW50498.2020.00336"},{"issue":"3","key":"1102_CR23","doi-asserted-by":"publisher","first-page":"562","DOI":"10.1134\/S1054661824700366","volume":"34","author":"H Dong","year":"2024","unstructured":"Dong, H., Kotenko, I.V.: Convolutional variational autoencoders and resampling techniques with generative adversarial network for enhancing Internet of Thing security. Pattern Recognit Image Anal. 34(3), 562\u2013569 (2024). https:\/\/doi.org\/10.1134\/S1054661824700366","journal-title":"Pattern Recognit Image Anal."},{"key":"1102_CR24","doi-asserted-by":"crossref","unstructured":"Qian, P., Liu, Z., Yin, Y., He, Q.: Cross-modality mutual learning for enhancing smart contract vulnerability detection on bytecode. In: Proceedings of the ACM Web Conference 2023, 2220\u20132229 (2023)","DOI":"10.1145\/3543507.3583367"},{"key":"1102_CR25","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1109\/TIFS.2023.3237370","volume":"18","author":"Z Liu","year":"2023","unstructured":"Liu, Z., Qian, P., Yang, J., Liu, L., Xu, X., He, Q., Zhang, X.: Rethinking smart contract fuzzing: Fuzzing with invocation ordering and important branch revisiting. IEEE Trans. Inf. Forensics Secur. 18, 1\u20131 (2023). https:\/\/doi.org\/10.1109\/TIFS.2023.3237370","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"1102_CR26","doi-asserted-by":"publisher","unstructured":"Tann, W.J.-W., Han, X.J., Gupta, S.S., Ong, Y.-S.: Towards safer smart contracts: A sequence learning approach to detecting security threats. arXiv preprint (2018). https:\/\/doi.org\/10.48550\/arxiv.1811.06632","DOI":"10.48550\/arxiv.1811.06632"},{"key":"1102_CR27","doi-asserted-by":"crossref","unstructured":"Ghaleb, A., Pattabiraman, K.: How effective are smart contract analysis tools? Evaluating smart contract static analysis tools using bug injection. In: Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis, 415\u2013427 (2020)","DOI":"10.1145\/3395363.3397385"},{"key":"1102_CR28","unstructured":"Rossini, M.: Slither Audited Smart Contracts Dataset. https:\/\/github.com\/mwritescode\/slither-audited-smart-contracts (2022). Accessed 1 Oct. 2023"},{"key":"1102_CR29","unstructured":"Ethereum (ETH) blockchain explorer. https:\/\/etherscan.io\/ (2024). Accessed 1 Oct. 2024"},{"key":"1102_CR30","doi-asserted-by":"crossref","unstructured":"Liew, S.R.C., Law, N.F.: BEAM - An algorithm for detecting phishing link. In: 2022 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC), IEEE, 598-604 (2022)","DOI":"10.23919\/APSIPAASC55919.2022.9979860"},{"key":"1102_CR31","doi-asserted-by":"publisher","unstructured":"Devlin, J., Chang, M.-W., Lee, K., Toutanova, K.: BERT: Pre-training of deep bidirectional transformers for language understanding. In Proceedings of the 2019 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies, Volume 1 (Long and Short Papers), pages 4171\u20134186, Minneapolis, Minnesota. Association for Computational Linguistics. (2019). https:\/\/doi.org\/10.18653\/v1\/N19-1423","DOI":"10.18653\/v1\/N19-1423"},{"key":"1102_CR32","doi-asserted-by":"publisher","unstructured":"Sanh, V., Debut, L., Chaumond, J., Wolf, T.: DistilBERT, a distilled version of BERT: smaller, faster, cheaper and lighter. arXiv preprint (2019). https:\/\/doi.org\/10.48550\/arxiv.1910.01108","DOI":"10.48550\/arxiv.1910.01108"},{"key":"1102_CR33","doi-asserted-by":"publisher","unstructured":"Bond-Taylor, S., Leach, A., Long, Y., Willcocks, C.G.: Deep Generative Modelling: A Comparative Review of VAEs, GANs, Normalizing Flows, Energy-Based and Autoregressive Models. IEEE Trans. Pattern Anal. Mach. Intell. 44(11), 7327\u20137347 (2022). https:\/\/doi.org\/10.1109\/TPAMI.2021.3116668","DOI":"10.1109\/TPAMI.2021.3116668"},{"key":"1102_CR34","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1186\/s42400-023-00183-8","volume":"6","author":"S Liew","year":"2023","unstructured":"Liew, S., Law, N.F.: Use of subword tokenization for domain generation algorithm classification. Cybersecurity. 6, 49 (2023). https:\/\/doi.org\/10.1186\/s42400-023-00183-8","journal-title":"Cybersecurity."},{"key":"1102_CR35","doi-asserted-by":"publisher","unstructured":"Zhang, Y., Kang, S., Dai, W., Chen, S., Zhu, J.: Code will speak: Early detection of Ponzi smart contracts on Ethereum. In: 2021 IEEE International Conference on Services Computing (SCC). 55, 301\u2013308 (2021). https:\/\/doi.org\/10.1109\/scc53864.2021.00043","DOI":"10.1109\/scc53864.2021.00043"},{"key":"1102_CR36","doi-asserted-by":"publisher","unstructured":"L\u00ea, H.B., L\u00ea, \u0110.T.,\u0110o\u00e0n, M.T., et al.: Contextual language model and transfer learning for reentrancy vulnerability detection in smart contracts. In: Proceedings of the 12th International Symposium on Information and Communication Technology. 739\u2013745 (2023). https:\/\/doi.org\/10.1145\/3628797.3628945","DOI":"10.1145\/3628797.3628945"},{"key":"1102_CR37","doi-asserted-by":"publisher","DOI":"10.2196\/65397","volume":"27","author":"S Guan","year":"2025","unstructured":"Guan, S., Hui, V., Stiglic, G., Constantino, R.E., Lee, Y.J., Wong, A.: Classifying the Information Needs of Survivors of Domestic Violence in Online Health Communities Using Large Language Models: Prediction Model Development and Evaluation Study. J. Med. Internet Res. 27, e65397 (2025). https:\/\/doi.org\/10.2196\/65397","journal-title":"J. Med. Internet Res."}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-025-01102-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-025-01102-3\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-025-01102-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,5]],"date-time":"2025-09-05T11:33:20Z","timestamp":1757072000000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-025-01102-3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,7,22]]},"references-count":37,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2025,8]]}},"alternative-id":["1102"],"URL":"https:\/\/doi.org\/10.1007\/s10207-025-01102-3","relation":{"has-preprint":[{"id-type":"doi","id":"10.21203\/rs.3.rs-6281849\/v1","asserted-by":"object"}]},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,7,22]]},"assertion":[{"value":"22 July 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"183"}}