Projects per year
Abstract
In this paper, we test the hypothesis that although OpenAI’s GPT-4 performs well generally, we can fine-tune open-source models to outperform GPT-4 in smart contract vulnerability detection. We fine-tune two models from Meta’s Code Llama and a dataset of 17k prompts, Detect Llama - Foundation and Detect Llama - Instruct, and we also fine-tune OpenAI’s GPT-3.5 Turbo model (GPT-3.5FT). We then evaluate these models, plus a random baseline, on a testset we develop against GPT-4, and GPT-4 Turbo’s, detection of eight vulnerabilities from the dataset and the two top identified vulnerabilities - and their weighted F1 scores. We find that for binary classification (i.e., is this smart contract vulnerable?), our two best-performing models, GPT-3.5FT and Detect Llama - Foundation, achieve F1 scores of 0.776 and 0.68, outperforming both GPT-4 and GPT-4 Turbo, 0.66 and 0.675. For the evaluation against individual vulnerability identification, our top two models, GPT-3.5FT and Detect Llama - Foundation, both significantly outperformed GPT-4 and GPT-4 Turbo in both weighted F1 for all vulnerabilities (0.61 and 0.56 respectively against GPT-4’s 0.218 and GPT-4 Turbo’s 0.243) and weighted F1 for the top two identified vulnerabilities (0.719 for GPT-3.5FT, 0.674 for Detect Llama - Foundation against GPT-4’s 0.363 and GPT-4 Turbo’s 0.429).
Original language | English |
---|---|
Title of host publication | Information Security and Privacy - 29th Australasian Conference, ACISP 2024 Sydney, NSW, Australia, July 15–17, 2024 Proceedings, Part III |
Editors | Tianqing Zhu, Yannan Li |
Place of Publication | Singapore Singapore |
Publisher | Springer |
Pages | 424-443 |
Number of pages | 20 |
ISBN (Electronic) | 9789819751013 |
ISBN (Print) | 9789819751006 |
DOIs | |
Publication status | Published - 2024 |
Event | Australasian Conference on Information Security and Privacy 2024 - Sydney, Australia Duration: 15 Jul 2024 → 17 Jul 2024 Conference number: 29th https://link.springer.com/book/10.1007/978-981-97-5028-3 (Proceedings) https://www.acisp24.com/ (Website) |
Publication series
Name | Lecture Notes in Computer Science |
---|---|
Publisher | Springer |
Volume | 14897 |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | Australasian Conference on Information Security and Privacy 2024 |
---|---|
Abbreviated title | ACISP 2024 |
Country/Territory | Australia |
City | Sydney |
Period | 15/07/24 → 17/07/24 |
Internet address |
|
Keywords
- Ethereum
- Large Language Models
- Smart Contract Security
- Vulnerability detection
-
Scalable & Accountable Privacy-Preserving Blockchain with Enhanced Security
Liu, J., Steinfeld, R. & Yu, J.
25/05/23 → 24/05/26
Project: Research
-
A Scalable and Adaptive-Resilient Blockchain
Yu, J.
Australian Research Council (ARC)
28/07/21 → 28/07/24
Project: Research