|Name||Project Subject||Degree Level||Year||Industrial
|Siwei Zhang||Trace Visualization of Distributed and Centralized Applications||Master's||2023||
|Fredrik Svanholm||Implementation and Evaluation of a Decentralized Fund Protocol||Master's||2023||Centiglobe|
We have bachelor/master's degree project topics available, please contact me for an update on that if you are interested.
|Visiting Thomas Troels Hildebrandt with Cyrille Artho to continue working on our effort for capturing high-level design of smart contracts using DCR graphs.||10 March 2023|
|Based on my previous experience in our side-project on blockchain infrastructure for circular supply chains, I will attend ReCiPSS Day at KTH campus to get to know experiences and learnings from the implementation of the ReCiPSS project.
|16 Nov 2022|
|This year's STEW is an interesting one with speakers from Oracle, Spotify, Volvo, and Benoit Baudry from CASTOR. It will be a unique opportunity to see how my research in software security can be transferred to the software industry in the near to mid term future.
|15 Nov 2022|
|Launching our new product as a co-founder: Universal Token Forest||25 Oct 2022|
|I will be visiting Chalmers for a few weeks for a collaboration to investigate usage of DCR graphs in modeling and verification of smart contracts. I will work with Wolfgang Ahrendt and Gerardo Schneider from Chalmers and Thomas Troels Hildebrandt from University of Copenhagen.||20 Sep 2022|
I am a PhD student at Theoretical Computer Science division of KTH Royal Institute of Technology. My current research is focused on Monitoring Smart Contracts using state of the art static and dynamic techniques. I am working under the supervision of Cyrille Arthoand Dilian Gurov. The final goal of my thesis is to utilize technologies such as Static Analysis along with AI and Dynamic Analysis to build a framework to monitor and detect vulnerabilities in smart contracts with precision.
At 2019 I was awarded a master's degree in Information Technology Engineering from University of Tehran after successfully performing research in two fields ofInternet of Things andNetwork Monitoring. The latter project was conducted in Telecom Paristech LINCS laboratory.
EASE 2021:Dynamic Vulnerability Detection on Smart Contracts Using Machine Learning
In this work we propose Dynamit, a monitoring framework to detect reentrancy vulnerabilities in Ethereum smart contracts. The novelty of our framework is that it relies only on transaction metadata and balance data from the blockchain system; our approach requires no domain knowledge, code instrumentation, or special execution environment. Dynamit extracts features from transaction data and uses a machine learning model to classify transactions as benign or harmful. Therefore, not only can we find the contracts that are vulnerable to reentrancy attacks, but we also get an execution trace that reproduces the attack. Using a random forest classifier, our model achieved more than 90 percent accuracy on 105 transactions, showing the potential of our technique.
Contributions to finding bugs/vulnerabilities
A potential vulnerability reported to SWCRegistry:
The details of this issue can be seen in the following commit:
Detector-candidate reported to Slither project:
In the Solidity compiler project:
One ambiguous feature:
Supervisor of Degree Projects
As a doctoral student at KTH I can be your master's thesis supervisor. You will have the opportunity to be part of a bigger project and gain research experience from being involved in an interesting area of cyber-security. If you are a master's student in Sweden and would like to work on the intersection of Deep Learning, Security, and Blockchain feel free to contact me by email.
Computer Security (DD2395), assistant | Course web
Internet Programming (DD1386), assistant | Course web
Network Programming (ID1212), assistant | Course web
Software Engineering Fundamentals (DD2480), assistant | Course web
Software Safety and Security (DD2460), assistant | Course web