Haoxin Sun¹, Xiao Yu^1,*, Jiale Li¹, Yitong Xu¹, Jie Yu¹, Huanhuan Li¹, Yuanzhang Li², Yu-An Tan²

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-15, 2026, DOI:10.32604/cmc.2025.070930 - 09 December 2025

Abstract Since the advent of smart contracts, security vulnerabilities have remained a persistent challenge, compromsing both the reliability of contract execution and the overall stability of the virtual currency market. Consequently, the academic community has devoted increasing attention to these security risks. However, conventional approaches to vulnerability detection frequently exhibit limited accuracy. To address this limitation, the present study introduces a novel vulnerability detection framework called GNNSE that integrates symbolic execution with graph neural networks (GNNs). The proposed method first constructs semantic graphs to comprehensively capture the control flow and data flow dependencies within smart contracts. More >

Yan Cao^#, Zhizhuang Zhou^#, Yan Zhuang^*

CMC-Computers, Materials & Continua, Vol.84, No.1, pp. 1545-1565, 2025, DOI:10.32604/cmc.2025.062743 - 09 June 2025

Abstract Code obfuscation is a crucial technique for protecting software against reverse engineering and security attacks. Among various obfuscation methods, opaque predicates, which are recognized as flexible and promising, are widely used to increase control-flow complexity. However, traditional opaque predicates are increasingly vulnerable to Dynamic Symbolic Execution (DSE) attacks, which can efficiently identify and eliminate them. To address this issue, this paper proposes a novel approach for anti-DSE opaque predicates that effectively resists symbolic execution-based deobfuscation. Our method introduces two key techniques: single-way function opaque predicates, which leverage hash functions and logarithmic transformations to prevent constraint More >

Zhenhui Li¹, Shuangping Xing¹, Lin Yu¹, Huiping Li¹, Fan Zhou¹, Guangqiang Yin¹, Xikai Tang², Zhiguo Wang^1,*

CMC-Computers, Materials & Continua, Vol.78, No.2, pp. 1861-1879, 2024, DOI:10.32604/cmc.2023.046595 - 27 February 2024

Abstract Software security analysts typically only have access to the executable program and cannot directly access the source code of the program. This poses significant challenges to security analysis. While it is crucial to identify vulnerabilities in such non-source code programs, there exists a limited set of generalized tools due to the low versatility of current vulnerability mining methods. However, these tools suffer from some shortcomings. In terms of targeted fuzzing, the path searching for target points is not streamlined enough, and the completely random testing leads to an excessively large search space. Additionally, when it… More >

Pengzhi Xu^1,2, Zetian Mai^1,2, Yuhao Lin¹, Zhen Guo^1,2,*, Victor S. Sheng³

Journal of Information Hiding and Privacy Protection, Vol.3, No.4, pp. 165-179, 2021, DOI:10.32604/jihpp.2021.027280 - 22 March 2022

Abstract With the increase of software complexity, the security threats faced by the software are also increasing day by day. So people pay more and more attention to the mining of software vulnerabilities. Although source code has rich semantics and strong comprehensibility, source code vulnerability mining has been widely used and has achieved significant development. However, due to the protection of commercial interests and intellectual property rights, it is difficult to obtain source code. Therefore, the research on the vulnerability mining technology of binary code has strong practical value. Based on the investigation of related technologies,… More >