Saved in:
Bibliographic Details
Main Authors: Tian, Ye, Jia, Yifan, Wang, Yanbin, Sun, Jianguo, Xu, Haitao, Wang, Xin, Fu, Zhihua
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2509.10252
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866915918366375936
author Tian, Ye
Jia, Yifan
Wang, Yanbin
Sun, Jianguo
Xu, Haitao
Wang, Xin
Fu, Zhihua
author_facet Tian, Ye
Jia, Yifan
Wang, Yanbin
Sun, Jianguo
Xu, Haitao
Wang, Xin
Fu, Zhihua
contents The success of smart contracts has made them a target for attacks, but their closed-source nature often forces vulnerability detection to work on bytecode, which is inherently more challenging than source-code-based analysis. While recent studies try to align source and bytecode embeddings during training to transfer knowledge, current methods rely on graph-level alignment that obscures fine-grained structural and semantic correlations between the two modalities. Moreover, the absence of precise vulnerability patterns and granular annotations in bytecode leads to depriving the model of crucial supervisory signals for learning discriminant features. We propose ExDoS to transfer rich semantic knowledge from source code to bytecode, effectively supplementing the source code prior in practical settings. Specifically, we construct semantic graphs from source code and control-flow graphs from bytecode. To address obscured local signals in graph-level contract embeddings, we propose a Dual-Attention Graph Network introducing a novel node attention aggregation module to enhance local pattern capture in graph embeddings. Furthermore, by summarizing existing source-code vulnerability patterns and designing corresponding bytecode-level patterns for the three target vulnerabilities, we provide an aligned pattern framework that facilitates fine-grained cross-modal alignment and the capture of function-level vulnerability signals. Finally, we propose a dual-focus objective for our cross-modal distillation framework, comprising: a Global Semantic Distillation Loss for transferring graph-level knowledge and a Local Semantic Distillation Loss enabling expert-guided, fine-grained vulnerability-specific distillation. Experiments on real-world contracts demonstrate that our method achieves consistent F1-score improvements (3%--6%) over strong baselines.
format Preprint
id arxiv_https___arxiv_org_abs_2509_10252
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle ExDoS: Expert-Guided Dual-Focus Cross-Modal Distillation for Smart Contract Vulnerability Detection
Tian, Ye
Jia, Yifan
Wang, Yanbin
Sun, Jianguo
Xu, Haitao
Wang, Xin
Fu, Zhihua
Cryptography and Security
The success of smart contracts has made them a target for attacks, but their closed-source nature often forces vulnerability detection to work on bytecode, which is inherently more challenging than source-code-based analysis. While recent studies try to align source and bytecode embeddings during training to transfer knowledge, current methods rely on graph-level alignment that obscures fine-grained structural and semantic correlations between the two modalities. Moreover, the absence of precise vulnerability patterns and granular annotations in bytecode leads to depriving the model of crucial supervisory signals for learning discriminant features. We propose ExDoS to transfer rich semantic knowledge from source code to bytecode, effectively supplementing the source code prior in practical settings. Specifically, we construct semantic graphs from source code and control-flow graphs from bytecode. To address obscured local signals in graph-level contract embeddings, we propose a Dual-Attention Graph Network introducing a novel node attention aggregation module to enhance local pattern capture in graph embeddings. Furthermore, by summarizing existing source-code vulnerability patterns and designing corresponding bytecode-level patterns for the three target vulnerabilities, we provide an aligned pattern framework that facilitates fine-grained cross-modal alignment and the capture of function-level vulnerability signals. Finally, we propose a dual-focus objective for our cross-modal distillation framework, comprising: a Global Semantic Distillation Loss for transferring graph-level knowledge and a Local Semantic Distillation Loss enabling expert-guided, fine-grained vulnerability-specific distillation. Experiments on real-world contracts demonstrate that our method achieves consistent F1-score improvements (3%--6%) over strong baselines.
title ExDoS: Expert-Guided Dual-Focus Cross-Modal Distillation for Smart Contract Vulnerability Detection
topic Cryptography and Security
url https://arxiv.org/abs/2509.10252