Knowdit is a knowledge-driven, agentic framework that significantly improves smart contract vulnerability detection by modeling shared DeFi semantics and leveraging historical audit knowledge.

GenDetect introduces a novel framework to rapidly generalize detection rules from single observed DeFi exploits, significantly improving resilience against subsequent, similar 'Imitative Attack Cascad…

ContractShield is a robust multimodal framework that uses a novel three-level fusion mechanism to accurately detect multiple types of vulnerabilities in obfuscated smart contracts, significantly outpe…

EvoPoC introduces a knowledge-driven agentic system that automates the synthesis of verifiable and economically viable exploits for DeFi smart contracts, achieving high recall and significant revenue…

The paper introduces an LLM-based framework that uses vulnerability-specific prompting and a large-scale dataset to achieve high-precision, scalable detection of multiple smart contract vulnerabilitie…

FuzzingBrain V2 is a multi-agent LLM system that significantly improves automated vulnerability discovery by ensuring all reported bugs are fuzzer-reproducible and handling complex cross-function depe…

LibScan is an automated framework that detects eight categories of smart contract library misuse by combining LLM-based semantic reasoning with rule-based analysis, achieving 85.15% accuracy on real-w…

The paper introduces an efficient, lightweight LLM framework for smart contract auditing that decouples the audit process into multiple components, achieving high accuracy while significantly reducing…

The paper introduces MEV non-interference, a formal security notion, to ensure that composing new smart contracts in DeFi does not increase the maximal extractable value, thereby providing a formal fo…

The paper introduces Bastet, a novel, high-quality, expert-labeled dataset designed to overcome limitations in existing resources for detecting complex smart contract vulnerabilities in DeFi.

The paper proposes LiveFuzz, a directed greybox fuzzing technique that detects the exploitability of third-party library vulnerabilities from client programs without requiring pre-existing proof-of-co…

GoAT-X introduces a novel framework that structures cross-chain smart contract auditing as a Graph of Auditing Thoughts, significantly improving the detection of complex, semantic vulnerabilities in m…

This paper proposes a unified, lifecycle-centric framework and a detailed taxonomy to survey and analyze novel, finance-specific attack surfaces and vulnerabilities in AI systems used within the finan…

The paper demonstrates that large language models (LLMs) exhibit measurable, controllable biases toward specific assets like Bitcoin, identifying an internal feature that can causally shift portfolio…

The paper introduces Sefz, a semantic fuzzing framework that automatically discovers specification violations in LLM agent skills, finding a significant number of previously unknown exploitable guardr…

GONDAR is a novel sink-centric fuzzing framework that systematically leverages vulnerability-specific knowledge to discover Java security flaws, significantly outperforming state-of-the-art fuzzers.

The paper introduces Sol2Vy, a framework that enables cross-language knowledge transfer from Solidity to Vyper, allowing effective vulnerability detection in low-resource smart contracts without needi…

The paper analyzes protracted vulnerabilities (PCVEs) in open-source projects and proposes DeeptraVul, an enhanced detection approach that significantly improves vulnerability coverage by integrating…

This paper outlines a comprehensive research framework for smart contract security, moving beyond simple vulnerability detection to encompass advanced areas like semantic reasoning, automated repair,…

The paper proposes FinSec, a novel four-tier security detection framework, to robustly identify complex financial risks and suspicious dialogue patterns in LLM-powered financial agents, achieving stat…