Securing Defi: a comprehensive review of ML approaches for detecting smart contract vulnerabilities and threats

Abstract

The rapid evolution of decentralized finance (DeFi) has brought revolutionary innovations to global financial systems; however, it has also revealed some major security vulnerabilities, especially of smart contracts. Traditional auditing methods and static analysis tools are prone to fail in identifying sophisticated threats, including reentrancy attacks, front-running, oracle manipulation, and honeypots. This review discusses the growing role of machine learning (ML) in enhancing the security of DeFi systems. It provides a comprehensive overview of modern ML-based methods related to the detection of smart contract vulnerabilities, transaction-level fraud detection, and oracle trust assessment. The paper also provides publicly available datasets, necessary toolkits, and architectural designs used for developing and testing these models. Additionally, it provides future directions like federated learning, explainable AI, real-time mempool inspection, and cross-chain intelligence sharing. While it is full of promise, the application of ML in DeFi security is plagued by issues like data scarcity, interoperability, and explainability. This paper concludes by highlighting the need for standardised benchmarks, shared data initiatives, and the integration of ML into development pipelines to deliver secure, scalable, and reliable DeFi ecosystems.