TY - GEN
T1 - A Secure and Reliable Blockchain-based Audit Log System
AU - Liu, Zhonghao
AU - Zhang, Xinwei
AU - Li, Guyue
AU - Cui, Helei
AU - Wang, Jiaheng
AU - Xiao, Bin
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - The use of log files in digital forensics highlights the importance of ensuring their data integrity for auditing purposes. However, traditional centralized audit log systems face challenges in maintaining data integrity due to log injection attacks and single-point failures. Although blockchain technology can accurately process and replicate log files, existing blockchain-based audit log systems still suffer from security and reliability issues due to their weak threat models and limited scalability. To address these concerns, we propose a blockchain-based audit log system that ensures data integrity under a general threat model where a part of the nodes, including loggers and auditors, are untrusted. First, our proposed system resists collusion attacks by incorporating multiple nodes for system processes and utilizing smart contracts to enforce consensus algorithms. Second, to save blockchain storage space, we design an efficient log integrity proof method, which generates a sub-Non-Fungible Token (sub-NFT) for each log file and keeps it on the blockchain as integrity proof. The single-point failure problem is resolved by outsourcing log files to a distributed file system. To evaluate the proposed system, we implement a prototype based on Hyperledger Fabric. Experimental results show that our proof generation method can reduce storage space usage in comparison to other blockchain-based audit log systems, saving approximately 50% of space in Hyperledger Fabric. The security analysis proves that our system can ensure log file data integrity under the proposed threat model.
AB - The use of log files in digital forensics highlights the importance of ensuring their data integrity for auditing purposes. However, traditional centralized audit log systems face challenges in maintaining data integrity due to log injection attacks and single-point failures. Although blockchain technology can accurately process and replicate log files, existing blockchain-based audit log systems still suffer from security and reliability issues due to their weak threat models and limited scalability. To address these concerns, we propose a blockchain-based audit log system that ensures data integrity under a general threat model where a part of the nodes, including loggers and auditors, are untrusted. First, our proposed system resists collusion attacks by incorporating multiple nodes for system processes and utilizing smart contracts to enforce consensus algorithms. Second, to save blockchain storage space, we design an efficient log integrity proof method, which generates a sub-Non-Fungible Token (sub-NFT) for each log file and keeps it on the blockchain as integrity proof. The single-point failure problem is resolved by outsourcing log files to a distributed file system. To evaluate the proposed system, we implement a prototype based on Hyperledger Fabric. Experimental results show that our proof generation method can reduce storage space usage in comparison to other blockchain-based audit log systems, saving approximately 50% of space in Hyperledger Fabric. The security analysis proves that our system can ensure log file data integrity under the proposed threat model.
KW - Audit log system
KW - Blockchain
KW - Hyperledger Fab-ric
KW - InterPlanetary File System (IPFS)
KW - NFT
UR - http://www.scopus.com/inward/record.url?scp=85202890524&partnerID=8YFLogxK
U2 - 10.1109/ICC51166.2024.10623012
DO - 10.1109/ICC51166.2024.10623012
M3 - 会议稿件
AN - SCOPUS:85202890524
T3 - IEEE International Conference on Communications
SP - 2010
EP - 2015
BT - ICC 2024 - IEEE International Conference on Communications
A2 - Valenti, Matthew
A2 - Reed, David
A2 - Torres, Melissa
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 59th Annual IEEE International Conference on Communications, ICC 2024
Y2 - 9 June 2024 through 13 June 2024
ER -