A Secure and Reliable Blockchain-based Audit Log System

The use of log files in digital forensics highlights the importance of ensuring their data integrity for auditing purposes. However, traditional centralized audit log systems face challenges in maintaining data integrity due to log injection attacks and single-point failures. Although blockchain technology can accurately process and replicate log files, existing blockchain-based audit log systems still suffer from security and reliability issues due to their weak threat models and limited scalability. To address these concerns, we propose a blockchain-based audit log system that ensures data integrity under a general threat model where a part of the nodes, including loggers and auditors, are untrusted. First, our proposed system resists collusion attacks by incorporating multiple nodes for system processes and utilizing smart contracts to enforce consensus algorithms. Second, to save blockchain storage space, we design an efficient log integrity proof method, which generates a sub-Non-Fungible Token (sub-NFT) for each log file and keeps it on the blockchain as integrity proof. The single-point failure problem is resolved by outsourcing log files to a distributed file system. To evaluate the proposed system, we implement a prototype based on Hyperledger Fabric. Experimental results show that our proof generation method can reduce storage space usage in comparison to other blockchain-based audit log systems, saving approximately 50% of space in Hyperledger Fabric. The security analysis proves that our system can ensure log file data integrity under the proposed threat model.