Computer Science

Computer Science ›› 2020, Vol. 47 ›› Issue (11A): 388-395.doi: 10.11896/jsjkx.200400024

• Information Security • Previous Articles     Next Articles

Study on Secure Log Storage Method Based on Blockchain

LIU Jing1, HUANG Ju1, LAI Ying-xu1, QIN Hua1, ZENG Wei2   

  1. 1 Faculty of Information Technology,Beijing University of Technology,Beijing 100124,China
    2 Beijing Branch of China Unicom,Beijing 101109,China
  • Online:2020-11-15 Published:2020-11-17
  • About author:LIU Jing,born in 1978,Ph.D,lecturer,is a member of China Computer Federation.Her main research interests include network security and trusted computing.
    LAI Ying-xu,born in 1973,Ph.D,professor,Ph.D supervisor.Her main research interests include cloud computing,information network security and trusted computing.
  • Supported by:
    This work was supported by the Beijing Municipal Natural Science Foundation(19L2020),Foundation of Science and Technology on Information Assurance Laboratory(614211204031117),Foundation of Shaanxi Key Laboratory of Network and System Security(NSSOF1900105),Industrial Internet Innovation and Development Project of the Ministry of Industry and Information Technology of China in 2018 and Basic Research Project of Information Security Laboratory for National Defense Scientific Research and Testing(2018XXAQ08).

PDF (PC)

912

Abstract: With the rapid development of computer science,the number of alarm logs is increasing geometrically.Alarm logs record the correlation information of attack behavior and are vulnerable to theft and tempering,and the retrieval results contain a lot of irrelevant logs,thus interfering the correctness of log analysis.In order to solve the problems of safe storage and data extraction of alarm logs,this paper proposes a log secure storage method based on blockchain.Alarm logs are stored in distributed stora-ge system based on block chain,which index library records block storage location.The traditional block chain sequential retrievalis replaced by querying the block index library,which improves the retrieval speed of ciphertext log.Through threat assessment of attack source addresses of alarm logs,and build a ciphertext index structure,which is stored in the block header.Alarm logs classified to the same attack scenario are associate retrieved based on correlation analysis.According to the experimental results,using the log secure storage method based on blockchain to store alarm logs,the block generation efficiency will not greatly reduce due to the index construction,and the log retrieval efficiency is high and the attack scenario logs can be obtained.

Key words: Alarm correlation, Attack scenario, Blockchain, Index construction, Secure storage

CLC Number: 

  • TP309
[1] LAI Y X,CHEN Y N,ZOU Q C,et al.Design and analysis on trusted network equipment access authentication protocol[J].Simulation Modelling Practice and Theory,2015,51:157-169.
[2] YUAN Y,WANG F Y.Development status and prospect ofblock chain technology[J].Acta Automatica Sinica,2016,42(4):481-494.
[3] DOU B L,ZHU Y C,SHANG L B.Research on alarm correlation method[J].Computer Applications and Software,2006,23(1):74-76.
[4] ZHANG Y H,SHU J G,YANG K,et al.TKSE:trustworthykeyword search over encrypted data with two-side verifiability via blockchain [J].IEEE Access,2018,6:31077-31087.
[5] HUCKLE S,BHATTACHARYA R,WHITE M,et al.Internet of things,blockchain and shared economy applications[J].Procedia Computer Science,2016,98:461-466.
[6] SWAN M.Blockchain:blueprint for a new economy[M].USA:O'Reilly Media inc.,2015.
[7] NAKAMOTO S.Bitcoin:a peer-to-peer electronic cash system[EB/OL].[2019-05-06].https://bitcoin.org/bitcoin.pdf.
[8] EKBLAW A,AZARIA A,HALAMKA J D,et al.A case study for blockchain in healthcare:“medrec” prototype for electronic health records and medical research data[C]//Proceedings of 2nd IEEE Open & Big Data Conference.Piscataway,NJ:IEEE,2016:25-30.
[9] WU Z Q,LIANG Y H,KANG J W.Smart grid data securitystorage and sharing system based on alliance block chain[J].Journal of Computer Applications,2017,37(10):2742-2747.
[10] WANG J Y,GAO L C,DONG A Q.Research on data securitysharing network system based on block chain[J].Journal of Computer Research and Development,2017,54(4):742-749.
[11] FEI Y,NING J,HU Q.Log storage system based on blockchain[J].Cyberspace Security,2018,9(6):80-85.
[12] TIAN F.An agri-food supply chain traceability system for China based on RFID & blockchain technology[C]//2016 13th International Conference on Service Systems and Service Management (ICSSSM).IEEE,2016:1-6.
[13] QIN X,LEE W.Attack plan recognition and prediction usingcausal networks[C]//Proceedings of the 20th Annual Computer Security Applications Conference.Piscataway,NJ:IEEE,2004.
[14] TEMPLETON S J,LEVITT K.A requires/provides model for computer attacks[C]//Proceedings of the 2000 New Security Paradigms Workshop.New York,ACM,2000:31-38.
[15] NING P,CUI Y,REEVES D S.Constructing attack scenarios through correlation of intrusion alerts[C]//Proceedings of the 9th ACM Conference on Computer and Communications Security.New York,ACM,2002:245-254.
[16] NING P,XU D.Learning attack strategies from intrusion alerts[C]//Proceedings of the 10th ACM Conference on Computer and Communications Security.New York,ACM,2003:200-209.
[17] ALSERHANI F,AKHLAQ M,AWAN I U.MARS:multi-stage attack recognition system[C]//Proceedings of the 2010 24th IEEE International Conference on Advanced Information Networking and Applications.Piscataway,NJ,IEEE,2010:753-759.
[18] PHILLIPS C,SWILER L P.A graph-based system for network-vulnerability analysis[C]//Proceedings of 1998 Workshop on New Security Paradigms.New York,ACM,1998:71-79.
[19] ZALI Z,HASHEMI M R,SAIDI H.Real-time intrusion detection alert correlation and attack scenario extraction based on the prerequisite-consequence approach[J].The ISC International Journal of Information Security,2013,4(2):126-136.
[20] VALDES A,SKINNER K.Probabilistic alert correlation[C]//Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection.Berlin:Springer,2001:54-68.
[21] MA L R,YANG L,WANG J X.Reconstruction of intrusion detection alarm association diagram by fuzzy clustering[J].Journal on Communications,2006,27(9):47-52.
[22] MEI H B,GONG J,ZHANG M H.Research on multi-step attack pattern discovery based on alarm sequence clustering[J].Journal on Communications,2011,32(5):63-69.
[23] LI H C,WU X P.Alarm multi-level aggregation and association method based on self-expanding time window[J].Advanced Engineering Sciences,2017,49(1):206-212.
[24] ZHU B,GHORBANI A A.Alert correlation for extracting attack strategies[J].International Journal of Network Security,2006,3(3):244-258.
[25] LU X G,DU X H,WANG W J.Alarm correlation algorithm based on improved FP growth[J].Computer Science,2019(8):64-70.
[26] WANG W,JIANG R,JIA Y,et al.KGBIAC:knowledge graph based intelligent alert correlation framework[C]//International Symposium on Cyberspace Safety and Security Springer.Berlin,Springer:2017:523-530.
[27] WU G J,WANG S P,CHEN M,et al.Massive structed data oriented storage and retrieve system[J].Journal of Computer Research and Development,2012(S1):1-5.
[28] CHENG M C,XU K Y.Audit log secure storage system based on trusted computing platform[J].Computer Science,2016,43(6):146-151.
[29] LU J F,LAI Y X,LIU J.Log Security Storage and Retrieval Based on Combination of On-chain and Off-chain[J].Computer Science,2020,47(3):298-303.
[30] WANG R D,JING Y N,WANG H G,et al.Research on parallel retrieval technology of log files based on timestamp index[J].Computer Applications and Software,2011,28(2):145-147.
[1] WANG Zi-kai, ZHU Jian, ZHANG Bo-jun, HU Kai. Research and Implementation of Parallel Method in Blockchain and Smart Contract [J]. Computer Science, 2022, 49(9): 312-317.
[2] ZHOU Hang, JIANG He, ZHAO Yan, XIE Xiang-peng. Study on Optimal Scheduling of Power Blockchain System for Consensus Transaction ofEach Unit [J]. Computer Science, 2022, 49(6A): 771-776.
[3] FU Li-yu, LU Ge-hao, WU Yi-ming, LUO Ya-ling. Overview of Research and Development of Blockchain Technology [J]. Computer Science, 2022, 49(6A): 447-461.
[4] GAO Jian-bo, ZHANG Jia-shuo, LI Qing-shan, CHEN Zhong. RegLang:A Smart Contract Programming Language for Regulation [J]. Computer Science, 2022, 49(6A): 462-468.
[5] MAO Dian-hui, HUANG Hui-yu, ZHAO Shuang. Study on Automatic Synthetic News Detection Method Complying with Regulatory Compliance [J]. Computer Science, 2022, 49(6A): 523-530.
[6] LI Bo, XIANG Hai-yun, ZHANG Yu-xiang, LIAO Hao-de. Application Research of PBFT Optimization Algorithm for Food Traceability Scenarios [J]. Computer Science, 2022, 49(6A): 723-728.
[7] WANG Si-ming, TAN Bei-hai, YU Rong. Blockchain Sharding and Incentive Mechanism for 6G Dependable Intelligence [J]. Computer Science, 2022, 49(6): 32-38.
[8] SUN Hao, MAO Han-yu, ZHANG Yan-feng, YU Ge, XU Shi-cheng, HE Guang-yu. Development and Application of Blockchain Cross-chain Technology [J]. Computer Science, 2022, 49(5): 287-295.
[9] YANG Zhen, HUANG Song, ZHENG Chang-you. Study on Crowdsourced Testing Intellectual Property Protection Technology Based on Blockchain and Improved CP-ABE [J]. Computer Science, 2022, 49(5): 325-332.
[10] REN Chang, ZHAO Hong, JIANG Hua. Quantum Secured-Byzantine Fault Tolerance Blockchain Consensus Mechanism [J]. Computer Science, 2022, 49(5): 333-340.
[11] FENG Liao-liao, DING Yan, LIU Kun-lin, MA Ke-lin, CHANG Jun-sheng. Research Advance on BFT Consensus Algorithms [J]. Computer Science, 2022, 49(4): 329-339.
[12] YANG Xin-yu, PENG Chang-gen, YANG Hui, DING Hong-fa. Rational PBFT Consensus Algorithm with Evolutionary Game [J]. Computer Science, 2022, 49(3): 360-370.
[13] WANG Xin, ZHOU Ze-bao, YU Yun, CHEN Yu-xu, REN Hao-wen, JIANG Yi-bo, SUN Ling-yun. Reliable Incentive Mechanism for Federated Learning of Electric Metering Data [J]. Computer Science, 2022, 49(3): 31-38.
[14] ZHANG Ying-li, MA Jia-li, LIU Zi-ang, LIU Xin, ZHOU Rui. Overview of Vulnerability Detection Methods for Ethereum Solidity Smart Contracts [J]. Computer Science, 2022, 49(3): 52-61.
[15] FAN Jia-xing, WANG Zhi-wei. Hierarchical Anonymous Voting Scheme Based on Threshold Ring Signature [J]. Computer Science, 2022, 49(1): 321-327.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.