BlockTrail: A Scalable Multichain Solution for Blockchain-Based Audit Trails

Blockchain-based audit trails provide a consensus-driven and tamper-proof trail of system events that are helpful in creating provenance in enterprise solutions. However, taking into account the transaction bulk generated by these applications and the throughput limitations of existing blockchains, a single ledger for record keeping can be inefficient and costly. To that end, we see an imperative need for a new blockchain design that is capable of addressing current challenges, without compromising security and provenance. Hence, we propose BlockTrail, a scalable and efficient blockchain solution for auditing applications. BlockTrail fragments the legacy blockchain systems into layers of co-dependent hierarchies, thereby reducing the time and space complexity, and increasing the throughput. BlockTrail is prototyped on “Practical Byzantine Fault Tolerance” (PBFT) protocol with a custom-built blockchain. Experiments with BlockTrail show that compared to the conventional schemes, BlockTrail is more efficient, and has less storage footprint.

[1]  Bruce Schneier,et al.  Secure audit logs to support computer forensics , 1999, TSEC.

[2]  Aziz Mohaisen,et al.  Countering Selfish Mining in Blockchains , 2018, 2019 International Conference on Computing, Networking and Communications (ICNC).

[3]  Kyungbaek Kim,et al.  A Survey about Consensus Algorithms Used in Blockchain , 2018, J. Inf. Process. Syst..

[4]  Marko Vukolic,et al.  Hyperledger fabric: a distributed operating system for permissioned blockchains , 2018, EuroSys.

[5]  Vincenzo Cinque,et al.  Blockchain-Based Logging for the Cross-Border Exchange of eHealth Data in Europe , 2018, Euro-CYBERSEC.

[6]  Steffen Staab,et al.  DIALOG: Distributed Auditing Logs , 2009, 2009 IEEE International Conference on Web Services.

[7]  Jean-Yves Le Boudec,et al.  Network Calculus: A Theory of Deterministic Queuing Systems for the Internet , 2001 .

[8]  Christopher Wee Audit logs: to keep or not to keep? , 1999, Recent Advances in Intrusion Detection.

[9]  Gene Tsudik,et al.  A new approach to secure logging , 2008, TOS.

[10]  Kuo-Hui Yeh,et al.  An ISO/IEC 15408-2 Compliant Security Auditing System with Blockchain Technology , 2018, 2018 IEEE Conference on Communications and Network Security (CNS).

[11]  Aziz Mohaisen,et al.  POSTER: Deterring DDoS Attacks on Blockchain-based Cryptocurrencies through Mempool Optimization , 2018, AsiaCCS.

[12]  Liang Xiao,et al.  Game theoretic study on blockchain based secure edge networks , 2017, 2017 IEEE/CIC International Conference on Communications in China (ICCC).

[13]  Jing Chen,et al.  CertChain: Public and Efficient Certificate Audit Based on Blockchain for TLS Connections , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications.

[14]  Lars Nagel,et al.  Self-stabilizing Balls & Bins in Batches , 2016, ArXiv.

[15]  Peng Ning,et al.  BAF: An Efficient Publicly Verifiable Secure Audit Logging Scheme for Distributed Systems , 2009, 2009 Annual Computer Security Applications Conference.

[16]  Jordi Puiggali,et al.  Distributed Immutabilization of Secure Logs , 2016, STM.

[17]  Aziz Mohaisen,et al.  Towards characterizing blockchain-based cryptocurrencies for highly-accurate predictions , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[18]  Brent Waters,et al.  Building an Encrypted and Searchable Audit Log , 2004, NDSS.

[19]  Bruce Schneier,et al.  Cryptographic Support for Secure Logs on Untrusted Machines , 1998, USENIX Security Symposium.

[20]  Aziz Mohaisen,et al.  Towards Blockchain-Driven, Secure and Transparent Audit Logs , 2018, MobiQuitous.

[21]  Andrew Sutton,et al.  Blockchain Enabled Privacy Audit Logs , 2017, International Semantic Web Conference.