# Secure and Transparent Audit Logs with BlockAudit

**Authors:** Ashar Ahmad, Muhammad Saad, Aziz Mohaisen

arXiv: 1907.10484 · 2019-07-25

## TL;DR

BlockAudit is a blockchain-based system designed to enhance the security and trustworthiness of enterprise audit logs by preventing tampering and defending against known attacks.

## Contribution

The paper introduces BlockAudit, a scalable blockchain framework that makes audit logs tamper-proof and secure against physical and remote attacks.

## Key findings

- BlockAudit successfully prevents log tampering.
- It maintains acceptable performance in latency and transaction rate.
- It seamlessly integrates with existing audit log systems.

## Abstract

Audit logs serve as a critical component in enterprise business systems and are used for auditing, storing, and tracking changes made to the data. However, audit logs are vulnerable to a series of attacks enabling adversaries to tamper data and corresponding audit logs without getting detected. Among them, two well-known attacks are "the physical access attack," which exploits root privileges, and "the remote vulnerability attack," which compromises known vulnerabilities in database systems. In this paper, we present BlockAudit: a scalable and tamper-proof system that leverages the design properties of audit logs and security guarantees of blockchain to enable secure and trustworthy audit logs. Towards that, we construct the design schema of BlockAudit and outline its functional and operational procedures. We implement our design on a custom-built Practical Byzantine Fault Tolerance (PBFT) blockchain system and evaluate the performance in terms of latency, network size, payload size, and transaction rate. Our results show that conventional audit logs can seamlessly transition into BlockAudit to achieve higher security and defend against the known attacks on audit logs.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1907.10484/full.md

## Figures

16 figures with captions in the complete paper: https://tomesphere.com/paper/1907.10484/full.md

## References

68 references — full list in the complete paper: https://tomesphere.com/paper/1907.10484/full.md

---
Source: https://tomesphere.com/paper/1907.10484