DELIA: Distributed Efficient Log Integrity Audit Based on Hierarchal Multi-Party State Channel

Audit log contains the trace of different activities in computing systems, which makes it critical for security management, censorship, and forensics. However, experienced attackers may delete or modify the audit log after their attacks, which makes the audit log unavailable in attack investigation. In this article, we focus on the log integrity audit in the same domain, in which a number of servers update audit logs for a single or several organizations as an alliance. We propose a distributed efficient log integrity audit framework, called DELIA, which employs the distributed ledger technique to protect audit information, and utilizes the idea of state channel to improve the throughput of distributed ledger. To generate stable state from the rapidly-updated logs in the domain, we propose a log state generation scheme, which not only generates state suitable for audit logs, but also enables mutual supervision within the domain. To overcome the high latency in existing state channel schemes, we propose a hierarchal multi-party state channel scheme, which makes the latency in our framework independent of the number of servers in the domain. We implement DELIA on Ethereum and evaluate its performance. The results show that our framework is efficient and secure in practice.