| With the development of networks and their related technologies,the number of attacks on networks and computer systems is increasing.Current firewall and intrusion detection technologies mainly target intrusions from outside the network and are not effective in preventing various attacks from internal users,leading to many network leaks and other security incidents.As network traffic continues to increase,there is an urgent need for security auditing systems that can monitor and control network traffic.In the past few years,security auditing technology has made great progress,but there are still some shortcomings,one of which is the security risks in the way audit data is stored.Therefore,this paper proposes a high-throughput and low-latency blockchain consensus algorithm after related research on security audit technology and blockchain technology,and proposes a tamper-proof security audit scheme based on this algorithm,and finally implements a tamper-proof network security audit system based on this scheme.The main research work of this paper is summarized as follows.(1)The practical Byzantine fault-tolerant consensus algorithm widely used in alliance chains has problems such as fixed primary node selection method and high communication cost.To solve these problems,a selective Byzantine fault tolerance consensus algorithm named SBFT based on verifiable random function is proposed.The first proposal is to dynamically calculate the node contribution value by evaluating the node behavior after each round of consensus,and selecting the nodes participating in consensus based on the node contribution value.Next,a combination of node contribution value and verifiable random function is used for random selection of primary node by cryptographic sortation,which makes the selected primary node unpredictable while reducing the probability of non-honest nodes becoming the primary node.Finally,the consistency protocol of PBFT is improved by changing the mesh communication network topology of PBFT into a star communication network topology and incorporating the view replacement process into the normal consensus process.Simulation experimental results show that compared with PBFT algorithm,SBFT has higher throughput,lower consensus latency and higher algorithm efficiency,and is more suitable for security audit systems with high throughput requirements.(2)A tamper-proof security auditing scheme is proposed in combination with SBFT algorithm.The scheme targets network data for auditing,collects network data by filtering through the data collection module,analyzes and reorganizes the collected data by the data analysis and processing module,and then packages the audit information on the chain by the data up-chain module,and uses SBFT for consensus in the blockchain to achieve fast upchaining of audit data,and can guarantee the tamper-proof audit data,in addition to accessing the on-chain data through the data query module for auditing operation.Based on the tamperproof security audit scheme,a tamper-proof network security audit system is designed and implemented by plugging the consensus algorithm SBFT proposed in this paper into the Hyperledger Fabric blockchain platform,and the effectiveness of the scheme is verified by system testing. |
PDF Full Text Request