Decentralized Logging Service using IPFS for Cloud Infrastructure
9 Pages Posted: 15 Jul 2019 Last revised: 30 Sep 2019
Date Written: May 18, 2019
In any shared space of resources it is very important to have a trustable way to record how and when the resources have been used and by whom. Similarly, in any cloud-based platform, collection of logs is an important activity required to have a trustable record of the activities performed by the users and pin point any malicious deeds performed. Forensic investigations however face a grave challenge of ensuring the integrity of the logs. The activity of collecting logs and ensuring their integrity becomes a necessity with regulations like SOX enforcing it on financial institutes. In this paper, IPFS has been employed to create a system which preserves all the meta-data of logs generated by the network activity of the virtual machine and guarantees the confidentiality, integrity and availability during any forensic investigation. The integrity of the logs is guaranteed by the IPFS system which creates a content-based hash for the logs and stores them securely. As files in IPFS are indexed by their hash, tampering with a log will result in creation of a new hash which won’t exist in the index. Index will still point to the original hash, hence integrity is achieved. In previous research, the systems could guarantee whether a log has been tampered with or not, but none provided a mechanism to recover meta- data of tampered logs to their original state. Using IPFS, this paper aims to make the system more secure and takes it a step forward by providing the meta- data of the original logs for the tampered logs.
Keywords: IPFS, Cloud Forensics, Content-Based Hashing
JEL Classification: Y60
Suggested Citation: Suggested Citation