Research On Security Audit Technology Of Information System Log Based On Intelligent Contract

The log data of the information system plays an important role in monitoring the operating status of the system,troubleshooting and locating software and hardware faults,and ensuring the security and reliability of the system.Log auditing can fully explore the analytical value of log data,assist operation and maintenance personnel to better monitor and ensure the normal operation of the system,and identify abnormal information such as system errors and faults in a timely manner.For the storage and access of log data,the current information system faces the security risks that the data is easily tampered,forged and deleted,as well as the problems of unauthorized access to the data.Although the existing research methods of log storage and access use searchable encryption technology to achieve encrypted storage of sensitive log data,they lack research on the fairness of the ciphertext retrieval process and the control of ciphertext access rights.At the same time,for the analysis of log data,the traditional analysis methods relying on manual inspection or rule matching have problems such as high false positive rate and false negative rate,poor real-time performance,etc.,which is difficult to meet the current analysis needs of large-scale and unstructured log data.Smart contracts are open,transparent,immutable and automatic,providing a secure,efficient and reliable way for data storage and analysis.Based on the above research problems and backgrounds,this paper proposes an information system log security audit technology based on smart contracts to achieve secure storage,authorized access and efficient automated analysis of log data,mainly including the following three work points.First,a secure log storage and access method based on smart contract is designed.As a participant in the searchable encryption process,smart contract performs search trap door comparison and ciphertext verification,so that the correctness of ciphertext search results can be verified without third-party entities.At the same time,the deposit mechanism is used to ensure fair payment between data users and cloud servers in the search process.Second,a role-based access control contract is designed to make access control policies transparent and automatically verify access permissions,ensuring that only data users with corresponding roles can obtain the corresponding ciphertext data access permissions to avoid unauthorized access.At the same time,using the one-to-many mapping relationship between role key and user key,searchable encryption is extended to the many-to-many users mode.Thirdly,an adaptive log analysis method based on smart contract is designed to establish a unified log security audit analysis platform based on block chain.The log template similarity check contract deployed on the chain,combined with the off-chain log anomaly detection and analysis model based on deep learning,can fully mine the structural features and contextual information of log data to achieve the organic unity of analysis efficiency and detection accuracy,to achieve automated,efficient,and accurate log analysis and anomaly detection.Through analysis and experiment,it is found that the log security storage and access method designed in this paper can meet the integrity and confidentiality requirements of log storage in log audit work,and ensure the authorized access of data.At the same time,the adaptive log analysis method combined with smart contract and deep learning technology can realize automatic and efficient log analysis,and has good accuracy and real-time performance in the analysis and detection of large-scale log data sets.