区块链数字取证：技术及架构研究

范伟; 李海波; 张珠君

doi:10.11959/j.issn.1000-436x.2024204

您当前的位置：

首页 >

文章列表页 >

区块链数字取证：技术及架构研究

学术论文 | 更新时间：2025-01-14

- 区块链数字取证：技术及架构研究
- Blockchain digital forensics: technology and architecture
- 通信学报 2024年45卷第12期页码：124-141
- 作者机构：
  
  1.中国科学院信息工程研究所，北京 100093
  2.中国科学院大学网络空间安全学院，北京 100049
- 作者简介：
  
  [ "范伟（1984- ），男，北京人，博士，中国科学院信息工程研究所高级工程师、硕士生导师，主要研究方向为移动通信安全、云计算安全、虚拟化安全等。" ]
  [ "李海波（2001- ），男，河南南阳人，中国科学院信息工程研究所硕士生，主要研究方向为区块链安全、数字取证等。" ]
  [ "张珠君（1987- ），女，河北南宫人，博士，中国科学院信息工程研究所工程师，主要研究方向为区块链安全、系统安全等。" ]
- 基金信息：
  
  国家重点研发计划基金资助项目(2021YFB2700603)
- DOI：10.11959/j.issn.1000-436x.2024204
  中图分类号： TP309.2
- 收稿日期：2024-09-03，
  
  修回日期：2024-11-07，
  
  纸质出版日期：2024-12-25
- 稿件说明：
移动端阅览
范伟,李海波,张珠君.区块链数字取证：技术及架构研究[J].通信学报,2024,45(12):124-141.

FAN Wei,LI Haibo,ZHANG Zhujun.Blockchain digital forensics: technology and architecture[J].Journal on Communications,2024,45(12):124-141.
范伟,李海波,张珠君.区块链数字取证：技术及架构研究[J].通信学报,2024,45(12):124-141. DOI： 10.11959/j.issn.1000-436x.2024204.

FAN Wei,LI Haibo,ZHANG Zhujun.Blockchain digital forensics: technology and architecture[J].Journal on Communications,2024,45(12):124-141. DOI： 10.11959/j.issn.1000-436x.2024204.

摘要

针对传统数字取证存在场景适应性差、证据保全能力弱以及取证效率低的问题，分析将去中心化、不可篡改的区块链技术引入数字取证的可行性。首先，基于区块链取证技术的层次架构，提出了阶段化取证流程，并剖析了区块链技术在证据获取、保全和呈现阶段的研究进展。其次，通过分析现有研究的不足，结合区块链的分布式优势，设计了一套区块链全流程参与的数字取证架构，将证据信息融入链上数据结构并提出了配套的图分析算法，统一了各场景下的证据采集形式；利用链下分布式数据库实现了高效扩容存储；借助智能合约模板提升了同类型取证事务的合约复用性。最后，展望了区块链技术在未来取证应用中的研究方向。

Abstract

Issues of limited scene adaptability

inadequate evidence preservation

and low efficiency in traditional digital forensics were addressed by analyzing the feasibility of incorporating decentralized

tamper-resistant blockchain technology into digital forensic practices. Initially

a phased forensic process was proposed based on a hierarchical architecture for blockchain forensic technology

examining the advancements of blockchain at each stage of evidence acquisition

preservation

and presentation. Subsequently

limitations in existing research were analyzed

and a digital forensic framework incorporating comprehensive blockchain involvement was designed by utilizing the distributed advantages of blockchain. This framework integrated evidence information into the on-chain data structure and introduced a complementary graph analysis algorithm to standardize evidence collection across various scenarios. An off-chain distributed database was employed to achieve scalable

efficient storage

while smart contract templates enhance the reusability of contracts for similar forensic transactions. Lastly

potential future directions for the application of blockchain technology in forensic science were explored.

关键词

Keywords

references

JORDAAN J , BRADSHAW K . The current state of digital forensic practitioners in south Africa [C ] // Proceedings of the 2015 Information Security for South Africa (ISSA) . Piscataway : IEEE Press , 2015 : 1 - 9 .

Verizon Threat Research Advisory Center . Data breach investigations report [R ] . 2024 .

李炳龙 , 王鲁 , 陈性元 . 数字取证技术及其发展趋势 [J ] . 信息网络安全 , 2011 , 11 ( 1 ): 52 - 55 .

LI B L , WANG L , CHEN X Y . Digital forensic technique review [J ] . Netinfo Security , 2011 , 11 ( 1 ): 52 - 55 .

MOHITE M P , DESHMUKH J Y , GULVE P R . Qualitative and quantitative analysis of cloud based digital forensic tool [C ] // Proceedings of the 2016 10th International Conference on Intelligent Systems and Control (ISCO) . Piscataway : IEEE Press , 2016 : 1 - 5 .

GRUHN M , FREILING F C . Evaluating atomicity, and integrity of correct memory acquisition methods [J ] . Digital Investigation , 2016 , 16 : S1 - S10 .

BOCK L . Learn wireshark: a definitive guide to expertly analyzing protocols and troubleshooting networks using wireshark [M ] . Birmingham : Packt Publishing , 2022 .

CHILDERHOSE C . Mastering veeam backup & replication: secure backup with veeam 11 for defending your data and accelerating your data protection strategy [M ] . Birmingham : Packt Publishing , 2022 .

SHIAU S J H , SUN C K , TSAI Y C , et al . The design and implementation of a novel open source massive deployment system [J ] . Applied Sciences , 2018 , 8 ( 6 ): 965 .

COSIC J , COSIC Z , BACA M . An ontological approach to study and manage digital chain of custody of digital evidence [J ] . Journal of Information and Organizational Sciences , 2011 , 35 : 1 - 13 .

CIARDHUA S O . An extended model of cybercrime investigations [J ] . International Journal of Digital Evidence , 2004 , 3 ( 1 ): 1 - 22 .

ORIWOH E , JAZANI D , EPIPHANIOU G , et al . Internet of things forensics: challenges and approaches [C ] // Proceedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing . Piscataway : IEEE Press , 2013 : 608 - 615 .

TAO Q , DING H W , JIANG T , et al . B-DSPA: a blockchain-based dynamically scalable privacy-preserving authentication scheme in vehicular ad hoc networks [J ] . IEEE Internet of Things Journal , 2024 , 11 ( 1 ): 1385 - 1397 .

FERNÁNDEZ-CARRASCO J Á , ECHEBERRIA-BARRIO X , PARE DES-GARCÍA D , et al . ChronoEOS 2.0: device fingerprinting and EOSIO blockchain technology for on-running forensic analysis in an IoT environment [J ] . Smart Cities , 2023 , 6 ( 2 ): 897 - 912 .

房巧玲 , 高思凡 , 曹丽霞 . 区块链驱动下基于双链架构的混合审计模式探索 [J ] . 审计研究 , 2020 ( 3 ): 12 - 19 .

FANG Q L , GAO S F , CAO L X . Exploring the hybrid audit approach based on double-chain architecture in a blockchain environment [J ] . Auditing Research , 2020 ( 3 ): 12 - 19 .

GUO H , LI W X , NEJAD M , et al . Proof-of-event recording system for autonomous vehicles: a blockchain-based solution [J ] . IEEE Access , 2020 , 8 : 182776 - 182786 .

RYU J H , SHARMA P K , JO J H , et al . A blockchain-based decentralized efficient investigation framework for IoT digital forensics [J ] . The Journal of Supercomputing , 2019 , 75 ( 8 ): 4372 - 4387 .

HU S S , ZHANG S H , FU K L . TFChain: blockchain-based trusted forensics scheme for mobile phone data whole process [C ] // Proceedings of the 2022 IEEE 6th Information Technology and Mechatronics Engineering Conference (ITOEC) . Piscataway : IEEE Press , 2022 : 155 - 165 .

POURVAHAB M , EKBATANIFARD G . Digital forensics architecture for evidence collection and provenance preservation in IaaS cloud environment using SDN and blockchain technology [J ] . IEEE Access , 2019 , 7 : 153349 - 153364 .

RATHORE N K , KHAN Y , KUMAR S , et al . An evolutionary algorithmic framework cloud based evidence collection architecture [J ] . Multimedia Tools and Applications , 2023 , 82 ( 26 ): 39867 - 39895 .

TIAN Z H , LI M H , QIU M K , et al . Block-DEF: a secure digital evidence framework using blockchain [J ] . Information Sciences , 2019 , 491 : 151 - 165 .

KIM D , IHM S Y , SON Y . Two-level blockchain system for digital crime evidence management [J ] . Sensors , 2021 , 21 ( 9 ): 3051 .

CEBE M , ERDIN E , AKKAYA K , et al . Block4Forensic: an integrated lightweight blockchain framework for forensics applications of connected vehicles [J ] . IEEE Communications Magazine , 2018 , 56 ( 10 ): 50 - 57 .

XIONG Y , DU J . Electronic evidence preservation model based on blockchain [C ] // Proceedings of the 3rd International Conference on Cryptography, Security and Privacy . New York : ACM Press , 2019 : 1 - 5 .

BROTSIS S , KOLOKOTRONIS N , LIMNIOTIS K , et al . Blockchain solutions for forensic evidence preservation in IoT environments [C ] // Proceedings of the 2019 IEEE Conference on Network Softwarization (NetSoft) . Piscataway : IEEE Press , 2019 : 110 - 114 .

LIN Q J , WANG H Z , PEI X F , et al . Food safety traceability system based on blockchain and EPCIS [J ] . IEEE Access , 2019 , 7 : 20698 - 20707 .

SHILPA C , SHANTHAKUMARA A H . An implementation of blockchain technology in combination with IPFS for crime evidence management system [C ] // Proceedings of the 2023 International Conference on Computer Communication and Informatics (ICCCI) . Piscataway : IEEE Press , 2023 : 1 - 6 .

NYALETEY E , PARIZI R M , ZHANG Q , et al . BlockIPFS-blockchain-enabled interplanetary file system for forensic and trusted data traceability [C ] // Proceedings of the 2019 IEEE International Conference on Blockchain . Piscataway : IEEE Press , 2019 : 18 - 25 .

LIU C Y , WANG Z H , XIONG A , et al . Research on industrial Internet traceability technology based on blockchain [C ] // Proceedings of the 2022 IEEE 14th International Conference on Advanced Infocomm Technology (ICAIT) . Piscataway : IEEE Press , 2022 : 286 - 291 .

RENO S , BHOWMIK S , AHMED M . Utilizing IPFS and private blockchain to secure forensic information [C ] // Proceedings of the 2021 International Conference on Automation, Control and Mechatronics for Industry 4.0 (ACMI) . Piscataway : IEEE Press , 2021 : 1 - 6 .

SHANG S Y , ZHOU A Y , TAN M , et al . Access control audit and traceability forensics technology based on blockchain [C ] // Proceedings of the 2022 4th International Conference on Frontiers Technology of Information and Computer (ICFTIC) . Piscataway : IEEE Press , 2022 : 932 - 937 .

LI M , LAL C , CONTI M , et al . LEChain: a blockchain-based lawful evidence management scheme for digital forensics [J ] . Future Generation Computer Systems , 2021 , 115 : 406 - 420 .

MERCAN S , CEBE M , TEKINER E , et al . A cost-efficient IoT forensics framework with blockchain [C ] // Proceedings of the 2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC) . Piscataway : IEEE Press , 2020 : 1 - 5 .

YAO Q , LI T T , YAN C , et al . Accident responsibility identification model for Internet of vehicles based on lightweight blockchain [J ] . Computational Intelligence , 2023 , 39 ( 1 ): 58 - 81 .

RANA S K , RANA A K , RANA S K , et al . Decentralized model to protect digital evidence via smart contracts using layer 2 polygon blockchain [J ] . IEEE Access , 2023 , 11 : 83289 - 83300 .

KORNBLUM J . Identifying almost identical files using context triggered piecewise hashing [J ] . Digital Investigation , 2006 , 3 : 91 - 97 .

任艳丽 , 徐丹婷 , 张新鹏 , 等 . 可修改的区块链方案 [J ] . 软件学报 , 2020 , 31 ( 12 ): 3909 - 3922 .

REN Y L , XU D T , ZHANG X P , et al . Scheme of revisable blockchain [J ] . Journal of Software , 2020 , 31 ( 12 ): 3909 - 3922 .

MAHROUS W A , FAROUK M , DARWISH S M . An enhanced blockchain-based IoT digital forensics architecture using fuzzy hash [J ] . IEEE Access , 2021 , 9 : 151327 - 151336 .

ALI M , ISMAIL A , ELGOHARY H , et al . A procedure for tracing chain of custody in digital image forensics: a paradigm based on grey hash and blockchain [J ] . Symmetry , 2022 , 14 ( 2 ): 334 .

LI M , SHEN Y Z , YE G X , et al . Anonymous, secure, traceable, and efficient decentralized digital forensics [J ] . IEEE Transactions on Knowledge and Data Engineering , 2024 , 36 ( 5 ): 1874 - 1888 .

FERNANDEZ-CARRASCO J A , EGUES-ARREGUI T , ZOLA F , et al . ChronoEOS: configuration control system based on EOSIO blockchain for on-running forensic analysis [C ] //Blockchain and Applications, 4th International Congress. Berlin : Springer , 2023 : 37 - 47 .

LE D P , MENG H S , SU L , et al . BIFF: a blockchain-based IoT forensics framework with identity privacy [C ] // Proceedings of the TENCON 2018-2018 IEEE Region 10 Conference . Piscataway : IEEE Press , 2018 : 2372 - 2377 .

KUMAR G , SAHA R , LAL C , et al . Internet-of-forensic (IoF): a blockchain based digital forensics framework for IoT applications [J ] . Future Generation Computer Systems , 2021 , 120 : 13 - 25 .

GOLDREICH O , MICALI S , WIGDERSON A . Proofs that yield nothing but their validity and a methodology of cryptographic protocol design [C ] // Proceedings of the 27th Annual Symposium on Foundations of Computer Science . Piscataway : IEEE Press , 1986 : 174 - 187 .

LI M , CHEN Y F , LAL C , et al . Eunomia: anonymous and secure vehicular digital forensics based on blockchain [J ] . IEEE Transactions on Dependable and Secure Computing , 2023 , 20 ( 1 ): 225 - 241 .

TYAGI R , SHARMA S , MOHAN S . Blockchain enabled intelligent digital forensics system for autonomous connected vehicles [C ] // Proceedings of the 2022 International Conference on Communication, Computing and Internet of Things (IC3IoT) . Piscataway : IEEE Press , 2022 : 1 - 6 .

AKBARFAM A J , BARAZANDEH S , MALEKI H , et al . DLACB: deep learning based access control using blockchain [J ] . arXiv Preprint , arXiv: 2303.14758 , 2023 .

AKBARFAM A J , HEIDARIPOUR M , MALEKI H , et al . ForensiBlock: a provenance-driven blockchain framework for data forensics and auditability [C ] // Proceedings of the 2023 5th IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA) . Piscataway : IEEE Press , 2023 : 136 - 145 .

ISLAM M E , ISLAM M R , CHETTY M , et al . User authentication and access control to blockchain-based forensic log data [J ] . EURASIP Journal on Information Security , 2023 , 2023 ( 1 ): 7 .

LI M , WENG J , LIU J N , et al . Toward vehicular digital forensics from decentralized trust: an accountable, privacy-preserving, and secure realization [J ] . IEEE Internet of Things Journal , 2022 , 9 ( 9 ): 7009 - 7024 .

孙靖超 . 基于区块链的可扩展电子取证模型研究 [J ] . 计算机应用研究 , 2021 , 38 ( 3 ): 671 - 674, 679 .

SUN J C . Research on scalable digital forensics model based on blockchain [J ] . Application Research of Computers , 2021 , 38 ( 3 ): 671 - 674, 679 .

陈葳葳 , 曹利 , 顾翔 . 基于区块链的车联网电子取证模型 [J ] . 计算机应用 , 2021 , 41 ( 7 ): 1989 - 1995 .

CHEN W W , CAO L , GU X . E-forensics model for Internet of vehicles based on blockchain [J ] . Journal of Computer Applications , 2021 , 41 ( 7 ): 1989 - 1995 .

MIAO Z K , YE C X , YANG P , et al . Blockchain-based electronic evidence storage and efficiency optimization [C ] // Proceedings of the 2021 International Conference on Artificial Intelligence and Blockchain Technology (AIBT) . Piscataway : IEEE Press , 2021 : 109 - 113 .

RUAN P C , DINH T T A , LIN Q , et al . LineageChain: a fine-grained, secure and efficient data provenance system for blockchains [J ] . The VLDB Journal , 2021 , 30 ( 1 ): 3 - 24 .

TAO Q , CUI X H . B-FLACS: blockchain-based flexible lightweight access control scheme for data sharing in cloud [J ] . Cluster Computing , 2023 , 26 ( 6 ): 3931 - 3941 .

WAN C , MEHMOOD A , CARSTEN M , et al . A blockchain based forensic system for IoT sensors using MQTT protocol [C ] // Proceedings of the 2022 9th International Conference on Internet of Things: Systems, Management and Security (IOTSMS) . Piscataway : IEEE Press , 2022 : 1 - 8 .

ALMUTAIRI W , MOULAHI T . Joining federated learning to blockchain for digital forensics in IoT [J ] . Computers , 2023 , 12 ( 8 ): 157 .

KHAN A A , UDDIN M , SHAIKH A A , et al . MF-ledger: blockchain hyperledger sawtooth-enabled novel and secure multimedia chain of custody forensic investigation architecture [J ] . IEEE Access , 2021 , 9 : 103637 - 103650 .

BONOMI S , CASINI M , CICCOTELLI C . B-CoC: a blockchain-based chain of custody for evidences management in digital forensics [J ] . arXiv Preprint , arXiv: 1807.10359 , 2018 .

LONE A H , MIR R N . Forensic-chain: blockchain based digital forensics chain of custody with PoC in hyperledger composer [J ] . Digital Investigation , 2019 , 28 : 44 - 55 .

ALQAHTANY S S , SYED T A . ForensicTransMonitor: a comprehensive blockchain approach to reinvent digital forensics and evidence management [J ] . Information , 2024 , 15 ( 2 ): 109 .

ALRUWAILI F F . CustodyBlock: a distributed chain of custody evidence framework [J ] . Information , 2021 , 12 ( 2 ): 88 .

SHARMA P K , CHEN M Y , PARK J H . A software defined fog node based distributed blockchain cloud architecture for IoT [J ] . IEEE Access , 2018 , 6 : 115 - 124 .

BLONDEL V D , GUILLAUME J L , LAMBIOTTE R , et al . Fast unfolding of communities in large networks [J ] . Journal of Statistical Mechanics: Theory and Experiment , 2008 , 2008 ( 10 ): P10008 .

CLACK C D , BAKSHI V A , BRAINE L . Smart contract templates: foundations, design landscape and research directions [J ] . arXiv Preprint , arXiv: 1608.00771 , 2016 .

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

面向新能源汽车能源交易系统的PoRT共识机制

基于椭圆曲线签密的跨链医疗数据共享方案

基于博弈论和可验证共识的防合谋跨链交易方案

面向双层区块链的人车分离信任管理方案

基于区块链的支付信道网络：挑战与发展