HyperSec is a research project to provide Visual Analytics for blockchain security monitoring. A demo of the prototype is available at http://pcrw00262.ur.de:8080/ (user: exploreradmin, pass: exploreradminpw).
Please consider citing our publication if you are using our HyperSec prototype for your research: https://doi.org/10.1007/978-3-030-78120-0_11
Putz, B., Böhm, F., Pernul, G. (2021). HyperSec: Visual Analytics for Blockchain Security Monitoring. In: Jøsang, A., Futcher, L., Hagen, J. (eds) ICT Systems Security and Privacy Protection. SEC 2021. IFIP Advances in Information and Communication Technology, vol 625. Springer, Cham. https://doi.org/10.1007/978-3-030-78120-0_11
The prototype in this repository is based on Hyperledger Explorer. It is intended for security monitoring and includes several visualizations to facilitate this.
Key technical improvements compared to Hyperledger Explorer include:
- Dashboard: Fabric JIRA issues are shown on the dashboard
- Network: The network structure (peers, orderers) is visualized in the network view. Docker Logs can be inspected from the frontend
- Blocks: Blocks display is more compact, transaction detail inspection was moved to the block modal
- Transactions: Prometheus Operations Service Metrics are displayed in interactive charts. Transaction display is enhanced with user and size information
- Chaincodes: Security scan results can be inserted in the database and viewed in the frontend (use revive-cc for scans)
HyperSec requires some additional setup compared to a regular Hyperledger Explorer instance. Details are below.
Make sure to configure logging output as JSON. You also need to configure the Operations service. The required variables for both are shown below for a peer:
FABRIC_LOGGING_FORMAT=json
CORE_OPERATIONS_LISTENADDRESS=peer0.org1.example.com:9443
CORE_METRICS_PROVIDER=prometheus
An example yaml file is available here.
If you want to use a pre-configured test network, you can use this repo for a correctly configured test network:
https://github.com/sigma67/fabric-samples (metrics branch)
Please refer to the base project Hyperledger Explorer for how to set up Hyperledger Explorer with your Hyperledger Fabric instance: https://github.com/sigma67/hypersec/tree/master
Additional config: You must set the proxy parameter in package.json to point to your Hyperledger Explorer Backend. localhost:8080 works fine if the client is running on the same host.
In your app\explorerconfig.json, set the JIRA username and password (your Linux Foundation credentials) to see Hyperledger Fabric issues on the dashboard.
A Prometheus instance is required and must be connected to a peer and an orderer.
An example config is available here:
https://github.com/sigma67/fabric-samples/blob/metrics/test-network/prometheus.yml
Like the Hyperledger Explorer Project source code HyperSec is released under the Apache 2.0 license. The README.md, CONTRIBUTING.md files, and files in the "images", "snapshots" folders are licensed under the Creative Commons Attribution 4.0 International License. You may obtain a copy of the license, titled CC-BY-4.0, at http://creativecommons.org/licenses/by/4.0/.
