Skip to content

Tamper Protection

Nyroxis includes strong tamper‑protection mechanisms designed to ensure that no attacker can delete, modify, forge, or reorder logs without detection.
These protections operate fully offline and are enforced inside the local database and event pipeline.

1. Hash‑Chained Event Blocks

Each event is stored as: - Encrypted payload
- Integrity hash
- Sequential index
- Link to previous block

This structure forms a hash‑chain similar to a blockchain.

Tampering becomes visible if: - A block is removed
- A block is modified
- A block is injected
- The sequence is reordered

Any mismatch breaks the chain and is flagged immediately.

2. Integrity Verification at Read Time

Every time NyXIA or the Dashboard reads data: - Hash is recalculated
- Sequence number is checked
- Previous‑hash match is validated

If anything has been altered, the system: - Rejects the data
- Flags a tamper event
- Stores a security alert locally

All checks remain local and offline.

3. Protected Write Path

The Agent writes logs using: - Atomic operations
- Controlled file handles
- Verified write sequences
- Encrypted buffers

This prevents: - Partial writes
- Interrupted corruption
- Injection attacks
- Unverified metadata

4. Anti‑Deletion Protection

If an attacker deletes logs: - The next block’s previous-hash will not match
- Nyroxis will detect a gap
- A “tamper‑deletion” alert is generated

Nothing can be removed silently.

5. Anti‑Modification Protection

If an attacker modifies: - Timestamp
- Metadata
- Event content
- Block ordering

Nyroxis detects it through: - Hash mismatch
- Index inconsistency
- Chain breakage

Modification is impossible without detection.

6. Anti‑Injection Protection

If someone tries to insert fake logs: - Sequence numbers fail
- Hash chain fails
- Integrity check fails

Nyroxis rejects the entire data slice and warns the user.

Summary

Nyroxis tamper protection ensures: - Logs cannot be deleted
- Logs cannot be modified
- Logs cannot be injected
- Logs cannot be reordered
- Any tampering is detectable

All protections operate locally, offline, and without cloud assistance.

© Nyroxis Documentation — Nyroxis® Endpoint Intelligence Platform
Built with MkDocs Material — Documentation auto-generated from public modules.