Affiliation:
1. Zhengzhou Information Science and Technology Institute, Zhengzhou, Henan Province 450001, China
2. Henan Key Laboratory of Information Security, Zhengzhou, Henan Province 450001, China
Abstract
An eclipse attack is a common method used to attack the blockchain network layer; however, detecting eclipse attacks is challenging, and the performance of existing methods is inadequate due to uneven sample distribution, incomplete definition of discriminating features, and weak feature perception. Thus, this paper proposes an eclipse attack traffic detection method based in a custom combination of features and deep learning. To describe the behavior characteristics of attack traffic more accurately, traffic attribute features in there levels are defined in combination with the eclipse attack method. Here, the downstream traffic behavior feature of the eclipse attack is described from the conventional traffic feature, and the frequency distribution characteristics of eclipse attack traffic is by introducing the φ-entropy divergence algorithm. In addition, the structural characteristics of eclipse attack traffic are mapped from the rate of changes in traffic communication and load features. Then, the improved synthetic minority oversampling technique (ISMOTE) up-sampling algorithm is employed to eliminate interference caused by the uneven distribution of eclipse attack traffic samples on the detection results. In addition, the ISMOTE algorithm adjusts the sampling weight of minority class samples, supports automatic clustering and efficient up-sampling of samples, and improves the detection accuracy performance of eclipse attack samples by calculating the local cluster density. Then, deep feature mining is performed on the eclipse attack traffic from the distribution characteristics of space and time series using a CNN and Bi-LSTM. Simultaneously, mining features are fully integrated into mixed feature using the multihead attention mechanism such that the relevance and complementarity of the two feature distributions can be utilized to enhance the model’s ability to perceive the spatiotemporal relationship of the eclipse attack traffic. Finally, the generated multihead attention items are detected for binary classification, and the results are output. Experimental results demonstrate that the proposed method can comprehensively enhance detection performance and sufficiently detect and classify eclipse attack traffic in the blockchain network layer.
Funder
National Natural Science Foundation of China
Subject
Electrical and Electronic Engineering,Computer Networks and Communications,Information Systems
Reference32 articles.
1. A peer-to-peer electronic cash system;S. Nakamoto,2008
2. Security problems on blockchain: the state of the art and future trends;X. Han;Acta Automatica Sinica,2019
3. Blockchain security attack: a brief survey;N. Anita
4. New kids on the block: an analysis of modern blockchains;L. Anderson,2016
5. Eclipsing ethereum peers with false friends;S. Henningsen,2019
Cited by
10 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献