| With the continuous development of blockchain technology,the technology has been applied for many fields such as Internet of Things,Healthcare,Energy,Supply Chain,Manufacturing,Network Security and so on.However,there are still many security problems with blockchain,such as the privacy problem of blockchain system,smart contract vulnerability,attacks on blockchain network,mining attacks of needle-consensus mechanism and so on.Among them,Eclipse attack is an attack technique that will cause serious consequences of the blockchain network.It isolates the blockchain node from the normal network by filling the routing table of the blockchain node and occupying the network connection channel.The Eclipse attack can change the network transaction history seen by the affected node,or even take full control of the entire blockchain network,thus further carrying out more attacks.Currently,research on blockchain security protection technology mainly focuses on data integrity,user privacy protection and scalability.Due to the Eclipse attack's stealth and concurrency,there is still a lack of effective detection methods and defense strategies.In order to improve the defense capability of blockchain against Eclipse attack,this thesis proposes a traffic detection model and defense strategy for Eclipse attack,mainly as follows:1.Analyze Eclipse attack traffic.Analyze the implementation principle and feasibility of Eclipse attack,take Bitcoin as the specific research object,complete the implementation of Eclipse attack facing Bitcoin,and collect Eclipse attack traffic to complete the extraction of traffic characteristics.2.A network flow detection model based on a stochastic forest algorithm is proposed.A stochastic forest-based traffic detection model is proposed based on the characteristics of attack traffic,which consists of three parts: data collection,data flow processing and attack detection.The model is trained using a random forest algorithm to load sample dataset that acts as a binary classifier to classify the incoming traffic data as Eclipse attack traffic or normal traffic.3.Build a defense system against an Eclipse attack.A defense strategy for alarm response is proposed,including the reset of trusted connection and routing table cleaning,and a complete Eclipse attack defense system is implemented through coding combined with the traffic detection model.The system can effectively detect Eclipse attacks and use routing table cleaning strategy to delete the information of the malicious nodes in the routing table so as to restore the normal network communication of the victim nodes.The experimental test results in the defense scheme show that the Eclipse attack detection model based on random forest algorithm can effectively detect the Eclipse attack traffic,and the detection accuracy is up to 99.2593%.At the same time,the clearance rate of the alarm response strategy against the malicious nodes in the routing table is up to 100%.In summary,the defense scheme proposed to this thesis can effectively detect and abort Eclipse attack and complete the self-repair of the system. |
PDF Full Text Request