4.2 Clustering of botnet of distributed denial of service
attack
In this type of botnet attack, group of attackers would send the request
for resource to the same destination address for specified time
continuously so an authenticated user cannot get that resource for a
particular time. The proposed algorithm would cluster those nodes based
on the similarity vale of packet sending time, destination address and
the resource which they requested continuously and the distance between
source nodes and destination node is calculated in order to efficiently
group the attacks.
In existing systems, hierarchical based clustering has been incorporated
to cluster the devices of the attackers in the IoT based network, the
main problem with hierarchical based clustering is thatif the decision
is taken once to join two clusters, it cannot be cancelled but in this
work mixture model is used for clustering so it has both matrices
distance as well as similarity based so the clustering ratio is high
when compared with an existing techniques.