4.2 Clustering of botnet of distributed denial of service attack
In this type of botnet attack, group of attackers would send the request for resource to the same destination address for specified time continuously so an authenticated user cannot get that resource for a particular time. The proposed algorithm would cluster those nodes based on the similarity vale of packet sending time, destination address and the resource which they requested continuously and the distance between source nodes and destination node is calculated in order to efficiently group the attacks.
In existing systems, hierarchical based clustering has been incorporated to cluster the devices of the attackers in the IoT based network, the main problem with hierarchical based clustering is thatif the decision is taken once to join two clusters, it cannot be cancelled but in this work mixture model is used for clustering so it has both matrices distance as well as similarity based so the clustering ratio is high when compared with an existing techniques.