Blockchain security is becoming increasingly relevant in today's cyberspace
as it extends its influence in many industries. This paper focuses on
protecting the lowest level layer in the blockchain, particularly the P2P
network that allows the nodes to communicate and share information. The P2P
network layer may be vulnerable to several families of attacks, such as
Distributed Denial of Service (DDoS), eclipse attacks, or Sybil attacks. This
layer is prone to threats inherited from traditional P2P networks, and it must
be analyzed and understood by collecting data and extracting insights from the
network behavior to reduce those risks. We introduce Tikuna, an open-source
tool for monitoring and detecting potential attacks on the Ethereum blockchain
P2P network, at an early stage. Tikuna employs an unsupervised Long Short-Term
Memory (LSTM) method based on Recurrent Neural Network (RNN) to detect attacks
and alert users. Empirical results indicate that the proposed approach
significantly improves detection performance, with the ability to detect and
classify attacks, including eclipse attacks, Covert Flash attacks, and others
that target the Ethereum blockchain P2P network layer, with high accuracy. Our
research findings demonstrate that Tikuna is a valuable security tool for
assisting operators to efficiently monitor and safeguard the status of Ethereum
validators and the wider P2P networkComment: 15 pages, 2 figures, submitted to ISPEC 2023 Conferenc