What is it exactly the malicious attack doing ?
It would be helpful to know in combating it for there are many ways to see your connection tree and I 'm not in the mood for writing a book on it that would allow others to circumvent what I might point out.
A simple answer is go private node and hard config your connections and make them permanent.
But even that is not 100% depending on the malicious action.
But you can comment out the stats reporting line and I doubt that will solve your malicious issue, but I don’t really know what that is.