How to Start Internet Attacks Projects using NS3

To Simulate an internet attacks in NS-3 has contains the generating network scenarios in which malicious nodes effort to interrupt, eavesdrop, or manipulate legitimate internet traffic. The general internet attacks have involved the DDoS, phishing, man-in-the-middle (MITM), and packet injection.

Here’s a guide to get started:

Steps to Start Internet Attacks Projects using NS3

  1. Set Up NS-3
  • Install and build NS-3:

./waf configure

./waf build

  • Test the installation:

./waf –run hello-simulator

  1. Understand Internet Attacks
  • Common Internet Attacks:
    • DDoS: Overwhelming a server by traffic.
    • MITM: Interrupting and altering the transmission.
    • Packet Injection: Adding the malicious packets into the network.
    • Spoofing: It faking the transmits identities.
    • Phishing Simulation: We replicating the malicious redirections or website impersonation.
  1. Define the Internet Network Topology
  • Generate a topology by:
    • Clients: It generating the traffic for legitimate users.
    • Server: A web or application server hosting services.
    • Attacker Node: Malicious node performing the attack.
  • Example Topology:

NodeContainer clients, server, attacker;

clients.Create(2);    // Two clients

server.Create(1);     // One server

attacker.Create(1);   // One attacker

PointToPointHelper p2p;

p2p.SetDeviceAttribute(“DataRate”, StringValue(“100Mbps”));

p2p.SetChannelAttribute(“Delay”, StringValue(“2ms”));

// Connect clients to the server

NetDeviceContainer devices1 = p2p.Install(NodeContainer(clients.Get(0), server.Get(0)));

NetDeviceContainer devices2 = p2p.Install(NodeContainer(clients.Get(1), server.Get(0)));

// Connect attacker to the network

NetDeviceContainer devices3 = p2p.Install(NodeContainer(attacker.Get(0), server.Get(0)));

  1. Assign IP Addresses
  • Install the Internet stack and assign IP addresses.

InternetStackHelper stack;

stack.Install(clients);

stack.Install(server);

stack.Install(attacker);

Ipv4AddressHelper address;

address.SetBase(“10.1.1.0”, “255.255.255.0”);

Ipv4InterfaceContainer interfaces1 = address.Assign(devices1);

 

address.SetBase(“10.1.2.0”, “255.255.255.0”);

Ipv4InterfaceContainer interfaces2 = address.Assign(devices2);

address.SetBase(“10.1.3.0”, “255.255.255.0”);

Ipv4InterfaceContainer interfaces3 = address.Assign(devices3);

  1. Simulate Legitimate Internet Traffic
  • Enhance the general traffic among clients and the server.
  • Example: TCP Traffic

uint16_t port = 8080;

Address serverAddress = InetSocketAddress(interfaces1.GetAddress(1), port);

PacketSinkHelper packetSinkHelper(“ns3::TcpSocketFactory”, serverAddress);

ApplicationContainer serverApps = packetSinkHelper.Install(server.Get(0));

serverApps.Start(Seconds(1.0));

serverApps.Stop(Seconds(10.0));

OnOffHelper clientTraffic(“ns3::TcpSocketFactory”, serverAddress);

clientTraffic.SetAttribute(“DataRate”, StringValue(“10Mbps”));

clientTraffic.SetAttribute(“PacketSize”, UintegerValue(1024));

ApplicationContainer clientApps = clientTraffic.Install(clients.Get(0));

clientApps.Start(Seconds(2.0));

clientApps.Stop(Seconds(10.0));

  1. Implement Internet Attacks

6.1 DDoS Attack

  • The attacker transmits high volumes of TCP or UDP traffic to the server.

void DDoSAttack(Ptr<Node> attacker, Ipv4Address targetAddress, uint16_t targetPort) {

Ptr<Socket> socket = Socket::CreateSocket(attacker, TypeId::LookupByName(“ns3::UdpSocketFactory”));

InetSocketAddress remote = InetSocketAddress(targetAddress, targetPort);

socket->Connect(remote);

for (int i = 0; i < 1000; ++i) {

Simulator::Schedule(Seconds(i * 0.001), [=]() {

Ptr<Packet> packet = Create<Packet>(1024);  // Payload

socket->Send(packet);

});

}

}

Simulator::Schedule(Seconds(3.0), &DDoSAttack, attacker.Get(0), interfaces1.GetAddress(1), 8080);

6.2 Man-in-the-Middle (MITM)

  • Intercept packets between clients and the server and modify or log them.

void MITM(Ptr<const Packet> packet) {

NS_LOG_UNCOND(“Intercepted Packet: ” << *packet);

// Modify and forward the packet (optional)

}

Ptr<NetDevice> attackerDevice = devices3.Get(0);

attackerDevice->TraceConnectWithoutContext(“PhyRxEnd”, MakeCallback(&MITM));

6.3 Packet Injection

  • Inject malicious packets into the network.

void InjectMaliciousPacket(Ptr<Node> attacker, Ipv4Address targetAddress, uint16_t targetPort) {

Ptr<Socket> socket = Socket::CreateSocket(attacker, TypeId::LookupByName(“ns3::UdpSocketFactory”));

InetSocketAddress remote = InetSocketAddress(targetAddress, targetPort);

socket->Connect(remote);

Ptr<Packet> maliciousPacket = Create<Packet>((uint8_t*)”MALICIOUS_PAYLOAD”, 18);

socket->Send(maliciousPacket);

}

Simulator::Schedule(Seconds(4.0), &InjectMaliciousPacket, attacker.Get(0), interfaces1.GetAddress(1), 8080);

6.4 Phishing Simulation

  • Redirect the client traffic to a fake server.

void PhishingRedirect(Ptr<Node> attacker, Ipv4Address fakeServerAddress, uint16_t port) {

// Redirect traffic by responding to ARP or DNS queries with the attacker’s IP

}

  1. Enable Packet Capturing
  • Utilizing the PCAP we seizure the packets for analysis with Wireshark.

PointToPointHelper p2p;

p2p.EnablePcapAll(“internet-attack”);

  1. Run the Simulation
  • Create and execute the simulation:

./waf –run internet-attack

  • Analyze the generated .pcap files.
  1. Analyze Captured Packets
  • Open the .pcap file in Wireshark:

wireshark internet-attack-0-0.pcap

  • Utilized their filters for specific attacks:
    • UDP Packets: udp
    • TCP SYN Flood: tcp.flags.syn == 1 && tcp.flags.ack == 0
  1. Implement Countermeasures
  • Replicate the defences for avoid or detect attacks:
    • Rate Limiting: Limit the number of packets per second for rate limiting.
    • Packet Filtering: Drop the suspicious packets for filtering.
    • Traffic Analysis: Detect the anomalies in traffic designs.
  • Example: Detecting High Traffic Volume

void MonitorTraffic(Ptr<const Packet> packet) {

static std::map<Address, int> trafficCount;

trafficCount[srcAddr]++;

if (trafficCount[srcAddr] > 100) {

NS_LOG_UNCOND(“Potential Attack from: ” << srcAddr);

}

}

  1. Evaluate Metrics
  • Estimate the impact of the attack:
    • Throughput: Checked for degradation.
    • Packet Delivery Ratio (PDR): Amount of legitimate traffic drops.
    • Latency: Calculate the delays due to attacks.
  • Use FlowMonitor for detailed analysis:

FlowMonitorHelper flowmon;

Ptr<FlowMonitor> monitor = flowmon.InstallAll();

This guide sets the foundation for simulating internet attacks in NS-3. Let me know if you need additional help or customization for specific scenarios!

By employing the Ns3, we can simulate and measure the performance for internet attacks projects that were simulated and visualized the results in the above following steps. We will be offering more information related this project in another manual. It is essential to ensure that all relevant project details are submitted to phdprojects.org. We assure you with best project and simulation services.