How to Start Active Attacks Projects Using NS3

To start active attacks using NS3 that contains to make scenarios in which malicious nodes dynamically disrupt, intercept, or manipulate network interaction. Active attacks contain Denial of Service (DoS), Man-in-the-Middle (MITM), packet injection, routing attacks, and more.

Below is a brief technique on how to start an Active Attacks project in NS3:

Steps to Start Active Attacks Projects in NS3

  1. Set Up NS3
  • Install and build NS3:

./waf configure

./waf build

  • Verify the installation:

./waf –run hello-simulator

  1. Understand Active Attacks
  • Active Attack Types:
    • DoS/DDoS: To flood the network consuming resources.
    • Packet Injection: It inserting malicious packets to the interaction.
    • Man-in-the-Middle (MITM): To interrupt and change the interaction.
    • Routing Attacks: This attacks influence routing data like blackhole, grayhole, and wormhole attacks.
    • Replay Attacks: To retransmit the intercepted packets interrupting communication.
  1. Define the Network Topology
  • Configure a network including:
    • Legitimate Nodes: To communicate typical clients and servers.
    • Attacker Node: It interrupts or manipulates the interaction.
  • Example Topology:

NodeContainer clients, server, attacker;

clients.Create(2);  // Two legitimate clients

server.Create(1);   // Server

attacker.Create(1); // Attacker

PointToPointHelper p2p;

p2p.SetDeviceAttribute(“DataRate”, StringValue(“10Mbps”));

p2p.SetChannelAttribute(“Delay”, StringValue(“2ms”));

// Connect nodes

NetDeviceContainer clientToServer = p2p.Install(NodeContainer(clients, server.Get(0)));

NetDeviceContainer attackerToServer = p2p.Install(NodeContainer(attacker.Get(0), server.Get(0)));

  1. Assign IP Addresses
  • We need to install the Internet stack and then allocate IPs to the nodes.

InternetStackHelper stack;

stack.Install(clients);

stack.Install(server);

stack.Install(attacker);

Ipv4AddressHelper address;

address.SetBase(“10.1.1.0”, “255.255.255.0”);

address.Assign(clientToServer);

address.SetBase(“10.1.2.0”, “255.255.255.0”);

address.Assign(attackerToServer);

  1. Simulate Legitimate Traffic
  • We need to insert typical interaction among the clients and the server.
  • Instance: UDP Traffic

uint16_t port = 9;

UdpEchoServerHelper echoServer(port);

ApplicationContainer serverApp = echoServer.Install(server.Get(0));

serverApp.Start(Seconds(1.0));

serverApp.Stop(Seconds(10.0));

UdpEchoClientHelper echoClient(Ipv4Address(“10.1.1.1”), port);

echoClient.SetAttribute(“MaxPackets”, UintegerValue(50));

echoClient.SetAttribute(“Interval”, TimeValue(Seconds(0.1)));

echoClient.SetAttribute(“PacketSize”, UintegerValue(512));

ApplicationContainer clientApps = echoClient.Install(clients);

clientApps.Start(Seconds(2.0));

clientApps.Stop(Seconds(10.0));

  1. Simulate Active Attacks

6.1 DoS Attack

  • From the attacker node, overflow the server including the packets.

void DosAttack(Ptr<Node> attacker, Ipv4Address targetAddress, uint16_t port) {

Ptr<Socket> socket = Socket::CreateSocket(attacker, TypeId::LookupByName(“ns3::UdpSocketFactory”));

InetSocketAddress remote = InetSocketAddress(targetAddress, port);

socket->Connect(remote);

for (int i = 0; i < 1000; ++i) {

Simulator::Schedule(MilliSeconds(i), [=]() {

Ptr<Packet> packet = Create<Packet>(1024);  // Example DoS packet

socket->Send(packet);

});

}

}

Simulator::Schedule(Seconds(3.0), &DosAttack, attacker.Get(0), Ipv4Address(“10.1.1.1”), 9);

6.2 Packet Injection

  • We insert malicious packets to the interaction.

void PacketInjection(Ptr<Node> attacker, Ipv4Address targetAddress, uint16_t port) {

Ptr<Socket> socket = Socket::CreateSocket(attacker, TypeId::LookupByName(“ns3::UdpSocketFactory”));

InetSocketAddress remote = InetSocketAddress(targetAddress, port);

socket->Connect(remote);

Ptr<Packet> maliciousPacket = Create<Packet>((uint8_t*)”MALICIOUS”, 9);

socket->Send(maliciousPacket);

}

Simulator::Schedule(Seconds(4.0), &PacketInjection, attacker.Get(0), Ipv4Address(“10.1.1.1”), 9);

6.3 Man-in-the-Middle (MITM)

  • These attacks interrupt and change the packets to traverse the attacker node.

void MITMAttack(Ptr<const Packet> packet) {

NS_LOG_UNCOND(“Intercepted Packet: ” << *packet);

// Modify and forward the packet (optional)

}

Ptr<NetDevice> attackerDevice = attacker.Get(0)->GetDevice(0);

attackerDevice->TraceConnectWithoutContext(“PhyRxEnd”, MakeCallback(&MITMAttack));

6.4 Replay Attack

  • It earlier retransmits the interrupted packets to the server.

void ReplayAttack(Ptr<Node> attacker, Ptr<Packet> capturedPacket, Ipv4Address targetAddress, uint16_t port) {

Ptr<Socket> socket = Socket::CreateSocket(attacker, TypeId::LookupByName(“ns3::UdpSocketFactory”));

InetSocketAddress remote = InetSocketAddress(targetAddress, port);

socket->Connect(remote);

socket->Send(capturedPacket);

}

  1. Enable Packet Tracing
  • For analysis, seize packets including Wireshark to utilize PCAP.

PointToPointHelper p2p;

p2p.EnablePcapAll(“active-attack”);

  1. Run the Simulation
  • Now, we should compile and run the simulation:

./waf –run active-attack

  • We examine the .pcap files that are generated.
  1. Analyze Active Attacks
  • Go to the .pcap file within Wireshark:

wireshark active-attack-0-0.pcap

  • For certain attack types to utilize filters:
    • DoS Flood: udp && ip.dst == <server IP>
    • Malicious Packets: We strain by custom payloads.
  1. Implement Detection and Mitigation
  • Detection:
    • We can observe the packet rates or examine packet contents for anomalies.
    • Example:

void MonitorTraffic(Ptr<const Packet> packet) {

static std::map<Ipv4Address, int> packetCounts;

Ipv4Header ipv4Header;

packet->PeekHeader(ipv4Header);

packetCounts[ipv4Header.GetSource()]++;

if (packetCounts[ipv4Header.GetSource()] > 100) {

NS_LOG_UNCOND(“Potential Attack from: ” << ipv4Header.GetSource());

}

}

  • Mitigation:
    • Blacklisting suspicious nodes or packet filtering and rate limiting.
  1. Evaluate Metrics
  • We need to estimate the attack’s effect:
    • Throughput: Degradation by reason of the attack.
    • Packet Delivery Ratio (PDR): We measure the legitimate packet loss.
    • Latency: Delays triggered by resource exhaustion.
  • Make use of FlowMonitor:

FlowMonitorHelper flowmon;

Ptr<FlowMonitor> monitor = flowmon.InstallAll();

This manual has step-by-step approach along with sample coding for Active Attacks projects that were simulated and analysed through NS3 environment. If needed, we can provide more detailed insights on this project.

Rely on the researchers at phdprojects.org to deliver your projects efficiently and to the utmost quality. Our team will assist you in simulating Active Attacks Projects using NS-3, providing comprehensive explanations. We expertly manage various types of attacks, including Denial of Service (DoS), Man-in-the-Middle (MITM), packet injection, and routing attacks.