How to Start Hello Flood Attack Projects Using OMNeT++
To start Hello Flood Attack using OMNeT++ which is a kind of Denial of Service (DoS) attack that utilises the “Hello” messages in wireless sensor networks (WSNs) or other protocols, which based on the first “Hello” packets for neighbor discovery. The attacker flow the network including “Hello” packets to make confusion and exhausting the network resources.
Below is a general method on how we can start a Hello Flood Attack simulation project using OMNeT++:
Steps to Start Hello Flood Attack Projects in OMNeT++
- Understand Hello Flood Attacks
- Attack Mechanism:
- In a network, attacker transmits the spoofed “Hello” packets including high transmission power to nodes.
- Target nodes consider the attacker is a neighbor and aim to launch connections, wasting resources and triggering the network disruption.
- Target Protocols:
- Protocols frequently utilise the “Hello” messages for neighbor discovery or routing like AODV, DSR, or LEACH.
- Set Up OMNeT++ and INET Framework
- Install OMNeT++: We should download and set up OMNeT++ on the system.
- Install INET Framework:
- INET framework offers modules for wireless interaction and protocols such as AODV and DSR.
- Define Project Scope
Step 3.1: Attack Goals
- In a wireless network, replicate a Hello Flood attack.
- Measure the influence over:
- Routing protocols.
- Data packet delivery.
- Network resources such as bandwidth, energy.
Step 3.2: Metrics
- Estimate the performance indicators like:
- Energy consumption of victim nodes.
- Network latency.
- Packet delivery ratio.
- Design Network Topology
We can make a wireless sensor network topology using .ned file. It has attacker and several victim nodes, and a sink (base station).
Example .ned File:
network HelloFloodAttackNetwork {
submodules:
attacker: WirelessHost; // Attacker node
sink: WirelessHost; // Base station or sink node
node[5]: WirelessHost; // Sensor nodes
connections allowunconnected:
sink.wlanRadio <–> node[0].wlanRadio;
sink.wlanRadio <–> node[1].wlanRadio;
sink.wlanRadio <–> node[2].wlanRadio;
sink.wlanRadio <–> node[3].wlanRadio;
sink.wlanRadio <–> attacker.wlanRadio;
}
- Implement the Hello Flood Attack
Make a custom module, which overflows the network including “Hello” messages for the attacker.
Step 5.1: Attack Implementation in C++
#include <omnetpp.h>
#include “inet/common/packet/Packet.h”
using namespace omnetpp;
using namespace inet;
class HelloFloodAttacker : public cSimpleModule {
protected:
virtual void initialize() override;
virtual void handleMessage(cMessage *msg) override;
void sendHelloMessage();
};
Define_Module(HelloFloodAttacker);
void HelloFloodAttacker::initialize() {
// Schedule the first “Hello” flood
scheduleAt(simTime() + uniform(0.1, 0.2), new cMessage(“sendHello”));
}
void HelloFloodAttacker::handleMessage(cMessage *msg) {
if (strcmp(msg->getName(), “sendHello”) == 0) {
sendHelloMessage();
// Repeat the attack every 0.1 seconds
scheduleAt(simTime() + 0.1, msg);
}
}
void HelloFloodAttacker::sendHelloMessage() {
EV << “Sending Hello Flood packet\n”;
auto pkt = new Packet(“HelloFlood”);
pkt->addTag<MacAddressReq>()->setDestAddress(MacAddress::BROADCAST_ADDRESS); // Broadcast the message
send(pkt, “out”);
}
Step 5.2: Victim Node Behavior
- Make use of INET’s default components for the target nodes like WirelessHost or modify them for replicating resource depletion.
- Simulate Legitimate Traffic
Step 6.1: Configure Traffic for Legitimate Nodes
Set legitimate nodes for transmitting sensor information to the sink.
Example .ini File Configuration:
[Config HelloFloodAttack]
network = HelloFloodAttackNetwork
# Legitimate sensor node traffic
**.node[*].numApps = 1
**.node[*].app[0].typename = “UdpBasicApp”
**.node[*].app[0].destAddress = “sink”
**.node[*].app[0].startTime = 1s
**.node[*].app[0].sendInterval = 2s
**.node[*].app[0].packetLength = 128B
# Sink configuration
**.sink.numApps = 1
**.sink.app[0].typename = “UdpSink”
# Attacker configuration
**.attacker.numApps = 1
**.attacker.app[0].typename = “HelloFloodAttacker”
sim-time-limit = 100s
- Run the Simulation
- Launch the Simulation: Execute the simulation to utilise OMNeT++ IDE.
- Observe Behavior:
- Target nodes replying to the attacker’s “Hello” packets.
- Influence over legitimate traffic.
- Analyze the Results
Step 8.1: Key Metrics
- Packet Delivery Ratio (PDR):
- We can assess the percentage of effective packets that are distributed to the total packets transmitted.
- Energy Consumption:
- Measure the power usage of victim nodes in attack.
- Network Latency:
- Estimate the network delays triggered by the attack.
Step 8.2: Visualization
- Make use of OMNeT++’s built-in tools for envisioning:
- Network congestion.
- Packet flows.
- Mitigation Techniques
We will need to replicate the defenses versus Hello Flood attacks:
- Signal Strength Validation:
- Confirm the real distance of the sender according to the signal strength.
- Message Authentication:
- It needs cryptographic authentication of “Hello” messages.
- Rate Limiting:
- Restrict the percentage of “Hello” messages a node manages.
- Enhance the Project
- Replicate the multi-node attacks such as distributed Hello Flood.
- For a realistic scenario, we utilise a larger network including mobility.
- We need to equate the efficacy of various defense mechanisms.
Example Output
- Before Attack: Nodes typically interact for sending information to the sink.
- During Attack: Nodes unused resources replying to spoof “Hello” packets, and disturbing legitimate traffic.
In this guide, we effectively executed the brief simulation process for replicating and examining the Hello Flood Attack Projects using MATLAB environment. If you need any assistance for extending this project, we will guide you.