How to Start ICMP Redirect Attack Projects Using NS3

To simulate an ICMP Redirect Attack utilizing the NS-3 tool we will generate a situation in which an attacker transmits the spoofed ICMP Redirect messages we modify the victim’s routing table and tricking into using a malicious router. Here’s how to proceed following below procedures:

Steps to start ICMP Redirect Attack Projects Using NS3

1. Set Up NS-3

• Install NS-3:

./waf configure

./waf build

• Verify the installation:

./waf –run hello-simulator

2. Understand ICMP Redirect Attacks

• ICMP Redirect:
  • Transmit through a router we inform a host of a better route for a precise destination.
  • The attacker transmits the forged ICMP Redirect messages to:
    • Redirect traffic to a malicious router.
    • Alter the victim’s routing table to drop or manipulate traffic.

3. Define the Network Topology

• Generate a topology with legitimate nodes such as hosts and routers and an attacker.
• Sample Topology:

NodeContainer victim, router1, router2, attacker;

victim.Create(1);

router1.Create(1);  // Legitimate router

router2.Create(1);  // Malicious router (controlled by attacker)

attacker.Create(1);

PointToPointHelper p2p;

p2p.SetDeviceAttribute(“DataRate”, StringValue(“10Mbps”));

p2p.SetChannelAttribute(“Delay”, StringValue(“2ms”));

// Connect victim to legitimate router

NetDeviceContainer victimToRouter = p2p.Install(NodeContainer(victim.Get(0), router1.Get(0)));

// Connect legitimate router to malicious router

NetDeviceContainer routerToMaliciousRouter = p2p.Install(NodeContainer(router1.Get(0), router2.Get(0)));

4. Assign IP Addresses

• Install the Internet stack and assign IPs to the nodes.

InternetStackHelper stack;

stack.Install(victim);

stack.Install(router1);

stack.Install(router2);

stack.Install(attacker);

Ipv4AddressHelper address;

address.SetBase(“10.1.1.0”, “255.255.255.0”);

Ipv4InterfaceContainer victimToRouterInterfaces = address.Assign(victimToRouter);

address.SetBase(“10.1.2.0”, “255.255.255.0”);

Ipv4InterfaceContainer routerToMaliciousRouterInterfaces = address.Assign(routerToMaliciousRouter);

5. Simulate Normal Traffic

• Enhance the legitimate traffic from the victim to the legitimate router or another endpoint.

UdpEchoServerHelper echoServer(9);

ApplicationContainer serverApps = echoServer.Install(router2.Get(0));  // Server on router2

serverApps.Start(Seconds(1.0));

serverApps.Stop(Seconds(10.0));

UdpEchoClientHelper echoClient(routerToMaliciousRouterInterfaces.GetAddress(1), 9);

echoClient.SetAttribute(“MaxPackets”, UintegerValue(100));

echoClient.SetAttribute(“Interval”, TimeValue(Seconds(0.1)));

echoClient.SetAttribute(“PacketSize”, UintegerValue(1024));

ApplicationContainer clientApps = echoClient.Install(victim.Get(0));

clientApps.Start(Seconds(2.0));

clientApps.Stop(Seconds(10.0));

6. Implement the ICMP Redirect Attack

• ICMP Redirect Message:
  • The attacker transmits the forged ICMP Redirect message to the victim and instructing it we utilized the malicious router as the gateway.
• Packet Injection for ICMP Redirect:

void IcmpRedirectAttack(Ptr<Node> attacker, Ipv4Address victimAddr, Ipv4Address newGateway) {

Ptr<Socket> socket = Socket::CreateSocket(attacker, TypeId::LookupByName(“ns3::Ipv4RawSocketFactory”));

IcmpHeader icmpHeader;

icmpHeader.SetType(IcmpHeader::REDIRECT);

icmpHeader.SetCode(1);  // Redirect for the host

icmpHeader.SetRedirectAddress(newGateway);

Ptr<Packet> packet = Create<Packet>(1024);  // ICMP Redirect message payload

packet->AddHeader(icmpHeader);

socket->SendTo(packet, 0, InetSocketAddress(victimAddr, 0));

}

Simulator::Schedule(Seconds(3.0), &IcmpRedirectAttack, attacker.Get(0), victimToRouterInterfaces.GetAddress(0), routerToMaliciousRouterInterfaces.GetAddress(1));

7. Enable Packet Tracing

• Ensure their PCAP tracing we capture the traffic for analysis.

PointToPointHelper p2p;

p2p.EnablePcapAll(“icmp-redirect-attack”);

8. Run the Simulation

• We Compile and execute the replication:

./waf –run icmp-redirect-attack

• The .pcap files will be generated for each network device.

9. Analyze the Attack with Wireshark

• Open the .pcap file in Wireshark:

wireshark icmp-redirect-attack-0-0.pcap

• Utilized the Wireshark filters we identify the ICMP Redirect messages:
  • ICMP Redirect: icmp.type == 5
• Look for variations in the victim’s traffic flow.

10. Implement Detection and Mitigation (Optional)

• Detection:
  • Track for suspicious ICMP Redirect messages.
  • Validate which the source of the ICMP Redirect is the legitimate router.
• Mitigation:
  • Avoid the ICMP Redirect messages.
  • Utilized the secure protocols such as IPSec to encrypt ICMP messages.
• Example: Dropping ICMP Redirect Packets

void MonitorTraffic(Ptr<const Packet> packet) {

Ipv4Header ipv4Header;

packet->PeekHeader(ipv4Header);

if (ipv4Header.GetProtocol() == Ipv4Header::PROTO_ICMP) {

NS_LOG_UNCOND(“ICMP packet detected: ” << ipv4Header);

}

}

11. Evaluate Metrics

• Measure the attack’s impact:
  • Routing Table Changes: Traffic gets redirected and checked the victims.
  • Latency: Calculate the delays caused through traffic rerouting.
  • Packet Delivery Ratio: Check the legitimate traffic is disrupted.

Key Points

1. The attacker node transmits the spoofed ICMP Redirect messages.
2. The victim node alters its routing table and redirecting traffic to a malicious router.
3. Analyse the attack in Wireshark we validate the ICMP Redirect messages and routing changes.
4. Execute the detection mechanisms such as validating the source of ICMP Redirect messages.

This setup ensures we replicate an ICMP Redirect Attack and discover its impact of the network. Let me know if you need further assistance with implementation!

We thorough the entire Manual and analysed the simulation process on how the start ICMP Redirect attack projects will be simulated and executed using the tool of NS3 framework over network. If you did like to know more details regarding this process, we will be offered it  make sure to send all your project details to phdprojects.org to experience best services.