How to Start ICMP Redirect Attack Projects Using OMNeT++

To start an ICMP Redirect Attack project in OMNeT++, we follow this detailed procedure:

Steps to Start ICMP Redirect Attack Projects in OMNeT++

  1. Understand ICMP Redirect Attacks
  • ICMP Redirect Attack: This redirect attack encompasses to transmit the forged ICMP redirect packets to a target node for modifying their routing table. It can be misrouted the traffic via malicious nodes, to allow man-in-the-middle (MITM) attacks or blackhole attacks.
  • Objective:
    • Replicate an ICMP redirect attack.
    • Examine their influence over routing and traffic flow.
    • Optionally, we discover the defense approaches such as filtering or validation.
  1. Set Up OMNeT++ and INET Framework
  • Install OMNeT++: We should download and install the OMNeT++ on the system.
  • Install INET Framework: We can install the INET Framework that offers ICMP, IP, and routing protocol simulations.
  • Familiarize Yourself:
    • Focus on simple OMNeT++ network topology and component set up.
    • Comprehend the routing module and ICMP execution within INET framework.
  1. Define the Project Scope
  • Scenario:
    • An attacker transmits the counterfeit ICMP transmit messages to a target node.
    • The victim node modifies their routing table transmitting the traffic to a malicious node.
  • Topology:
    • We define the network topology with minimum three nodes such as Attacker, Victim, and Gateway.
  • Metrics:
    • Traffic flood before and after the attack.
    • Influence over victim routing and network performance.
  1. Design the Network Topology

Create a basic network topology using .ned file:

network IcmpRedirectAttackNetwork {

submodules:

victim: StandardHost;

attacker: StandardHost;

gateway: Router;

destination: StandardHost;

connections:

victim.ethg++ <–> EthernetLink <–> gateway.ethg++;

attacker.ethg++ <–> EthernetLink <–> gateway.ethg++;

gateway.ethg++ <–> EthernetLink <–> destination.ethg++;

}

  1. Simulate ICMP Redirect Attack

Step 5.1: Modify ICMP Behavior

  • Prolong the ICMP module of INET Framework for replicating counterfeit ICMP Redirect messages.
  • Example Code:

#include <omnetpp.h>

#include “inet/networklayer/icmp/IcmpHeader_m.h”

#include “inet/applications/udpapp/UdpBasicApp.h”

using namespace inet;

class IcmpRedirectAttack : public cSimpleModule {

protected:

virtual void initialize() override;

virtual void handleMessage(cMessage *msg) override;

void sendIcmpRedirect();

};

Define_Module(IcmpRedirectAttack);

void IcmpRedirectAttack::initialize() {

// Schedule the first attack

scheduleAt(simTime() + 1, new cMessage(“sendRedirect”));

}

void IcmpRedirectAttack::handleMessage(cMessage *msg) {

if (strcmp(msg->getName(), “sendRedirect”) == 0) {

sendIcmpRedirect();

scheduleAt(simTime() + 5, msg);  // Repeat the attack every 5 seconds

}

}

void IcmpRedirectAttack::sendIcmpRedirect() {

EV << “Sending forged ICMP Redirect message\n”;

auto icmpHeader = makeShared<IcmpHeader>();

icmpHeader->setType(ICMP_REDIRECT);  // ICMP Redirect Type

icmpHeader->setCode(0);             // Code: Redirect Datagram for the Network

icmpHeader->setCrc(0);              // Let INET calculate CRC

// Fake target IP (e.g., a malicious router)

icmpHeader->setTargetAddress(Ipv4Address(“192.168.1.100”));

// Send ICMP Redirect

send(new Packet(“FakeIcmpRedirect”, icmpHeader), “out”);

}

Step 5.2: Integrate with the Topology

  • Use .ned file to integrate the attack component to the attacker node:

attacker.applications[0].typename = “IcmpRedirectAttack”;

Step 5.3: Adjust Routing

  • Set the routing tables for the victim and gateway using .ini file. For instance:

**.gateway.routingTable.routingFile = “routingTable.xml”

  • Make sure typical routing before the attack. The redirect will be altered it.
  1. Configure Simulation
  • Specify the simulation performance metrics using the .ini configuration file:

[Config IcmpRedirectAttack]

network = IcmpRedirectAttackNetwork

**.victim.networkLayer.arp.typename = “Arp”

**.attacker.networkLayer.icmp.typename = “Icmp”

**.victim.applications[0].typename = “UdpBasicApp”

**.victim.applications[0].destAddress = “destination”

**.victim.applications[0].startTime = 0s

  1. Simulate and Analyze
  • In OMNeT++, we will need to execute the simulation.
  • Monitor:
    • Traffic flow disruptions.
    • Changes in the victim’s routing table.
    • Packet routing before and after the attack.
  • Make use of OMNeT++ logging tools or external packet analysers like Wireshark for analysis.
  1. Implement Defense Mechanisms (Optional)
  • Integrate the components for confirming ICMP Redirect messages:
    • Verify the source IP versus trusted routers.
    • Restrict the acceptance of ICMP Redirect messages.
  • We need to execute a logging approach for unusual ICMP traffic.
  1. Analyze Results
  • Measure:
    • Network performance effect.
    • Success rate of the attack within rerouting traffic.
    • Efficiency of countermeasures as executed.
  • To examine the performance parameters:
    • Latency maximizes.
    • Packet loss or redirection rate.
  1. Future Extensions
  • Replicate the larger networks for learning scalability.
  • Experiment with several attackers or more sophisticated attacks such as distributed redirect attacks.
  • Execute more advanced detection methods to utilise machine learning models or statistical mechanisms.

Example Output

  • Routing Table Changes: Indicate how the routing table of target node is changed by the fake ICMP redirect packets.
  • Traffic Flow Analysis: Examine the traffic to be transmitted via malicious node.

The simulation process for the ICMP Redirect Attack projects has been expertly conducted using OMNeT++ environment, with comprehensive details like configuring routing, coding, or analyzing results to follow in next manual.