How to Start Quench Attack Projects Using NS2

To start Quench Attack using NS2 which is a Denial of Service (DoS) mechanism that make use of “Source Quench” ICMP messages. These messages were generally utilised for indicating congestion or demanding a sender to delay the packet transmission rate. While largely denounced, then we can replicate a Quench Attack in NS2 (Network Simulator 2) encompasses to make counterfeit ICMP Source Quench messages for interrupting network performance.

Following is a systematic method to get started with a Quench Attack project in NS2:

Steps to Start Quench Attack Projects in NS2

  1. Understand the Quench Attack
  • Quench Attack:
    • The attacker transmits the spoofed ICMP Source Quench messages to a sender, deceiving it to unnecessarily minimizing their transmission rate.
    • Outcomes in minimized throughput, higher latency, or still a complete interaction are failure.
  • Objective in Simulation:
    • Define the purpose of replicating the effect of a Quench Attack on network performance parameters such as throughput, latency, and packet loss.
  1. Set Up NS2
  1. Install NS2:
    • Make sure that we have installed NS2 and working properly.
    • Confirm the installation including a simple TCL script:

ns example.tcl

  1. Familiarize with NS2 Components:
    • We can gain more know about ICMP message managing within NS2 as icmp.h, icmp.cc.
    • Focus on how to transmit and capture ICMP packets within the simulation.
  1. Design the Quench Attack
  • Components:
    • Sender Node: Transmits legitimate traffic.
    • Receiver Node: It obtains traffic from the sender.
    • Attacker Node: These nodes support spoofs ICMP Source Quench messages to the sender.
  • Metrics to Measure:
    • Estimate the throughput that is minimized at the sender.
    • Compute latency and packet delivery ratio.
  1. Implement the Quench Logic

The attack encompasses to alter or make ICMP message handling logic.

Step 4.1: Create a Custom ICMP Application

Fine-tune ICMP protocol for mimicking the attack.

Example Code for Quench Messages

  • Change or make a new ICMP-based application as icmp_quench.cc:

#include “icmp.h”

#include “ip.h”

class ICMPQuench : public ICMP {

public:

void sendQuench(Packet *p, int target) {

Packet *quench = Packet::alloc();

hdr_ip *iph = hdr_ip::access(quench);

hdr_cmn *cmnh = hdr_cmn::access(quench);

// Set ICMP type to Source Quench

iph->daddr() = target;

iph->saddr() = index;  // Attacker’s address

iph->proto() = IP_PROTO_ICMP;

cmnh->ptype() = PT_ICMP;

cmnh->size() = 64;  // Set ICMP packet size

cmnh->error() = 0;

// Send the ICMP packet

Scheduler::instance().schedule(target_, quench, 0.0);

printf(“Quench packet sent to node %d\n”, target);

}

};

Step 4.2: Integrate Quench Logic

  • Integrate a function to make periodic Quench messages in the attacker node:

void startQuenchAttack(int target) {

for (int i = 0; i < 10; i++) {

sendQuench(target);

}

}

Step 4.3: Update the NS2 Build System

  1. Incorporate the custom ICMP application file as icmp_quench.cc to the Makefile:

cd ns-2.35

gedit Makefile

  1. Combine icmp_quench.o to the OBJ_CC list.
  2. Recompile NS2:

make clean

make

  1. Write the TCL Simulation Script

We need to make a TCL script for replicating the Quench Attack scenario.

Step 5.1: Define Network Topology

  • Configure a basic network that contains sender, receiver, and attacker nodes:

set ns [new Simulator]

set tracefile [open trace.tr w]

$ns trace-all $tracefile

# Create nodes

set sender [$ns node]

set receiver [$ns node]

set attacker [$ns node]

Step 5.2: Configure Traffic

  • Set legitimate traffic among the sender and receiver:

set udp [new Agent/UDP]

$ns attach-agent $sender $udp

set null [new Agent/Null]

$ns attach-agent $receiver $null

$ns connect $udp $null

set cbr [new Application/Traffic/CBR]

$cbr attach-agent $udp

$cbr set packetSize_ 512

$cbr set rate_ 10Mb

$ns at 1.0 “$cbr start”

Step 5.3: Activate the Quench Attack

  • Set up the attacker node for transmitting the ICMP Source Quench messages:

$ns at 5.0 “$attacker startQuenchAttack $sender”

Step 5.4: Run the Simulation

  • We will want to store the simulation script as quench_attack.tcl and then run the simulation in NS2:

ns quench_attack.tcl

  1. Analyze Results
  • Trace File Analysis:
    • Investigate the trace.tr file for:
      • ICMP Source Quench messages.
      • Throughput reduction and packet delays.
  • Performance Metrics:
    • Throughput: Estimate the sender’s output before and after the attack.
    • Latency: Examine delays that are launched by the attack.
    • Packet Delivery Ratio: Assess the rate of packets which are effectively inherited.
  1. Mitigation Techniques

Experiment the countermeasures mechanisms like:

  1. Disabling ICMP Source Quench:
    • Modern systems are frequently disregarding the Source Quench messages by reason of its vulnerability.
  2. Firewall Rules:
    • We can obstruct suspicious ICMP traffic at network access points.
  3. Rate Limiting:
    • Restrict the percentage of ICMP messages for avoiding spamming.
  1. Document the Project

The project should contain:

  • Objective: Explain the effect of a Quench Attack.
  • Simulation Setup: Define the topology and sets up.
  • Results: It offers performance parameters, graphs, and insights.
  • Countermeasures: Assess its efficiency.
  1. Additional Resources
  • NS2 Documentation: We can refer the NS2 documentation for executing ICMP.
  • Research Papers: Discover findings on ICMP-based attacks and mitigation.
  • Books:
    • We can also offer required book Introduction to Network Simulator NS2 by Teerawat Issariyakul.

We effectively developed simulation steps for simulating, evaluating and analysing the Quench Attack Projects in NS2 environment. We’re ready to offer further extension on this subject upon request.