To implement active attacks within NS3 which needs to replicate the malicious actions, which directly get involved with network interaction. These attacks change, insert, or interrupt the traffic to concede the integrity, availability, or confidentiality of the network. DoS (Denial of Service), Man-in-the-Middle (MITM), Routing Table Poisoning, and Packet Injection are samples.
Below is a step-by-step technique to get started with executing active attacks in NS3:
Steps to Begin Implement Active Attacks in NS3
- Understand Active Attacks
Active attacks include:
- Traffic Manipulation: To change the packets’ content.
- Traffic Injection: Transmitting the forged packets.
- Traffic Disruption: Falling, delaying, or redirecting packets.
- Resource Exhaustion: Overworking network modules.
Here are general instances:
- Denial of Service (DoS): Overworking a target with unnecessary traffic.
- MITM: It supports for interrupting and fine-tuning the traffic.
- Routing Attacks: Broadcasting the counterfeit routes within a network.
- Set Up NS3
- Install NS3:
- We can download and install NS3 on the system.
- Confirm the set up using:
./waf –run hello-simulator
- Install Wireshark (optional):
- Examine the .pcap files that are made by NS3 using the tools like Wireshark.
- Create a Network Topology
Make a network topology including legitimate and malicious nodes:
NodeContainer nodes;
nodes.Create(4); // Sender, Receiver, Router, Attacker
PointToPointHelper p2p;
p2p.SetDeviceAttribute(“DataRate”, StringValue(“10Mbps”));
p2p.SetChannelAttribute(“Delay”, StringValue(“2ms”));
NetDeviceContainer devices;
devices.Add(p2p.Install(nodes.Get(0), nodes.Get(2))); // Sender to Router
devices.Add(p2p.Install(nodes.Get(1), nodes.Get(2))); // Receiver to Router
devices.Add(p2p.Install(nodes.Get(3), nodes.Get(2))); // Attacker to Router
- Simulate Legitimate Traffic
Replicate typical traffic among sender and receiver:
UdpEchoServerHelper echoServer(9);
ApplicationContainer serverApps = echoServer.Install(nodes.Get(1)); // Receiver
serverApps.Start(Seconds(1.0));
serverApps.Stop(Seconds(10.0));
UdpEchoClientHelper echoClient(Ipv4Address(“10.1.1.2”), 9); // Receiver’s IP
echoClient.SetAttribute(“MaxPackets”, UintegerValue(5));
echoClient.SetAttribute(“Interval”, TimeValue(Seconds(1.0)));
echoClient.SetAttribute(“PacketSize”, UintegerValue(1024));
ApplicationContainer clientApps = echoClient.Install(nodes.Get(0)); // Sender
clientApps.Start(Seconds(2.0));
clientApps.Stop(Seconds(10.0));
- Implement Active Attacks
- Traffic Injection
Add packets into the network for interrupting or mimicking legitimate interaction.
class TrafficInjectionApp : public Application {
public:
void Setup(Ptr<Socket> socket, Address targetAddr) {
m_socket = socket;
m_targetAddr = targetAddr;
}
void StartApplication() override {
Simulator::Schedule(Seconds(3.0), &TrafficInjectionApp::InjectTraffic, this);
}
void InjectTraffic() {
Ptr<Packet> packet = Create<Packet>((uint8_t*)”InjectedData”, 12); // Custom payload
m_socket->SendTo(packet, 0, m_targetAddr);
Simulator::Schedule(MilliSeconds(100), &TrafficInjectionApp::InjectTraffic, this); // Repeat injection
}
private:
Ptr<Socket> m_socket;
Address m_targetAddr;
};
Connect the application into the attacker node:
Ptr<Socket> attackerSocket = Socket::CreateSocket(nodes.Get(3), UdpSocketFactory::GetTypeId());
Ptr<TrafficInjectionApp> injectionApp = CreateObject<TrafficInjectionApp>();
injectionApp->Setup(attackerSocket, InetSocketAddress(Ipv4Address(“10.1.1.2”), 9)); // Receiver’s IP and port
nodes.Get(3)->AddApplication(injectionApp);
injectionApp->SetStartTime(Seconds(3.0));
injectionApp->SetStopTime(Seconds(10.0));
- Packet Modification (MITM)
Interrupt and fine-tune the packets using MITM.
class MITMApp : public Application {
public:
void StartApplication() override {
m_device->SetPromiscReceiveCallback(MakeCallback(&MITMApp::InterceptPacket, this));
}
void Setup(Ptr<NetDevice> device) {
m_device = device;
}
bool InterceptPacket(Ptr<NetDevice> device, Ptr<const Packet> packet, uint16_t protocol, const Address &srcAddr) {
NS_LOG_UNCOND(“Intercepted packet of size: ” << packet->GetSize());
// Modify packet or forward it
Ptr<Packet> modifiedPacket = Create<Packet>((uint8_t*)”ModifiedData”, 12); // Custom payload
m_socket->SendTo(modifiedPacket, 0, InetSocketAddress(Ipv4Address(“10.1.1.2”), 9));
return true; // Drop the original packet
}
private:
Ptr<NetDevice> m_device;
Ptr<Socket> m_socket;
};
Link application to the attacker:
Ptr<MITMApp> mitmApp = CreateObject<MITMApp>();
mitmApp->Setup(devices.Get(3)); // Attacker’s device
nodes.Get(3)->AddApplication(mitmApp);
mitmApp->SetStartTime(Seconds(1.0));
mitmApp->SetStopTime(Seconds(10.0));
- Denial of Service (DoS)
Overflow the target including unnecessary traffic.
void FloodTraffic(Ptr<Socket> socket, Address targetAddr) {
Ptr<Packet> packet = Create<Packet>(1024); // 1 KB packet
socket->SendTo(packet, 0, targetAddr);
Simulator::Schedule(MilliSeconds(10), &FloodTraffic, socket, targetAddr); // Repeat every 10 ms
}
Ptr<Socket> dosSocket = Socket::CreateSocket(nodes.Get(3), UdpSocketFactory::GetTypeId());
Simulator::Schedule(Seconds(3.0), &FloodTraffic, dosSocket, InetSocketAddress(Ipv4Address(“10.1.1.2”), 9)); // Target
- Enable Packet Capture
Make .pcap files to capture packets for detailed analysis:
p2p.EnablePcapAll(“active-attack-simulation”);
- Run the Simulation
- Construct the script then execute the simulation:
./waf –run active-attack-simulation
- Examine traffic using Wireshark:
- Analyze traffic with the support of filters such as:
- UDP:
- Analyze traffic with the support of filters such as:
udp
-
-
- Packets from the attacker:
-
ip.src == <attacker-ip>
- Example Code Skeleton
Below is a comprehensive sample script to execute the traffic injection and DoS:
#include “ns3/core-module.h”
#include “ns3/network-module.h”
#include “ns3/internet-module.h”
#include “ns3/point-to-point-module.h”
#include “ns3/applications-module.h”
using namespace ns3;
class TrafficInjectionApp : public Application {
public:
void Setup(Ptr<Socket> socket, Address targetAddr) {
m_socket = socket;
m_targetAddr = targetAddr;
}
void StartApplication() override {
Simulator::Schedule(Seconds(3.0), &TrafficInjectionApp::InjectTraffic, this);
}
void InjectTraffic() {
Ptr<Packet> packet = Create<Packet>((uint8_t*)”InjectedData”, 12); // Custom payload
m_socket->SendTo(packet, 0, m_targetAddr);
Simulator::Schedule(MilliSeconds(100), &TrafficInjectionApp::InjectTraffic, this); // Repeat
}
private:
Ptr<Socket> m_socket;
Address m_targetAddr;
};
void FloodTraffic(Ptr<Socket> socket, Address targetAddr) {
Ptr<Packet> packet = Create<Packet>(1024); // 1 KB packet
socket->SendTo(packet, 0, targetAddr);
Simulator::Schedule(MilliSeconds(10), &FloodTraffic, socket, targetAddr);
}
int main(int argc, char *argv[]) {
NodeContainer nodes;
nodes.Create(4); // Sender, Receiver, Router, Attacker
PointToPointHelper p2p;
p2p.SetDeviceAttribute(“DataRate”, StringValue(“10Mbps”));
p2p.SetChannelAttribute(“Delay”, StringValue(“2ms”));
NetDeviceContainer devices;
devices.Add(p2p.Install(nodes.Get(0), nodes.Get(2))); // Sender to Router
devices.Add(p2p.Install(nodes.Get(1), nodes.Get(2))); // Receiver to Router
devices.Add(p2p.Install(nodes.Get(3), nodes.Get(2))); // Attacker to Router
InternetStackHelper stack;
stack.Install(nodes);
Ipv4AddressHelper address;
address.SetBase(“10.1.1.0”, “255.255.255.0”);
Ipv4InterfaceContainer interfaces = address.Assign(devices);
// Legitimate traffic
UdpEchoServerHelper echoServer(9);
ApplicationContainer serverApps = echoServer.Install(nodes.Get(1)); // Receiver
serverApps.Start(Seconds(1.0));
serverApps.Stop(Seconds(10.0));
UdpEchoClientHelper echoClient(interfaces.GetAddress(1), 9);
echoClient.SetAttribute(“MaxPackets”, UintegerValue(5));
echoClient.SetAttribute(“Interval”, TimeValue(Seconds(1.0)));
echoClient.SetAttribute(“PacketSize”, UintegerValue(1024));
ApplicationContainer clientApps = echoClient.Install(nodes.Get(0)); // Sender
clientApps.Start(Seconds(2.0));
clientApps.Stop(Seconds(10.0));
// Traffic injection
Ptr<Socket> attackerSocket = Socket::CreateSocket(nodes.Get(3), UdpSocketFactory::GetTypeId());
Ptr<TrafficInjectionApp> injectionApp = CreateObject<TrafficInjectionApp>();
injectionApp->Setup(attackerSocket, InetSocketAddress(interfaces.GetAddress(1), 9));
nodes.Get(3)->AddApplication(injectionApp);
injectionApp->SetStartTime(Seconds(3.0));
injectionApp->SetStopTime(Seconds(10.0));
// DoS
Ptr<Socket> dosSocket = Socket::CreateSocket(nodes.Get(3), UdpSocketFactory::GetTypeId());
Simulator::Schedule(Seconds(3.0), &FloodTraffic, dosSocket, InetSocketAddress(interfaces.GetAddress(1), 9));
p2p.EnablePcapAll(“active-attack-simulation”);
Simulator::Run();
Simulator::Destroy();
return 0;
}
Using NS3 simulation tool, we developed essential execution steps for Active Attacks implementation and analysis, with the option to deepen its scope for further clarity if necessary.