To implement masquerade attack using NS3 which requires replicating a malicious node to imitate another identity of node like spoofing an IP or MAC address to acquire unauthorized access or interrupt the network. We will need to design it by transmitting the packets including a forged source address or changing existing traffic in NS3.
Below is a stepwise procedure to get started with implementing a masquerade attack in NS3:
Steps to Begin Implement Masquerade Attack in NS3
- Understand the Masquerade Attack
A masquerade attack normally contains:
- IP Address Spoofing: To transmit the packets including a forged source IP address for imitating another device.
- MAC Address Spoofing: Avoid access control or redirect traffic with the support of a counterfeit MAC address.
- Hijacking Sessions: It supports interrupting or inserting the packets into an ongoing session.
- Set Up NS3
- Install NS3:
- We should install and download NS3 on the system.
- Confirm the installation:
./waf –run hello-simulator
- Install Wireshark:
- Examine .pcap files which are created by NS3 using Wireshark.
- Design Network Topology
Make a network topology including:
- Legitimate nodes: Sender and receiver nodes to typically interact.
- Attacker node: To replicate the masquerade attack.
Example:
NodeContainer nodes;
nodes.Create(3); // Sender, Receiver, Attacker
PointToPointHelper p2p;
p2p.SetDeviceAttribute(“DataRate”, StringValue(“10Mbps”));
p2p.SetChannelAttribute(“Delay”, StringValue(“2ms”));
NetDeviceContainer devices = p2p.Install(nodes.Get(0), nodes.Get(1)); // Sender to Receiver
devices.Add(p2p.Install(nodes.Get(2), nodes.Get(1))); // Attacker to Receiver
- Simulate Legitimate Traffic
Replicate typical legitimate traffic among the sender and receiver:
UdpEchoServerHelper echoServer(9);
ApplicationContainer serverApps = echoServer.Install(nodes.Get(1)); // Receiver
serverApps.Start(Seconds(1.0));
serverApps.Stop(Seconds(10.0));
UdpEchoClientHelper echoClient(Ipv4Address(“10.1.1.2”), 9); // Receiver’s IP
echoClient.SetAttribute(“MaxPackets”, UintegerValue(5));
echoClient.SetAttribute(“Interval”, TimeValue(Seconds(1.0)));
echoClient.SetAttribute(“PacketSize”, UintegerValue(1024));
ApplicationContainer clientApps = echoClient.Install(nodes.Get(0)); // Sender
clientApps.Start(Seconds(2.0));
clientApps.Stop(Seconds(10.0));
- Implement the Masquerade Attack
- IP Spoofing
Transmit the packets including a forged source IP address for mimicking the sender.
class MasqueradeAttack : public Application {
public:
void Setup(Ptr<Socket> socket, Address targetAddr, Ipv4Address spoofedAddr) {
m_socket = socket;
m_targetAddr = targetAddr;
m_spoofedAddr = spoofedAddr;
}
void StartApplication() override {
Simulator::Schedule(Seconds(3.0), &MasqueradeAttack::SendSpoofedPacket, this);
}
void SendSpoofedPacket() {
Ptr<Packet> packet = Create<Packet>((uint8_t*)”SpoofedPacket”, 12); // Payload
Ipv4Header spoofedHeader;
spoofedHeader.SetSource(m_spoofedAddr); // Set spoofed source IP
spoofedHeader.SetDestination(Ipv4Address(“10.1.1.2”)); // Target’s IP
packet->AddHeader(spoofedHeader);
m_socket->SendTo(packet, 0, m_targetAddr);
Simulator::Schedule(Seconds(1.0), &MasqueradeAttack::SendSpoofedPacket, this); // Repeat attack
}
private:
Ptr<Socket> m_socket;
Address m_targetAddr;
Ipv4Address m_spoofedAddr;
};
Connect the application into the attacker node:
Ptr<Socket> attackerSocket = Socket::CreateSocket(nodes.Get(2), Ipv4RawSocketFactory::GetTypeId());
Ptr<MasqueradeAttack> attackApp = CreateObject<MasqueradeAttack>();
attackApp->Setup(attackerSocket, InetSocketAddress(Ipv4Address(“10.1.1.2”), 9), Ipv4Address(“10.1.1.1”)); // Impersonate sender
nodes.Get(2)->AddApplication(attackApp);
attackApp->SetStartTime(Seconds(3.0));
attackApp->SetStopTime(Seconds(10.0));
- MAC Spoofing
Fine-tune the MAC address of attacker to mimic alternative device.
Ptr<NetDevice> attackerDevice = devices.Get(2); // Attacker’s NetDevice
Ptr<Mac48Address> spoofedMac = Mac48Address::Allocate();
attackerDevice->SetAddress(spoofedMac); // Set spoofed MAC address
It can be integrated with packet injection for accomplishing the masquerade attack.
- Enable Packet Capture
We need to seize the packets for detailed analysis:
p2p.EnablePcapAll(“masquerade-attack”);
- Run the Simulation
- Construct the script and run the simulation:
./waf –run masquerade-attack
- Examine .pcap files using Wireshark:
- Analyze packets for spoofed source addresses:
ip.src == 10.1.1.1 && ip.dst == 10.1.1.2
-
- For MAC spoofing:
eth.src == <spoofed_mac>
- Example Code Skeleton
Below is a sample NS3 script for a masquerade attack in IP spoofing:
#include “ns3/core-module.h”
#include “ns3/network-module.h”
#include “ns3/internet-module.h”
#include “ns3/point-to-point-module.h”
#include “ns3/applications-module.h”
using namespace ns3;
class MasqueradeAttack : public Application {
public:
void Setup(Ptr<Socket> socket, Address targetAddr, Ipv4Address spoofedAddr) {
m_socket = socket;
m_targetAddr = targetAddr;
m_spoofedAddr = spoofedAddr;
}
void StartApplication() override {
Simulator::Schedule(Seconds(3.0), &MasqueradeAttack::SendSpoofedPacket, this);
}
void SendSpoofedPacket() {
Ptr<Packet> packet = Create<Packet>((uint8_t*)”SpoofedPacket”, 12);
Ipv4Header spoofedHeader;
spoofedHeader.SetSource(m_spoofedAddr);
spoofedHeader.SetDestination(Ipv4Address(“10.1.1.2”));
packet->AddHeader(spoofedHeader);
m_socket->SendTo(packet, 0, m_targetAddr);
Simulator::Schedule(Seconds(1.0), &MasqueradeAttack::SendSpoofedPacket, this);
}
private:
Ptr<Socket> m_socket;
Address m_targetAddr;
Ipv4Address m_spoofedAddr;
};
int main(int argc, char *argv[]) {
NodeContainer nodes;
nodes.Create(3); // Sender, Receiver, Attacker
PointToPointHelper p2p;
p2p.SetDeviceAttribute(“DataRate”, StringValue(“10Mbps”));
p2p.SetChannelAttribute(“Delay”, StringValue(“2ms”));
NetDeviceContainer devices = p2p.Install(nodes.Get(0), nodes.Get(1)); // Sender to Receiver
devices.Add(p2p.Install(nodes.Get(2), nodes.Get(1))); // Attacker to Receiver
InternetStackHelper stack;
stack.Install(nodes);
Ipv4AddressHelper address;
address.SetBase(“10.1.1.0”, “255.255.255.0”);
Ipv4InterfaceContainer interfaces = address.Assign(devices);
// Legitimate traffic
UdpEchoServerHelper echoServer(9);
ApplicationContainer serverApps = echoServer.Install(nodes.Get(1));
serverApps.Start(Seconds(1.0));
serverApps.Stop(Seconds(10.0));
UdpEchoClientHelper echoClient(interfaces.GetAddress(1), 9);
echoClient.SetAttribute(“MaxPackets”, UintegerValue(5));
echoClient.SetAttribute(“Interval”, TimeValue(Seconds(1.0)));
echoClient.SetAttribute(“PacketSize”, UintegerValue(1024));
ApplicationContainer clientApps = echoClient.Install(nodes.Get(0));
clientApps.Start(Seconds(2.0));
clientApps.Stop(Seconds(10.0));
// Masquerade attack
Ptr<Socket> attackerSocket = Socket::CreateSocket(nodes.Get(2), Ipv4RawSocketFactory::GetTypeId());
Ptr<MasqueradeAttack> attackApp = CreateObject<MasqueradeAttack>();
attackApp->Setup(attackerSocket, InetSocketAddress(interfaces.GetAddress(1), 9), interfaces.GetAddress(0));
nodes.Get(2)->AddApplication(attackApp);
attackApp->SetStartTime(Seconds(3.0));
attackApp->SetStopTime(Seconds(10.0));
p2p.EnablePcapAll(“masquerade-attack”);
Simulator::Run();
Simulator::Destroy();
return 0;
}
- Next Steps
- Extend the Attack:
- Connect an IP address and MAC spoofing.
- Replicate the session hijacking including detailed packet analysis and manipulation.
- Analyze Impact:
- Estimate the influence over legitimate traffic.
- Implement Countermeasures:
- Launch firewalls or Intrusion Detection Systems (IDS) for identifying and obstructing the masquerade attacks.
This clarification covers the sequential mechanism with complete sample snippets to implement the Masquerade Attack and execute the simulation, and we are furnished to offer more specifies upon request.