To implement active attacks in ns3, we make scenarios where intruder nodes interrupt the interaction of appropriate nodes by inserting the malevolent packets inside the network.
Here we provide the sample of three types of attacks that is SYN Flood, ICMP Flood, and ARP Spoofing.
- SYN Flood Attack
By transferring the enormous amount of TCP SYN packets, A SYN Flood attack devastates a target server that shattering the resources. Here we provide the example to implement the SYN Flood Attack in ns3
Example:
#include “ns3/core-module.h”
#include “ns3/network-module.h”
#include “ns3/internet-module.h”
#include “ns3/point-to-point-module.h”
#include “ns3/applications-module.h”
#include “ns3/tcp-header.h”
using namespace ns3;
NS_LOG_COMPONENT_DEFINE (“SynFloodAttack”);
void SendSynFlood (Ptr<Node> attackerNode, Ipv4Address victimAddress, uint16_t port, uint32_t packetSize, uint32_t numPackets, Time interval)
{
Ptr<Socket> socket = Socket::CreateSocket (attackerNode, TypeId::LookupByName (“ns3::Ipv4RawSocketFactory”));
socket->SetAttribute (“Protocol”, UintegerValue (6)); // TCP protocol number
Ipv4Header ipv4Header;
ipv4Header.SetDestination (victimAddress);
ipv4Header.SetSource (attackerNode->GetObject<Ipv4> ()->GetAddress (1, 0).GetLocal ());
ipv4Header.SetProtocol (6); // TCP protocol number
TcpHeader tcpHeader;
tcpHeader.SetFlags (TcpHeader::SYN);
tcpHeader.SetSourcePort (port);
tcpHeader.SetDestinationPort (port);
tcpHeader.SetSequenceNumber (SequenceNumber32 (0));
for (uint32_t i = 0; i < numPackets; ++i)
{
Ptr<Packet> packet = Create<Packet> (packetSize);
packet->AddHeader (tcpHeader);
packet->AddHeader (ipv4Header);
socket->Send (packet);
Simulator::Schedule (interval, &SendSynFlood, attackerNode, victimAddress, port, packetSize, numPackets, interval);
}
}
int main (int argc, char *argv[])
{
uint32_t nAttackers = 3;
uint16_t port = 8080;
uint32_t packetSize = 100;
uint32_t numPackets = 1000;
Time interval = Seconds (0.01);
CommandLine cmd;
cmd.AddValue (“nAttackers”, “Number of attacker nodes”, nAttackers);
cmd.AddValue (“port”, “Target port for the attack”, port);
cmd.AddValue (“packetSize”, “Size of SYN packets”, packetSize);
cmd.AddValue (“numPackets”, “Number of SYN packets”, numPackets);
cmd.AddValue (“interval”, “Interval between SYN packets”, interval);
cmd.Parse (argc, argv);
NodeContainer nodes;
nodes.Create (nAttackers + 1);
NodeContainer attackers;
for (uint32_t i = 0; i < nAttackers; ++i)
{
attackers.Add (nodes.Get (i));
}
Ptr<Node> victim = nodes.Get (nAttackers);
PointToPointHelper pointToPoint;
pointToPoint.SetDeviceAttribute (“DataRate”, StringValue (“5Mbps”));
pointToPoint.SetChannelAttribute (“Delay”, StringValue (“2ms”));
NetDeviceContainer devices;
for (uint32_t i = 0; i < nodes.GetN () – 1; ++i)
{
devices.Add (pointToPoint.Install (nodes.Get (i), nodes.Get (i + 1)));
}
InternetStackHelper stack;
stack.Install (nodes);
Ipv4AddressHelper address;
address.SetBase (“10.1.1.0”, “255.255.255.0”);
Ipv4InterfaceContainer interfaces = address.Assign (devices);
// Install applications on victim node
UdpEchoServerHelper echoServer (port);
ApplicationContainer serverApps = echoServer.Install (victim);
serverApps.Start (Seconds (1.0));
serverApps.Stop (Seconds (10.0));
// Schedule SYN flood attack from each attacker node
for (uint32_t i = 0; i < attackers.GetN (); ++i)
{
Simulator::Schedule (Seconds (2.0), &SendSynFlood, attackers.Get (i), interfaces.GetAddress (nodes.GetN () – 1), port, packetSize, numPackets, interval);
}
// Enable packet capture
pointToPoint.EnablePcapAll (“syn_flood_attack”);
Simulator::Run ();
Simulator::Destroy ();
return 0;
}
2. ICMP Flood Attack
To overpowering the target by transferring the enormous amount of ICMP Echo Request packets (pings) in an ICMP Flood attack. Below we provide the sample to simulate the ICMP Flood Attack in ns3.
Example:
#include “ns3/core-module.h”
#include “ns3/network-module.h”
#include “ns3/internet-module.h”
#include “ns3/point-to-point-module.h”
#include “ns3/applications-module.h”
#include “ns3/icmpv4-header.h”
using namespace ns3;
NS_LOG_COMPONENT_DEFINE (“IcmpFloodAttack”);
void SendIcmpFlood (Ptr<Node> attackerNode, Ipv4Address victimAddress, uint32_t packetSize, uint32_t numPackets, Time interval)
{
Ptr<Socket> socket = Socket::CreateSocket (attackerNode, TypeId::LookupByName (“ns3::Ipv4RawSocketFactory”));
socket->SetAttribute (“Protocol”, UintegerValue (1)); // ICMP protocol number
Ipv4Header ipv4Header;
ipv4Header.SetDestination (victimAddress);
ipv4Header.SetSource (attackerNode->GetObject<Ipv4> ()->GetAddress (1, 0).GetLocal ());
ipv4Header.SetProtocol (1); // ICMP protocol number
Icmpv4Echo echo;
echo.SetSequenceNumber (1);
echo.SetIdentifier (1);
for (uint32_t i = 0; i < numPackets; ++i)
{
Ptr<Packet> packet = Create<Packet> (packetSize);
packet->AddHeader (echo);
packet->AddHeader (ipv4Header);
socket->Send (packet);
Simulator::Schedule (interval, &SendIcmpFlood, attackerNode, victimAddress, packetSize, numPackets, interval);
}
}
int main (int argc, char *argv[])
{
uint32_t nAttackers = 3;
uint32_t packetSize = 100;
uint32_t numPackets = 1000;
Time interval = Seconds (0.01);
CommandLine cmd;
cmd.AddValue (“nAttackers”, “Number of attacker nodes”, nAttackers);
cmd.AddValue (“packetSize”, “Size of ICMP packets”, packetSize);
cmd.AddValue (“numPackets”, “Number of ICMP packets”, numPackets);
cmd.AddValue (“interval”, “Interval between ICMP packets”, interval);
cmd.Parse (argc, argv);
NodeContainer nodes;
nodes.Create (nAttackers + 1);
NodeContainer attackers;
for (uint32_t i = 0; i < nAttackers; ++i)
{
attackers.Add (nodes.Get (i));
}
Ptr<Node> victim = nodes.Get (nAttackers);
PointToPointHelper pointToPoint;
pointToPoint.SetDeviceAttribute (“DataRate”, StringValue (“5Mbps”));
pointToPoint.SetChannelAttribute (“Delay”, StringValue (“2ms”));
NetDeviceContainer devices;
for (uint32_t i = 0; i < nodes.GetN () – 1; ++i)
{
devices.Add (pointToPoint.Install (nodes.Get (i), nodes.Get (i + 1)));
}
InternetStackHelper stack;
stack.Install (nodes);
Ipv4AddressHelper address;
address.SetBase (“10.1.1.0”, “255.255.255.0”);
Ipv4InterfaceContainer interfaces = address.Assign (devices);
// Schedule ICMP flood attack from each attacker node
for (uint32_t i = 0; i < attackers.GetN (); ++i)
{
Simulator::Schedule (Seconds (2.0), &SendIcmpFlood, attackers.Get (i), interfaces.GetAddress (nodes.GetN () – 1), packetSize, numPackets, interval);
}
// Enable packet capture
pointToPoint.EnablePcapAll (“icmp_flood_attack”);
Simulator::Run ();
Simulator::Destroy ();
return 0;
}
3. ARP Spoofing Attack
To acquaintance the malevolent MAC address with the IP address of another host sends the counterfeit ARP message by An ARP Spoofing attack. Below is the sample to implement the ARP spoofing attack in ns3 tool.
Example:
#include “ns3/core-module.h”
#include “ns3/network-module.h”
#include “ns3/internet-module.h”
#include “ns3/point-to-point-module.h”
#include “ns3/applications-module.h”
#include “ns3/arp-cache.h”
#include “ns3/arp-header.h”
#include “ns3/ethernet-header.h”
#include “ns3/ipv4-address.h”
using namespace ns3;
NS_LOG_COMPONENT_DEFINE (“ArpSpoofingAttack”);
void SendArpSpoof (Ptr<Node> attackerNode, Mac48Address targetMac, Ipv4Address targetIp, Ipv4Address spoofedIp)
{
Ptr<Socket> socket = Socket::CreateSocket (attackerNode, TypeId::LookupByName (“ns3::ArpL3Protocol”));
socket->Bind ();
ArpHeader arpHeader;
arpHeader.SetOpcode (ArpHeader::ARP_REPLY);
arpHeader.SetSenderMacAddress (Mac48Address::ConvertFrom (attackerNode->GetDevice (0)->GetAddress ()));
arpHeader.SetSenderIpAddress (spoofedIp);
arpHeader.SetTargetMacAddress (targetMac);
arpHeader.SetTargetIpAddress (targetIp);
EthernetHeader ethernetHeader;
ethernetHeader.SetSource (Mac48Address::ConvertFrom (attackerNode->GetDevice (0)->GetAddress ()));
ethernetHeader.SetDestination (targetMac);
ethernetHeader.SetType (EthernetHeader::ARP);
Ptr<Packet> packet = Create<Packet> ();
packet->AddHeader (arpHeader);
packet->AddHeader (ethernetHeader);
socket->SendTo (packet, 0, InetSocketAddress (targetIp));
}
int main (int argc, char *argv[])
{
uint32_t nAttackers = 1;
uint32_t nVictims = 2;
CommandLine cmd;
cmd.AddValue (“nAttackers”, “Number of attacker nodes”, nAttackers);
cmd.AddValue (“nVictims”, “Number of victim nodes”, nVictims);
cmd.Parse (argc, argv);
NodeContainer nodes;
nodes.Create (nAttackers + nVictims);
NodeContainer attackers;
for (uint32_t i = 0; i < nAttackers; ++i)
{
attackers.Add (nodes.Get (i));
}
NodeContainer victims;
for (uint32_t i = nAttackers; i < nAttackers + nVictims; ++i)
{
victims.Add (nodes.Get (i));
}
PointToPointHelper pointToPoint;
pointToPoint.SetDeviceAttribute (“DataRate”, StringValue (“5Mbps”));
pointToPoint.SetChannelAttribute (“Delay”, StringValue (“2ms”));
NetDeviceContainer devices;
for (uint32_t i = 0; i < nodes.GetN () – 1; ++i)
{
devices.Add (pointToPoint.Install (nodes.Get (i), nodes.Get (i + 1)));
}
InternetStackHelper stack;
stack.Install (nodes);
Ipv4AddressHelper address;
address.SetBase (“10.1.1.0”, “255.255.255.0”);
Ipv4InterfaceContainer interfaces = address.Assign (devices);
// Schedule ARP spoofing attack from attacker node
Simulator::Schedule (Seconds (2.0), &SendArpSpoof, attackers.Get (0),
Mac48Address::ConvertFrom (victims.Get (0)->GetDevice (0)->GetAddress ()),
interfaces.GetAddress (nAttackers),
interfaces.GetAddress (nAttackers + 1));
// Enable packet capture
pointToPoint.EnablePcapAll (“arp_spoofing_attack”);
Simulator::Run ();
Simulator::Destroy ();
return 0;
}
Explanation:
Here we provide the detailed description for the process of all types of attacks that is SYN, ICMP and ARP.
- Nodes and Links:
-
- Created nodes for attackers and victims.
- Configured point-to-point links between the nodes.
- Applications:
-
- Installed applications on victim nodes to simulate normal network activity.
- Attack Logic:
-
- Implemented functions to create and send attack packets (SYN, ICMP, ARP) from the attacker nodes to the victim nodes.
- Scheduled the attacks to start at a specific time in the simulation.
- Packet Capture:
-
- Enabled pcap tracing on all nodes to capture the traffic for analysis with Wireshark.
- Running the Simulation:
-
- The simulation runs with attacker nodes sending attack packets to the victim nodes, and the traffic is captured in pcap files.
Finally, we had learned about the types of attacks and their functionalities how it inserts the attacks in the network and also we see how it integrates with ns3 in snippet format. We also support and provide further project information related to SYN, ICMP and ARP attacks.
For any types of implementation support on active attacks in ns3 approach ns3simulation.com.