Implementing intrusion attacks in ns3, involves simulating scenarios where an attacker tries to penetrate or disrupt the network by sending malicious packets or exploiting vulnerabilities. Below is the example of simulating a simple intrusion attack where an attacker tries to overwhelm a target node with excessive traffic, that can be considered a type of Denial of Service (DoS) attack.
Steps for implementation
- Set up your ns3 :
- Make sure that ns3 is installed in the computer. If not, install it.
- Create a new ns3 script :
- In the scratch directory of ns3, create a new script.
- Include necessary libraries :
- In your script, include the necessary libraries.
- Define network topology :
- For your network topology, create legitimate nodes and one attacker node.
- Implement the Intrusion attack logic :
- To the victim node, send excessive packets by using attacker node.
- Enable packet capturing :
- Enable pcap tracing to capture packets for analysis with Wireshark.
- Run the Simulation :
- Define the simulation parameters and run it.
Example for implementing Intrusion attack
Here is the example for the implementation of Intrusion :
#include “ns3/core-module.h”
#include “ns3/network-module.h”
#include “ns3/internet-module.h”
#include “ns3/point-to-point-module.h”
#include “ns3/applications-module.h”
using namespace ns3;
NS_LOG_COMPONENT_DEFINE (“IntrusionAttack”);
void SendMaliciousTraffic (Ptr<Node> attackerNode, Ipv4Address victimAddress, uint16_t port, uint32_t packetSize, uint32_t numPackets, Time interval)
{
Ptr<Socket> socket = Socket::CreateSocket (attackerNode, TypeId::LookupByName (“ns3::UdpSocketFactory”));
InetSocketAddress remote = InetSocketAddress (victimAddress, port);
socket->Connect (remote);
for (uint32_t i = 0; i < numPackets; ++i)
{
Ptr<Packet> packet = Create<Packet> (packetSize);
socket->Send (packet);
Simulator::Schedule (interval, &SendMaliciousTraffic, attackerNode, victimAddress, port, packetSize, numPackets, interval);
}
}
int main (int argc, char *argv[])
{
bool verbose = true;
uint32_t nNodes = 2; // Number of legitimate nodes
uint16_t port = 8080; // Target port for the attack
uint32_t packetSize = 1024; // Size of the packet
uint32_t numPackets = 10; // Number of packets to send
Time interval = Seconds (0.1); // Interval between packets
CommandLine cmd;
cmd.AddValue (“nNodes”, “Number of legitimate nodes”, nNodes);
cmd.AddValue (“port”, “Target port for the attack”, port);
cmd.AddValue (“packetSize”, “Size of the packets”, packetSize);
cmd.AddValue (“numPackets”, “Number of packets”, numPackets);
cmd.AddValue (“interval”, “Interval between packets”, interval);
cmd.Parse (argc, argv);
if (verbose)
{
LogComponentEnable (“IntrusionAttack”, LOG_LEVEL_INFO);
}
NodeContainer nodes;
nodes.Create (nNodes + 1); // +1 for the attacker node
Ptr<Node> attacker = nodes.Get (nNodes);
PointToPointHelper pointToPoint;
pointToPoint.SetDeviceAttribute (“DataRate”, StringValue (“5Mbps”));
pointToPoint.SetChannelAttribute (“Delay”, StringValue (“2ms”));
NetDeviceContainer devices;
for (uint32_t i = 0; i < nodes.GetN () – 1; ++i)
{
devices.Add (pointToPoint.Install (nodes.Get (i), nodes.Get (i + 1)));
}
InternetStackHelper stack;
stack.Install (nodes);
Ipv4AddressHelper address;
address.SetBase (“10.1.1.0”, “255.255.255.0”);
Ipv4InterfaceContainer interfaces = address.Assign (devices);
// Install applications on legitimate nodes
UdpEchoServerHelper echoServer (port);
ApplicationContainer serverApps = echoServer.Install (nodes.Get (nNodes – 1));
serverApps.Start (Seconds (1.0));
serverApps.Stop (Seconds (10.0));
UdpEchoClientHelper echoClient (interfaces.GetAddress (nNodes – 1), port);
echoClient.SetAttribute (“MaxPackets”, UintegerValue (100));
echoClient.SetAttribute (“Interval”, TimeValue (Seconds (0.1)));
echoClient.SetAttribute (“PacketSize”, UintegerValue (packetSize));
ApplicationContainer clientApps = echoClient.Install (nodes.Get (0));
clientApps.Start (Seconds (2.0));
clientApps.Stop (Seconds (10.0));
// Schedule intrusion attack
Simulator::Schedule (Seconds (3.0), &SendMaliciousTraffic, attacker,
interfaces.GetAddress (nNodes – 1), port, packetSize, numPackets, interval);
// Enable packet capture
pointToPoint.EnablePcapAll (“intrusion_attack”);
Simulator::Run ();
Simulator::Destroy ();
return 0;
}
Explanation
- Nodes and links :
Nodes are created for legitimate communication and for one attacker.
- Applications :
On one of the legitimate node, a UDP echo server is installed. and On another legitimate node, a UDP echo server is installed to generate traffic.
- Intrusion attack logic :
To create and send excessive UDP packets from the attacker node to the victim node, SendMaliciousTraffic is implemented. To start at a specific time in the simulation, we scheduled the intrusion attack.
- Packet Capture :
To capture the traffic for analysis with Wireshark, pcap tracing on all nodes is enabled.
- Running the Simulation :
The simulation runs with attacker node sending excessive packets to the victim node, and the traffic is captured in pcap files.
Overall, we had successfully implemented intrusion attack in ns3 by simulating a network where an attacker attempts to penetrate or disrupt the network by sending malicious packets. Get complete assistance on intrusion attack for your projects from ns3simulation.com.