Ns3 Projects for B.E/B.Tech M.E/M.Tech PhD Scholars.  Phone-Number:9790238391   E-mail: ns3simulation@gmail.com

How to Implement IoT Security in ns3

To implement the IoT security in ns3 has encompass to emulate the communication among the IoT gadgets and integrate the security mechanism to secure against the potential malevolent. This sample will demonstrate how to setup a simple IoT network in ns3 and execute the simple security measures like encryption, authentication, and intrusion detection.

Step-by-Step Implementation

Step 1: Set Up the ns3 Environment

Make sure ns3 is installed in the system.

Step 2: Define the Network Topology

Generate a network topology that contains nodes that denotes IoT devices, a gateway, and potentially an attacker.

#include “ns3/core-module.h”

#include “ns3/network-module.h”

#include “ns3/internet-module.h”

#include “ns3/point-to-point-module.h”

#include “ns3/applications-module.h”

#include “ns3/wifi-module.h”

using namespace ns3;

NS_LOG_COMPONENT_DEFINE (“IotSecurityExample”);

int main (int argc, char *argv[]) {

CommandLine cmd;

cmd.Parse (argc, argv);

// Create nodes

NodeContainer iotDevices;

iotDevices.Create (3); // IoT devices

NodeContainer gateway;

gateway.Create (1); // Gateway

NodeContainer attacker;

attacker.Create (1); // Attacker

// Configure Wi-Fi

YansWifiChannelHelper channel = YansWifiChannelHelper::Default ();

YansWifiPhyHelper phy = YansWifiPhyHelper::Default ();

phy.SetChannel (channel.Create ());

WifiHelper wifi;

wifi.SetRemoteStationManager (“ns3::AarfWifiManager”);

WifiMacHelper mac;

Ssid ssid = Ssid (“IoT-SSID”);

mac.SetType (“ns3::StaWifiMac”, “Ssid”, SsidValue (ssid), “ActiveProbing”, BooleanValue (false));

NetDeviceContainer iotDevicesDevices;

iotDevicesDevices = wifi.Install (phy, mac, iotDevices);

mac.SetType (“ns3::ApWifiMac”, “Ssid”, SsidValue (ssid));

NetDeviceContainer gatewayDevice;

gatewayDevice = wifi.Install (phy, mac, gateway);

// Install Internet stack

InternetStackHelper stack;

stack.Install (iotDevices);

stack.Install (gateway);

stack.Install (attacker);

// Assign IP addresses

Ipv4AddressHelper address;

address.SetBase (“10.1.1.0”, “255.255.255.0”);

Ipv4InterfaceContainer iotDevicesInterfaces = address.Assign (iotDevicesDevices);

Ipv4InterfaceContainer gatewayInterface = address.Assign (gatewayDevice);

// Create and configure applications…

Simulator::Run ();

Simulator::Destroy ();

return 0;

}

Step 3: Simulate IoT Device Communication

Generate applications to simulate communication between IoT devices and the gateway.

IoT Device Application:

class IotDeviceApplication : public Application {

public:

IotDeviceApplication () : m_socket (0) {}

virtual ~IotDeviceApplication () {}

protected:

virtual void StartApplication () {

m_socket = Socket::CreateSocket (GetNode (), UdpSocketFactory::GetTypeId ());

InetSocketAddress local = InetSocketAddress (Ipv4Address::GetAny (), 8080);

m_socket->Bind (local);

m_socket->SetRecvCallback (MakeCallback (&IotDeviceApplication::HandleRead, this));

Simulator::Schedule (Seconds (2.0), &IotDeviceApplication::SendData, this);

}

virtual void StopApplication () {

if (m_socket) {

m_socket->Close ();

m_socket = 0;

}

}

private:

void SendData () {

Ptr<Packet> packet = Create<Packet> ((uint8_t*)”sensor-data”, 11);

m_socket->SendTo (packet, 0, InetSocketAddress (Ipv4Address (“10.1.1.1”), 8080)); // Gateway address

Simulator::Schedule (Seconds (5.0), &IotDeviceApplication::SendData, this);

}

void HandleRead (Ptr<Socket> socket) {

Ptr<Packet> packet;

Address from;

while ((packet = socket->RecvFrom (from))) {

NS_LOG_INFO (“IoT Device received: ” << packet->GetSize ());

}

}

Ptr<Socket> m_socket;

};

Gateway Application:

class GatewayApplication : public Application {

public:

GatewayApplication () : m_socket (0) {}

virtual ~GatewayApplication () {}

protected:

virtual void StartApplication () {

m_socket = Socket::CreateSocket (GetNode (), UdpSocketFactory::GetTypeId ());

InetSocketAddress local = InetSocketAddress (Ipv4Address::GetAny (), 8080);

m_socket->Bind (local);

m_socket->SetRecvCallback (MakeCallback (&GatewayApplication::HandleRead, this));

}

virtual void StopApplication () {

if (m_socket) {

m_socket->Close ();

m_socket = 0;

}

}

private:

void HandleRead (Ptr<Socket> socket) {

Ptr<Packet> packet;

Address from;

while ((packet = socket->RecvFrom (from))) {

NS_LOG_INFO (“Gateway received: ” << packet->GetSize ());

}

}

Ptr<Socket> m_socket;

};

Step 4: Implement Security Mechanisms

Simulate security mechanisms like authentication, encryption, and intrusion detection.

Authentication:

class AuthApplication : public Application {

public:

AuthApplication () : m_socket (0) {}

virtual ~AuthApplication () {}

protected:

virtual void StartApplication () {

m_socket = Socket::CreateSocket (GetNode (), UdpSocketFactory::GetTypeId ());

InetSocketAddress local = InetSocketAddress (Ipv4Address::GetAny (), 7070);

m_socket->Bind (local);

m_socket->SetRecvCallback (MakeCallback (&AuthApplication::HandleRead, this));

}

virtual void StopApplication () {

if (m_socket) {

m_socket->Close ();

m_socket = 0;

}

}

private:

void HandleRead (Ptr<Socket> socket) {

Ptr<Packet> packet;

Address from;

while ((packet = socket->RecvFrom (from))) {

std::string data = std::string ((char*) packet->PeekData ());

if (Authenticate (data)) {

NS_LOG_INFO (“Authentication successful from ” << InetSocketAddress::ConvertFrom (from).GetIpv4 ());

ForwardPacket (packet);

} else {

NS_LOG_WARN (“Authentication failed from ” << InetSocketAddress::ConvertFrom (from).GetIpv4 ());

}

}

}

bool Authenticate (const std::string& data) {

// Simplified authentication logic

return data == “valid-credentials”;

}

void ForwardPacket (Ptr<Packet> packet) {

Ptr<Socket> socket = Socket::CreateSocket (GetNode (), UdpSocketFactory::GetTypeId ());

InetSocketAddress remote = InetSocketAddress (Ipv4Address (“10.1.1.1”), 8080); // Forward to gateway

socket->Connect (remote);

socket->Send (packet);

socket->Close ();

}

Ptr<Socket> m_socket;

};

Encryption:

class EncryptionApplication : public Application {

public:

EncryptionApplication () : m_socket (0) {}

virtual ~EncryptionApplication () {}

protected:

virtual void StartApplication () {

m_socket = Socket::CreateSocket (GetNode (), UdpSocketFactory::GetTypeId ());

InetSocketAddress local = InetSocketAddress (Ipv4Address::GetAny (), 6060);

m_socket->Bind (local);

m_socket->SetRecvCallback (MakeCallback (&EncryptionApplication::HandleRead, this));

}

virtual void StopApplication () {

if (m_socket) {

m_socket->Close ();

m_socket = 0;

}

}

private:

void HandleRead (Ptr<Socket> socket) {

Ptr<Packet> packet;

Address from;

while ((packet = socket->RecvFrom (from))) {

std::string data = std::string ((char*) packet->PeekData ());

std::string decryptedData = Decrypt (data);

NS_LOG_INFO (“Received encrypted data: ” << data << “, decrypted data: ” << decryptedData);

}

}

std::string Decrypt (const std::string& data) {

// Simplified decryption logic

return data; // Assume data is already decrypted for simplicity

}

Ptr<Socket> m_socket;

};

Intrusion Detection System (IDS):

class IDSApplication : public Application {

public:

IDSApplication () : m_socket (0) {}

virtual ~IDSApplication () {}

protected:

virtual void StartApplication () {

m_socket = Socket::CreateSocket (GetNode (), UdpSocketFactory::GetTypeId ());

InetSocketAddress local = InetSocketAddress (Ipv4Address::GetAny (), 5050);

m_socket->Bind (local);

m_socket->SetRecvCallback (MakeCallback (&IDSApplication::HandleRead, this));

}

virtual void StopApplication () {

if (m_socket) {

m_socket->Close ();

m_socket = 0;

}

}

private:

void HandleRead (Ptr<Socket> socket) {

Ptr<Packet> packet;

Address from;

while ((packet = socket->RecvFrom (from))) {

std::string data = std::string ((char*) packet->PeekData ());

if (DetectIntrusion (data)) {

NS_LOG_WARN (“Intrusion detected from ” << InetSocketAddress::ConvertFrom (from).GetIpv4 ());

} else {

NS_LOG_INFO (“Normal traffic from ” << InetSocketAddress::ConvertFrom (from).GetIpv4 ());

}

}

}

bool DetectIntrusion (const std::string& data) {

// Simplified intrusion detection logic

return data == “malicious-pattern”;

}

Ptr<Socket> m_socket;

};

Step 5: Deploy Applications

Instantiate and deploy the applications on the appropriate nodes in your network:

int main (int argc, char *argv[]) {

CommandLine cmd;

cmd.Parse (argc, argv);

// Create nodes

NodeContainer iotDevices;

iotDevices.Create (3); // IoT devices

NodeContainer gateway;

gateway.Create (1); // Gateway

NodeContainer attacker;

attacker.Create (1); // Attacker

// Configure Wi-Fi

YansWifiChannelHelper channel = YansWifiChannelHelper::Default ();

YansWifiPhyHelper phy = YansWifiPhyHelper::Default ();

phy.SetChannel (channel.Create ());

WifiHelper wifi;

wifi.SetRemoteStationManager (“ns3::AarfWifiManager”);

WifiMacHelper mac;

Ssid ssid = Ssid (“IoT-SSID”);

mac.SetType (“ns3::StaWifiMac”, “Ssid”, SsidValue (ssid), “ActiveProbing”, BooleanValue (false));

NetDeviceContainer iotDevicesDevices;

iotDevicesDevices = wifi.Install (phy, mac, iotDevices);

mac.SetType (“ns3::ApWifiMac”, “Ssid”, SsidValue (ssid));

NetDeviceContainer gatewayDevice;

gatewayDevice = wifi.Install (phy, mac, gateway);

// Install Internet stack

InternetStackHelper stack;

stack.Install (iotDevices);

stack.Install (gateway);

stack.Install (attacker);

// Assign IP addresses

Ipv4AddressHelper address;

address.SetBase (“10.1.1.0”, “255.255.255.0”);

Ipv4InterfaceContainer iotDevicesInterfaces = address.Assign (iotDevicesDevices);

Ipv4InterfaceContainer gatewayInterface = address.Assign (gatewayDevice);

// Create and configure the IoT Device application

Ptr<IotDeviceApplication> iotDeviceApp = CreateObject<IotDeviceApplication> ();

iotDevices.Get (0)->AddApplication (iotDeviceApp);

iotDeviceApp->SetStartTime (Seconds (1.0));

iotDeviceApp->SetStopTime (Seconds (20.0));

// Create and configure the Gateway application

Ptr<GatewayApplication> gatewayApp = CreateObject<GatewayApplication> ();

gateway.Get (0)->AddApplication (gatewayApp);

gatewayApp->SetStartTime (Seconds (1.0));

gatewayApp->SetStopTime (Seconds (20.0));

// Create and configure the Auth application

Ptr<AuthApplication> authApp = CreateObject<AuthApplication> ();

gateway.Get (0)->AddApplication (authApp);

authApp->SetStartTime (Seconds (1.0));

authApp->SetStopTime (Seconds (20.0));

// Create and configure the Encryption application

Ptr<EncryptionApplication> encryptionApp = CreateObject<EncryptionApplication> ();

gateway.Get (0)->AddApplication (encryptionApp);

encryptionApp->SetStartTime (Seconds (1.0));

encryptionApp->SetStopTime (Seconds (20.0));

// Create and configure the IDS application

Ptr<IDSApplication> idsApp = CreateObject<IDSApplication> ();

gateway.Get (0)->AddApplication (idsApp);

idsApp->SetStartTime (Seconds (1.0));

idsApp->SetStopTime (Seconds (20.0));

Simulator::Run ();

Simulator::Destroy ();

return 0;

}

Step 6: Simulate an Attack

To test the security mechanisms, simulate an attack from the attacker node:

class AttackerApplication : public Application {

public:

AttackerApplication () : m_socket (0) {}

virtual ~AttackerApplication () {}

protected:

virtual void StartApplication () {

m_socket = Socket::CreateSocket (GetNode (), UdpSocketFactory::GetTypeId ());

m_peer = InetSocketAddress (Ipv4Address (“10.1.1.2”), 8080); // Target IoT device node

m_socket->Connect (m_peer);

Simulator::Schedule (Seconds (3.0), &AttackerApplication::SendMaliciousPacket, this);

}

virtual void StopApplication () {

if (m_socket) {

m_socket->Close ();

m_socket = 0;

}

}

private:

void SendMaliciousPacket () {

std::string maliciousData = “malicious-pattern”; // Simplified malicious pattern

Ptr<Packet> packet = Create<Packet> ((uint8_t*)maliciousData.c_str (), maliciousData.size ());

m_socket->Send (packet);

}

Ptr<Socket> m_socket;

Address m_peer;

};

int main (int argc, char *argv[]) {

CommandLine cmd;

cmd.Parse (argc, argv);

// Create nodes

NodeContainer iotDevices;

iotDevices.Create (3); // IoT devices

NodeContainer gateway;

gateway.Create (1); // Gateway

NodeContainer attacker;

attacker.Create (1); // Attacker

// Configure Wi-Fi

YansWifiChannelHelper channel = YansWifiChannelHelper::Default ();

YansWifiPhyHelper phy = YansWifiPhyHelper::Default ();

phy.SetChannel (channel.Create ());

WifiHelper wifi;

wifi.SetRemoteStationManager (“ns3::AarfWifiManager”);

WifiMacHelper mac;

Ssid ssid = Ssid (“IoT-SSID”);

mac.SetType (“ns3::StaWifiMac”, “Ssid”, SsidValue (ssid), “ActiveProbing”, BooleanValue (false));

NetDeviceContainer iotDevicesDevices;

iotDevicesDevices = wifi.Install (phy, mac, iotDevices);

mac.SetType (“ns3::ApWifiMac”, “Ssid”, SsidValue (ssid));

NetDeviceContainer gatewayDevice;

gatewayDevice = wifi.Install (phy, mac, gateway);

// Install Internet stack

InternetStackHelper stack;

stack.Install (iotDevices);

stack.Install (gateway);

stack.Install (attacker);

// Assign IP addresses

Ipv4AddressHelper address;

address.SetBase (“10.1.1.0”, “255.255.255.0”);

Ipv4InterfaceContainer iotDevicesInterfaces = address.Assign (iotDevicesDevices);

Ipv4InterfaceContainer gatewayInterface = address.Assign (gatewayDevice);

// Create and configure the IoT Device application

Ptr<IotDeviceApplication> iotDeviceApp = CreateObject<IotDeviceApplication> ();

iotDevices.Get (0)->AddApplication (iotDeviceApp);

iotDeviceApp->SetStartTime (Seconds (1.0));

iotDeviceApp->SetStopTime (Seconds (20.0));

// Create and configure the Gateway application

Ptr<GatewayApplication> gatewayApp = CreateObject<GatewayApplication> ();

gateway.Get (0)->AddApplication (gatewayApp);

gatewayApp->SetStartTime (Seconds (1.0));

gatewayApp->SetStopTime (Seconds (20.0));

// Create and configure the Auth application

Ptr<AuthApplication> authApp = CreateObject<AuthApplication> ();

gateway.Get (0)->AddApplication (authApp);

authApp->SetStartTime (Seconds (1.0));

authApp->SetStopTime (Seconds (20.0));

// Create and configure the Encryption application

Ptr<EncryptionApplication> encryptionApp = CreateObject<EncryptionApplication> ();

gateway.Get (0)->AddApplication (encryptionApp);

encryptionApp->SetStartTime (Seconds (1.0));

encryptionApp->SetStopTime (Seconds (20.0));

// Create and configure the IDS application

Ptr<IDSApplication> idsApp = CreateObject<IDSApplication> ();

gateway.Get (0)->AddApplication (idsApp);

idsApp->SetStartTime (Seconds (1.0));

idsApp->SetStopTime (Seconds (20.0));

// Create and configure the Attacker application

Ptr<AttackerApplication> attackerApp = CreateObject<AttackerApplication> ();

attacker.Get (0)->AddApplication (attackerApp);

attackerApp->SetStartTime (Seconds (3.0));

attackerApp->SetStopTime (Seconds (4.0));

Simulator::Run ();

Simulator::Destroy ();

return 0;

}

Here, we clearly learned and understand how to secure the IoT device that were implemented in ns3 tool and that creates the topology then apply the security mechanism to protect the IoT devices. We also offer more data how it performs in other simulation tools. We’ve been helping researchers implement IoT Security in the ns3 program, and we’d love to share our comparison analysis with you. Just send us your details for extra support! We can show you how to set up a basic IoT network in ns3 and run through essential security measures like encryption, authentication, and intrusion detection for your projects. Reach out to us for more help!