Ns3 Projects for B.E/B.Tech M.E/M.Tech PhD Scholars.  Phone-Number:9790238391   E-mail: ns3simulation@gmail.com

How To Implement Network Security in NS3

To implement network security projects in ns-3, we have to simulate security protocols, attacks, and defences within a network scenario. Here’s a quick and depth guide on setting up a basic network security project in ns-3. Also, this project incorporates the implementation of a security protocol (e.g., encryption) and a simulation of an attack (e.g., a Denial of Service (DoS) attack). We follow all protocols and provide novel simulation for your work.

Step-by-Step Implementation

  1. Install ns-3

Make sure that ns-3 is installed in the computer. If not, install it from the official ns-3 website.

  1. Define the Network Topology

Define the network topology that contains:

  • Normal nodes (legitimate users)
  • Attacker nodes
  • Server nodes
  • Forensics nodes (nodes used to capture and analyze traffic)
  1. Create Network Nodes

Using NodeContainer, create network nodes.

NodeContainer normalNodes, attackerNodes, serverNodes, forensicNodes;

normalNodes.Create(3);

attackerNodes.Create(1);

serverNodes.Create(1);

forensicNodes.Create(1);

  1. Set Up Network Devices

Use the appropriate network interfaces to install network devices like Wi-Fi for wireless communication.

WifiHelper wifi;

wifi.SetStandard(WIFI_PHY_STANDARD_80211n_5GHZ);

WifiMacHelper mac;

mac.SetType(“ns3::AdhocWifiMac”);

YansWifiPhyHelper phy = YansWifiPhyHelper::Default();

YansWifiChannelHelper channel = YansWifiChannelHelper::Default();

phy.SetChannel(channel.Create());

NetDeviceContainer normalDevices = wifi.Install(phy, mac, normalNodes);

NetDeviceContainer attackerDevices = wifi.Install(phy, mac, attackerNodes);

NetDeviceContainer serverDevices = wifi.Install(phy, mac, serverNodes);

NetDeviceContainer forensicDevices = wifi.Install(phy, mac, forensicNodes);

  1. Configure Mobility Model

Set up the mobility model for the nodes using using MobilityHelper.

MobilityHelper mobility;

mobility.SetMobilityModel(“ns3::ConstantPositionMobilityModel”);

mobility.Install(normalNodes);

mobility.Install(attackerNodes);

mobility.Install(serverNodes);

  1. Implement Security Protocols

To secure communication, implement a simple encryption application.

class EncryptionApplication : public Application {

public:

    void StartApplication() override {

        sendSocket = Socket::CreateSocket(GetNode(), UdpSocketFactory::GetTypeId());

        sendSocket->Connect(InetSocketAddress(destAddress, destPort));

        recvSocket = Socket::CreateSocket(GetNode(), UdpSocketFactory::GetTypeId());

        recvSocket->Bind(InetSocketAddress(Ipv4Address::GetAny(), localPort));

        recvSocket->SetRecvCallback(MakeCallback(&EncryptionApplication::ReceivePacket, this));

        // Schedule the first packet send

        SendPacket();

    }

    void SetRemote(Address address, uint16_t port) {

        destAddress = address;

        destPort = port;

    }

    void SetLocalPort(uint16_t port) {

        localPort = port;

    }

    void SendPacket() {

        std::string message = “Hello, this is an encrypted message”;

        std::string encryptedMessage = EncryptMessage(message);

        Ptr<Packet> packet = Create<Packet>((uint8_t*) encryptedMessage.c_str(), encryptedMessage.size());

        sendSocket->Send(packet);

        // Schedule the next packet send

        Simulator::Schedule(Seconds(1.0), &EncryptionApplication::SendPacket, this);

    }

    void ReceivePacket(Ptr<Socket> socket) {

        Ptr<Packet> packet;

        while ((packet = socket->Recv())) {

            std::string encryptedMessage = std::string((char*) packet->PeekData(), packet->GetSize());

            std::string message = DecryptMessage(encryptedMessage);

            std::cout << “Received message: ” << message << std::endl;

        }

    }

    std::string EncryptMessage(const std::string& message) {

        // Placeholder encryption logic

        return message;

    }

    std::string DecryptMessage(const std::string& encryptedMessage) {

        // Placeholder decryption logic

        return encryptedMessage;

    }

private:

    Ptr<Socket> sendSocket;

    Ptr<Socket> recvSocket;

    Address destAddress;

    uint16_t destPort;

    uint16_t localPort;

};

  1. Implement Attack Models

Simulate different types of attacks. Such as, a Denial of Service (DoS) attack.

class DoSAttackApplication : public Application {

public:

    void StartApplication() override {

        sendSocket = Socket::CreateSocket(GetNode(), UdpSocketFactory::GetTypeId());

        sendSocket->Connect(InetSocketAddress(destAddress, destPort));

        // Schedule the first packet send

        SendPacket();

    }

    void SetRemote(Address address, uint16_t port) {

        destAddress = address;

        destPort = port;

    }

    void SendPacket() {

        std::string message = “This is a DoS attack packet”;

        Ptr<Packet> packet = Create<Packet>((uint8_t*) message.c_str(), message.size());

        sendSocket->Send(packet);

        // Schedule the next packet send

        Simulator::Schedule(MilliSeconds(10), &DoSAttackApplication::SendPacket, this);

    }

private:

    Ptr<Socket> sendSocket;

    Address destAddress;

    uint16_t destPort;

};

  1. Set Up Applications

Install the applications on the nodes.

ApplicationContainer normalApps, attackerApps, serverApps;

for (uint32_t i = 0; i < normalNodes.GetN(); ++i) {

    Ptr<EncryptionApplication> app = CreateObject<EncryptionApplication>();

    app->SetRemote(serverNodes.Get(0)->GetObject<Ipv4>()->GetAddress(1, 0).GetLocal(), 9);

    app->SetLocalPort(10);

    normalNodes.Get(i)->AddApplication(app);

    app->SetStartTime(Seconds(1.0));

    app->SetStopTime(Seconds(20.0));

    normalApps.Add(app);

}

for (uint32_t i = 0; i < attackerNodes.GetN(); ++i) {

    Ptr<DoSAttackApplication> app = CreateObject<DoSAttackApplication>();

    app->SetRemote(serverNodes.Get(0)->GetObject<Ipv4>()->GetAddress(1, 0).GetLocal(), 9);

    attackerNodes.Get(i)->AddApplication(app);

    app->SetStartTime(Seconds(5.0));

    app->SetStopTime(Seconds(20.0));

    attackerApps.Add(app);

}

PacketSinkHelper sink(“ns3::UdpSocketFactory”, InetSocketAddress(Ipv4Address::GetAny(), 9));

serverApps.Add(sink.Install(serverNodes));

serverApps.Start(Seconds(1.0));

serverApps.Stop(Seconds(20.0));

  1. Set Up Routing Protocols

Configure routing protocols for the network.

AodvHelper aodv;

InternetStackHelper internet;

internet.SetRoutingHelper(aodv);

internet.Install(normalNodes);

internet.Install(attackerNodes);

internet.Install(serverNodes);

  1. Assign IP Addresses

Using Ipv4AddressHelper address, assign IP addresses to the network devices.

Ipv4AddressHelper address;

address.SetBase(“10.1.1.0”, “255.255.255.0”);

Ipv4InterfaceContainer normalInterfaces = address.Assign(normalDevices);

Ipv4InterfaceContainer attackerInterfaces = address.Assign(attackerDevices);

Ipv4InterfaceContainer serverInterfaces = address.Assign(serverDevices);

11.   Run the Simulation

Define the simulation run time and execute it.

Simulator::Stop(Seconds(20.0));

Simulator::Run();

Simulator::Destroy();

Example of a Simple Network Security Script

#include “ns3/core-module.h”

#include “ns3/network-module.h”

#include “ns3/internet-module.h”

#include “ns3/wifi-module.h”

#include “ns3/mobility-module.h”

#include “ns3/applications-module.h”

#include “ns3/aodv-module.h”

using namespace ns3;

class EncryptionApplication : public Application {

public:

    void StartApplication() override {

        sendSocket = Socket::CreateSocket(GetNode(), UdpSocketFactory::GetTypeId());

        sendSocket->Connect(InetSocketAddress(destAddress, destPort));

        recvSocket = Socket::CreateSocket(GetNode(), UdpSocketFactory::GetTypeId());

        recvSocket->Bind(InetSocketAddress(Ipv4Address::GetAny(), localPort));

        recvSocket->SetRecvCallback(MakeCallback(&EncryptionApplication::ReceivePacket, this));

        // Schedule the first packet send

        SendPacket();

    }

    void SetRemote(Address address, uint16_t port) {

        destAddress = address;

        destPort = port;

    }

    void SetLocalPort(uint16_t port) {

        localPort = port;

    }

    void SendPacket() {

        std::string message = “Hello, this is an encrypted message”;

        std::string encryptedMessage = EncryptMessage(message);

        Ptr<Packet> packet = Create<Packet>((uint8_t*) encryptedMessage.c_str(), encryptedMessage.size());

        sendSocket->Send(packet);

        // Schedule the next packet send

        Simulator::Schedule(Seconds(1.0), &EncryptionApplication::SendPacket, this);

    }

    void ReceivePacket(Ptr<Socket> socket) {

        Ptr<Packet> packet;

        while ((packet = socket->Recv())) {

            std::string encryptedMessage = std::string((char*) packet->PeekData(), packet->GetSize());

            std::string message = DecryptMessage(encryptedMessage);

            std::cout << “Received message: ” << message << std::endl;

        }

    }

    std::string EncryptMessage(const std::string& message) {

        // Placeholder encryption logic

        return message;

    }

    std::string DecryptMessage(const std::string& encryptedMessage) {

        // Placeholder decryption logic

        return encryptedMessage;

    }

private:

    Ptr<Socket> sendSocket;

    Ptr<Socket> recvSocket;

    Address destAddress;

    uint16_t destPort;

    uint16_t localPort;

};

class DoSAttackApplication : public Application {

public:

    void StartApplication() override {

        sendSocket = Socket::CreateSocket(GetNode(), UdpSocketFactory::GetTypeId());

        sendSocket->Connect(InetSocketAddress(destAddress, destPort));

        // Schedule the first packet send

        SendPacket();

    }

    void SetRemote(Address address, uint16_t port) {

        destAddress = address;

        destPort = port;

    }

    void SendPacket() {

        std::string message = “This is a DoS attack packet”;

        Ptr<Packet> packet = Create<Packet>((uint8_t*) message.c_str(), message.size());

        sendSocket->Send(packet);

        // Schedule the next packet send

        Simulator::Schedule(MilliSeconds(10), &DoSAttackApplication::SendPacket, this);

    }

private:

    Ptr<Socket> sendSocket;

    Address destAddress;

    uint16_t destPort;

};

int main(int argc, char *argv[]) {

    NodeContainer normalNodes, attackerNodes, serverNodes;

    normalNodes.Create(3);

    attackerNodes.Create(1);

    serverNodes.Create(1);

    // WiFi setup

    WifiHelper wifi;

    wifi.SetStandard(WIFI_PHY_STANDARD_80211n_5GHZ);

    WifiMacHelper mac;    mac.SetType(“ns3::AdhocWifiMac”);

    YansWifiPhyHelper phy = YansWifiPhyHelper::Default();

    YansWifiChannelHelper channel = YansWifiChannelHelper::Default();

    phy.SetChannel(channel.Create());

    NetDeviceContainer normalDevices = wifi.Install(phy, mac, normalNodes);

    NetDeviceContainer attackerDevices = wifi.Install(phy, mac, attackerNodes);

    NetDeviceContainer serverDevices = wifi.Install(phy, mac, serverNodes);

    // Mobility setup

    MobilityHelper mobility;

    mobility.SetMobilityModel(“ns3::ConstantPositionMobilityModel”);    mobility.Install(normalNodes);    mobility.Install(attackerNodes);    mobility.Install(serverNodes);

 

    // Internet stack and routing

    AodvHelper aodv;

    InternetStackHelper internet;    internet.SetRoutingHelper(aodv);    internet.Install(normalNodes);

    internet.Install(attackerNodes);    internet.Install(serverNodes);

    Ipv4AddressHelper address;

    address.SetBase(“10.1.1.0”, “255.255.255.0”);

    Ipv4InterfaceContainer normalInterfaces = address.Assign(normalDevices);

    Ipv4InterfaceContainer attackerInterfaces = address.Assign(attackerDevices);

    Ipv4InterfaceContainer serverInterfaces = address.Assign(serverDevices);

    // Install applications

    ApplicationContainer normalApps, attackerApps, serverApps;

    for (uint32_t i = 0; i < normalNodes.GetN(); ++i) {

        Ptr<EncryptionApplication> app = CreateObject<EncryptionApplication>();

        app->SetRemote(serverNodes.Get(0)->GetObject<Ipv4>()->GetAddress(1, 0).GetLocal(), 9);

        app->SetLocalPort(10);

        normalNodes.Get(i)->AddApplication(app);

        app->SetStartTime(Seconds(1.0));

        app->SetStopTime(Seconds(20.0));

        normalApps.Add(app);

    }

    for (uint32_t i = 0; i < attackerNodes.GetN(); ++i) {

        Ptr<DoSAttackApplication> app = CreateObject<DoSAttackApplication>();

        app->SetRemote(serverNodes.Get(0)->GetObject<Ipv4>()->GetAddress(1, 0).GetLocal(), 9);

        attackerNodes.Get(i)->AddApplication(app);

        app->SetStartTime(Seconds(5.0));

        app->SetStopTime(Seconds(20.0));

        attackerApps.Add(app);

    }

    PacketSinkHelper sink(“ns3::UdpSocketFactory”, InetSocketAddress(Ipv4Address::GetAny(), 9));

    serverApps.Add(sink.Install(serverNodes));    serverApps.Start(Seconds(1.0));    serverApps.Stop(Seconds(20.0));    Simulator::Stop(Seconds(20.0));

    Simulator::Run();

    Simulator::Destroy();

    return 0;

}

Overall. We have learned on implementing network security projects in ns-3 by simulating security protocols, attacks, and defenses within a network scenario. Also, we provide more related coding support  on network security projects.