Ns3 Projects for B.E/B.Tech M.E/M.Tech PhD Scholars.  Phone-Number:9790238391   E-mail: ns3simulation@gmail.com

How to Implement passive attacks in ns3

To implement passive attacks in ns3, we have to eavesdrop on the network traffic without actively injecting any packets or disrupting the network. You can implement a passive attack in ns3 by setting up a node which captures and logs packets being transmitted through the network.

Here is a quick and complete guide on implementing passive attacks in ns3.

Steps for implementation

  1. Set up your ns3 :
  • Make sure that ns3 is installed in the computer. If not, install it.
  1. Create a new ns3 script :
  • In the scratch directory of ns3, create a new script.
  1. Include necessary libraries :
  • In your script, include the necessary libraries.
  1. Define network topology :
  • For your network topology, create multiple nodes and one passive attacker node.
  1. Implement the packet sniffing logic :
  • On the attacker node, use packet sniffer to capture and log packtes.
  1. Enable packet capturing :
  • Enable pcap tracing to capture packets for analysis with Wireshark.
  1. Run the Simulation :
  • Define the simulation parameters and run it.

Example for implementing Passive attack in ns3

Here is the example for the implementation of Passive attack :

#include “ns3/core-module.h”

#include “ns3/network-module.h”

#include “ns3/internet-module.h”

#include “ns3/point-to-point-module.h”

#include “ns3/applications-module.h”

#include “ns3/packet-sink.h”

#include “ns3/pcap-file.h”

using namespace ns3;

NS_LOG_COMPONENT_DEFINE (“PassiveAttack”);

void PacketCapture (Ptr<const Packet> packet)

{

// Log packet information (for example, packet size)

NS_LOG_INFO (“Captured packet of size: ” << packet->GetSize ());

}

int main (int argc, char *argv[])

{

// Set up logging

LogComponentEnable (“PassiveAttack”, LOG_LEVEL_INFO);

// Create nodes

NodeContainer nodes;

nodes.Create (4); // Three legitimate nodes and one passive attacker node

// Create point-to-point links

PointToPointHelper pointToPoint;

pointToPoint.SetDeviceAttribute (“DataRate”, StringValue (“5Mbps”));

pointToPoint.SetChannelAttribute (“Delay”, StringValue (“2ms”));

NetDeviceContainer devices;

for (uint32_t i = 0; i < nodes.GetN () – 1; ++i)

{

devices.Add (pointToPoint.Install (nodes.Get (i), nodes.Get (i + 1)));

}

// Install the internet stack

InternetStackHelper stack;

stack.Install (nodes);

// Assign IP addresses

Ipv4AddressHelper address;

address.SetBase (“10.1.1.0”, “255.255.255.0”);

Ipv4InterfaceContainer interfaces = address.Assign (devices);

// Install applications on legitimate nodes

uint16_t port = 9; // Discard port (RFC 863)

// Server application

UdpEchoServerHelper echoServer (port);

ApplicationContainer serverApps = echoServer.Install (nodes.Get (1));

serverApps.Start (Seconds (1.0));

serverApps.Stop (Seconds (10.0));

// Client application

UdpEchoClientHelper echoClient (interfaces.GetAddress (1), port);

echoClient.SetAttribute (“MaxPackets”, UintegerValue (100));

echoClient.SetAttribute (“Interval”, TimeValue (Seconds (0.1)));

echoClient.SetAttribute (“PacketSize”, UintegerValue (1024));

ApplicationContainer clientApps = echoClient.Install (nodes.Get (0));

clientApps.Start (Seconds (2.0));

clientApps.Stop (Seconds (10.0));

// Enable packet capture

pointToPoint.EnablePcapAll (“passive_attack”);

// Set up packet capture on the passive attacker node

Ptr<NetDevice> attackerDevice = devices.Get (devices.GetN () – 1);

attackerDevice->TraceConnectWithoutContext (“PhyRxDrop”, MakeCallback (&PacketCapture));

// Run simulation

Simulator::Run ();

Simulator::Destroy ();

return 0;

}

Explanation

  1. Nodes and links :

Four nodes are created : three for legitimate communication and one for passive attacker. Point-to-point links between nodes are configured.

  1. Applications :

On one of the legitimate node, a UDP echo server is installed. and On another legitimate node, a UDP echo server is installed to generate traffic.

  1. Passive attack logic :

To log packet information, PacketCapture function is implemented. To capture packets, connected the packet capture function to the PhyRxDrop trace source of the attacker’s network device.

  1. Packet Capture :

To capture the traffic for analysis with Wireshark, pcap tracing on all nodes is enabled.

  1. Running the Simulation :

The simulation runs with attacker node passively capturing packets, and the traffic is captured in pcap files.