To implement wireless attacks in ns3, we need to simulate a wireless network that disrupts and eavesdrop on the communication between other nodes by using an attacker node. The following guide provides the steps to implement basic wireless attack like deauthentication attack that disrupts the connection between the access point and wireless clients.
Step-by-step guide to Implement Wireless Attack in ns3
- Set Up ns-3 Environment:
- Make sure ns3 is installed on the system.
- Install necessary dependencies.
- Create a New ns-3 Script:
- Create a new script file in the scratch directory of ns3, e.g., wireless_attack.cc.
- Include Necessary Headers:
- Include the necessary ns3 headers in the script.
- Define Wireless Network Topology:
- Set up a wireless network topology that includes an access point (AP), multiple clients, and an attacker node.
- Implement Wireless Attack Logic:
- Use the WifiNetDevice to simulate wireless communication and implement attack logic, such as sending deauthentication frames.
- Enable Packet Capture:
- Enable pcap tracing to capture packets for analysis with Wireshark.
- Run the Simulation:
- Set the simulation time and run the simulation using Simulator::Run() and Simulator::Destroy().
Example: Implementing a Deauthentication Attack
Here is a basic example of implementing a deauthentication attack in ns3:
#include “ns3/core-module.h”
#include “ns3/network-module.h”
#include “ns3/wifi-module.h”
#include “ns3/mobility-module.h”
#include “ns3/internet-module.h”
#include “ns3/applications-module.h”
#include “ns3/packet-sink.h”
using namespace ns3;
NS_LOG_COMPONENT_DEFINE (“WirelessAttackExample”);
void SendDeauthPacket (Ptr<WifiNetDevice> attacker, Mac48Address apMac, Mac48Address clientMac)
{
WifiMacHeader hdr;
hdr.SetType (WIFI_MAC_MGMT);
hdr.SetSubtype (WIFI_MAC_MGMT_DEAUTHENTICATION);
hdr.SetAddr1 (clientMac); // Receiver address
hdr.SetAddr2 (apMac); // Transmitter address
hdr.SetAddr3 (apMac); // BSSID
Ptr<Packet> packet = Create<Packet> ();
packet->AddHeader (hdr);
attacker->Send (packet, apMac, 0);
}
int main (int argc, char *argv[])
{
bool verbose = true;
uint32_t nWifi = 2; // Number of clients
CommandLine cmd;
cmd.AddValue (“nWifi”, “Number of wifi STA devices”, nWifi);
cmd.AddValue (“verbose”, “Tell echo applications to log if true”, verbose);
cmd.Parse (argc, argv);
if (verbose)
{
LogComponentEnable (“WirelessAttackExample”, LOG_LEVEL_INFO);
}
NodeContainer wifiStaNodes;
wifiStaNodes.Create (nWifi);
NodeContainer wifiApNode;
wifiApNode.Create (1);
NodeContainer attackerNode;
attackerNode.Create (1);
YansWifiChannelHelper channel = YansWifiChannelHelper::Default ();
YansWifiPhyHelper phy = YansWifiPhyHelper::Default ();
phy.SetChannel (channel.Create ());
WifiHelper wifi = WifiHelper::Default ();
wifi.SetRemoteStationManager (“ns3::AarfWifiManager”);
WifiMacHelper mac;
Ssid ssid = Ssid (“ns-3-ssid”);
mac.SetType (“ns3::StaWifiMac”,
“Ssid”, SsidValue (ssid),
“ActiveProbing”, BooleanValue (false));
NetDeviceContainer staDevices;
staDevices = wifi.Install (phy, mac, wifiStaNodes);
mac.SetType (“ns3::ApWifiMac”,
“Ssid”, SsidValue (ssid));
NetDeviceContainer apDevice;
apDevice = wifi.Install (phy, mac, wifiApNode);
// Install internet stack on all nodes
InternetStackHelper stack;
stack.Install (wifiApNode);
stack.Install (wifiStaNodes);
stack.Install (attackerNode);
// Assign IP addresses
Ipv4AddressHelper address;
address.SetBase (“10.1.1.0”, “255.255.255.0”);
Ipv4InterfaceContainer staInterfaces;
staInterfaces = address.Assign (staDevices);
Ipv4InterfaceContainer apInterface;
apInterface = address.Assign (apDevice);
// Set mobility model
MobilityHelper mobility;
mobility.SetPositionAllocator (“ns3::GridPositionAllocator”,
“MinX”, DoubleValue (0.0),
“MinY”, DoubleValue (0.0),
“DeltaX”, DoubleValue (5.0),
“DeltaY”, DoubleValue (10.0),
“GridWidth”, UintegerValue (3),
“LayoutType”, StringValue (“RowFirst”));
mobility.SetMobilityModel (“ns3::ConstantPositionMobilityModel”);
mobility.Install (wifiApNode);
mobility.Install (wifiStaNodes);
mobility.Install (attackerNode);
// Install applications
UdpEchoServerHelper echoServer (9);
ApplicationContainer serverApps = echoServer.Install (wifiApNode.Get (0));
serverApps.Start (Seconds (1.0));
serverApps.Stop (Seconds (10.0));
UdpEchoClientHelper echoClient (apInterface.GetAddress (0), 9);
echoClient.SetAttribute (“MaxPackets”, UintegerValue (1));
echoClient.SetAttribute (“Interval”, TimeValue (Seconds (1.0)));
echoClient.SetAttribute (“PacketSize”, UintegerValue (1024));
ApplicationContainer clientApps = echoClient.Install (wifiStaNodes);
clientApps.Start (Seconds (2.0));
clientApps.Stop (Seconds (10.0));
// Enable packet capture
phy.EnablePcapAll (“wireless_attack”);
// Schedule deauthentication attack
Simulator::Schedule (Seconds (3.0), &SendDeauthPacket, DynamicCast<WifiNetDevice> (attackerNode.Get (0)->GetDevice (0)),DynamicCast<WifiNetDevice> (wifiApNode.Get (0)->GetDevice (0))->GetAddress (),DynamicCast<WifiNetDevice> (wifiStaNodes.Get (0)->GetDevice (0))->GetAddress ());
Simulator::Run ();
Simulator::Destroy ();
return 0;
}
Explanation:
- Nodes and Links:
- Created nodes for the AP, clients, and an attacker node.
- Configured a wireless network using YansWifiChannelHelper and YansWifiPhyHelper.
- Applications:
- Installed a UDP echo server on the AP and UDP echo clients on the client nodes to generate traffic.
- Deauthentication Attack Logic:
- Implemented a SendDeauthPacket function to create and send deauthentication frames from the attacker node to the AP and client.
- Scheduled the deauthentication attack to disrupt the connection between the AP and one of the clients.
- Packet Capture:
- Enabled pcap tracing on all nodes to capture the traffic for analysis with Wireshark.
- Running the Simulation:
- The simulation runs with the attacker node sending deauthentication frames to disrupt the wireless communication, and the traffic is captured in pcap files.
From the implementation process of wireless attacks in ns3 we had learnt that while simulating the network an attacker node disrupts on the communication between the nodes it said to be deauthenitication attack.We work on all concepts of Wireless Attacks in ns3 , so contact us for programming support .