How to Simulate Network Attacks Projects Using NS2

To simulate Network Attacks in NS2 has needs to generate an environment in which the malicious nodes try to interrupt, degrade or compromise the network. This can involves the threats like Denial of Service (DoS), Distributed Denial of Service (DDoS), Man-in-the-Middle (MITM), Packet Sniffing, or Spoofing. We can also replicate defensive mechanisms to prevent or mitigate these attacks.

Here’s a guide to simulating different types of network attacks using NS2:

Steps to Simulate Network Attacks Projects in NS2

  1. Install NS2

Ensure that NS2 is installed on the system. If it’s not installed, use:

sudo apt-get install ns2

  1. Key Components in Network Attack Simulation
  • Attacker Nodes: Nodes that create malicious traffic, like flooding the network with packets or endeavouring to intercept data.
  • Victim Nodes: Nodes that are targeted by the attacks.
  • Normal Traffic: Implement legitimate network communication for comparison against malicious traffic.
  • Defense Mechanisms: we can implement IDS (Intrusion Detection Systems), firewalls, or packet filtering mechanisms to prevent attacks.
  1. Common Network Attacks
  • Denial of Service (DoS): The attacker devastates the victim with traffic that triggers service disruption.
  • Distributed Denial of Service (DDoS): Multiple attackers transfer large volumes of traffic to interrupt services.
  • Man-in-the-Middle (MITM): The attacker intercepts and potentially changes communication among two nodes.
  • Packet Sniffing: The attacker observes network traffic to capture sensitive data.
  • IP Spoofing: The attacker transmits packets with a forged source address.
  1. TCL Script for Network Attack Simulation

Example 1: Denial of Service (DoS) Attack Simulation

In this sample, a DoS attack is replicated in which an attacker transmit a large volume of packets to a victim, overwhelming the network.

# Create a simulator object

set ns [new Simulator]

# Open trace and NAM files

set tracefile [open “network_attack.tr” w]

$ns trace-all $tracefile

set namfile [open “network_attack.nam” w]

$ns namtrace-all $namfile

# Define nodes: Client, Attacker, and Server

set client [$ns node]

set attacker [$ns node]

set server [$ns node]

# Set positions for visualization (optional)

$client set X_ 100

$client set Y_ 100

$attacker set X_ 200

$attacker set Y_ 100

$server set X_ 300

$server set Y_ 100

# Define wired links between nodes

$ns duplex-link $client $server 100Mb 10ms DropTail

$ns duplex-link $attacker $server 100Mb 10ms DropTail

# Normal traffic from client to server (TCP)

set tcp_client [new Agent/TCP]

$ns attach-agent $client $tcp_client

set tcp_sink_server [new Agent/TCPSink]

$ns attach-agent $server $tcp_sink_server

$ns connect $tcp_client $tcp_sink_server

set app_client [new Application/Traffic/FTP]

$app_client attach-agent $tcp_client

$ns at 1.0 “$app_client start”

# Malicious traffic from attacker to server (UDP flood)

set udp_attacker [new Agent/UDP]

$ns attach-agent $attacker $udp_attacker

set udp_sink_server [new Agent/Null]

$ns attach-agent $server $udp_sink_server

$ns connect $udp_attacker $udp_sink_server

# Simulate high-rate packet flooding from attacker

set app_attacker [new Application/Traffic/CBR]

$app_attacker attach-agent $udp_attacker

$app_attacker set packetSize_ 1024

$app_attacker set interval_ 0.01  ;# Very high rate for DoS

$ns at 2.0 “$app_attacker start”

# End the simulation after 10 seconds

$ns at 10.0 “finish”

$ns run

Example 2: Distributed Denial of Service (DDoS) Attack

This prolongs the DoS attack with multiple attacker nodes flooding the server simultaneously.

# Define more attacker nodes for DDoS

set attacker2 [$ns node]

set attacker3 [$ns node]

# Set up links for the additional attackers

$ns duplex-link $attacker2 $server 100Mb 10ms DropTail

$ns duplex-link $attacker3 $server 100Mb 10ms DropTail

# Configure UDP flood from the additional attackers

set udp_attacker2 [new Agent/UDP]

$ns attach-agent $attacker2 $udp_attacker2

$ns connect $udp_attacker2 $udp_sink_server

set app_attacker2 [new Application/Traffic/CBR]

$app_attacker2 attach-agent $udp_attacker2

$app_attacker2 set packetSize_ 1024

$app_attacker2 set interval_ 0.01

$ns at 2.0 “$app_attacker2 start”

set udp_attacker3 [new Agent/UDP]

$ns attach-agent $attacker3 $udp_attacker3

$ns connect $udp_attacker3 $udp_sink_server

set app_attacker3 [new Application/Traffic/CBR]

$app_attacker3 attach-agent $udp_attacker3

$app_attacker3 set packetSize_ 1024

$app_attacker3 set interval_ 0.01

$ns at 2.0 “$app_attacker3 start”

$ns at 10.0 “finish”

$ns run

Example 3: Man-in-the-Middle (MITM) Attack

In this simulation, the attacker interrupts traffic among two nodes (client and server) and change or log the traffic.

# Man-in-the-Middle (MITM) setup

set mitm [$ns node]

# Links between client, MITM, and server

$ns duplex-link $client $mitm 100Mb 10ms DropTail

$ns duplex-link $mitm $server 100Mb 10ms DropTail

# Normal TCP traffic between client and server

set tcp_client [new Agent/TCP]

$ns attach-agent $client $tcp_client

set tcp_sink_server [new Agent/TCPSink]

$ns attach-agent $server $tcp_sink_server

$ns connect $tcp_client $tcp_sink_server

# MITM intercepting traffic

proc mitm_intercept {src dst packet} {

# Log or modify the packet (e.g., for an MITM attack)

puts “Intercepted packet from $src to $dst: $packet”

return $packet

}

# Simulate client sending traffic, and MITM intercepting it

set app_client [new Application/Traffic/FTP]

$app_client attach-agent $tcp_client

$ns at 1.0 “$app_client start”

# Schedule the MITM to intercept packets

$ns at 1.5 “mitm_intercept $client $server”

  1. Run the Simulation

After describing the attack and network environment, we can execute the simulation with the following command:

ns network_attack.tcl

  1. Visualize the Simulation

Utilize NAM (Network Animator) to envision the network attack and its impacts:

nam network_attack.nam

  1. Analyse the Trace File

After the simulation, evaluate the trace file (network_attack.tr) to assess the impacts of the attack:

  • Throughput: Evaluate on how much data was successfully transmitted although the attack.
  • Packet Loss: validate on how many packets were dropped because of the attack.
  • Latency: Evaluate the latency caused by the attack.
  • Attack Impact: measure on how efficiently the attack disturbed normal traffic.

We can extract these parameters by using AWK, Perl, or Python scripts.

  1. Advanced Network Attack Simulations

8.1 IP Spoofing

We can replicate IP Spoofing by adapting the source IP address of the packets transmits by the attacker.

8.2 Packet Sniffing

Mimic a packet-sniffing attack in which an attacker node passively observes and logs traffic among other nodes.

8.3 Replay Attack

Mimic a Replay Attack in which the attacker captures legitimate traffic and retransmits it later to disturb communication.

8.4 Countermeasures

Replicate countermeasures such as firewalls, IDS/IPS (Intrusion Detection/Prevention Systems), and encryption to prevent or mitigate threats.

Here, we clearly explain the step-by-step procedures to simulate the network attack in ns2 tool and also we provide the sample snippets for various attacks, advanced concepts regarding the numerous attack types with explanation to extend the simulation process. If you want to know more then we will offered it.

Experts in simulation at phdprime.com will offer you top-notch topics for Network Attacks Projects, ensuring that you complete your work with our team’s assistance and achieve outstanding results.

Opening Time

9:00am

Lunch Time

12:30pm

Break Time

4:00pm

Closing Time

6:30pm

  • award1
  • award2