To simulate a ping sweep attack in OMNeT++ has includes to set up the multiple hosts on a network, executing a custom attacker module to replicate sending ICMP Echo Requests, and monitoring that hosts respond.
A ping sweep attack is a network scanning approaches utilized to detect live hosts on a network by transmit an ICMP Echo Requests usually known as pings to multiple IP addresses and evaluating the responses. In a ping sweep attack, an attacker automatically transmits pings to a range of IP addresses and eavesdrops for responses to detect active devices. This is usually the initial step in investigation for a more extensive network attack.
Here’s a step-by-step guide to simulate a ping sweep attack project using OMNeT++.
Steps to Simulate Ping Sweep Attack Projects in OMNeT++
- Set up OMNeT++ and INET Framework
- Install OMNeT++: Download OMNeT++.
- Install INET Framework: INET offer support for ICMP that is essential for sending and receiving ping requests and responses. Download INET from the INET GitHub page or use OMNeT++’s package manager to install it.
- Define a Network Topology (NED File)
We need to describe a network topology with multiple hosts and an attacker node that will act as the ping sweep. The topology could consist of several hosts (potential targets), a router or switch to replicate network infrastructure, and an attacker.
Example NED File for Ping Sweep Network:
network PingSweepNetwork
{
submodules:
hostA: StandardHost {
@display(“i=device/pc”);
}
hostB: StandardHost {
@display(“i=device/pc”);
}
hostC: StandardHost {
@display(“i=device/pc”);
}
attacker: StandardHost {
@display(“i=device/laptop”);
}
router: Router {
@display(“i=abstract/router”);
}
connections:
hostA.pppg++ <–> PointToPointLink <–> router.pppg++;
hostB.pppg++ <–> PointToPointLink <–> router.pppg++;
hostC.pppg++ <–> PointToPointLink <–> router.pppg++;
attacker.pppg++ <–> PointToPointLink <–> router.pppg++;
}
In this network:
- hostA, hostB, and hostC are potential targets of the ping sweep.
- attacker replicate an attacker node that will transmit ICMP Echo Requests to a range of IP addresses.
- router is the network device that associates all hosts and forwards the traffic among them.
- Configure Ping Applications on the Hosts
The hosts need to be able to respond to ICMP Echo Requests (pings). We can set up the hosts to respond to ping requests using the built-in PingApp in INET.
Example omnetpp.ini Configuration for Hosts:
network = PingSweepNetwork
sim-time-limit = 100s
# Enable ping response on hosts
*.hostA.numApps = 1
*.hostA.app[0].typename = “PingResponder”
*.hostB.numApps = 1
*.hostB.app[0].typename = “PingResponder”
*.hostC.numApps = 1
*.hostC.app[0].typename = “PingResponder”
- PingResponder: Each host executes the PingResponder application that eavesdrops for ICMP Echo Requests and replies with ICMP Echo Replies.
- This configures the hosts to respond when they are pinged by the attacker.
- Implement Ping Sweep Attack on the Attacker
To replicate the ping sweep attack, we need to execute a custom attacker module that transmits ICMP Echo Requests to a range of IP addresses. We can either modify the built-in PingApp or generate a custom version of it that transmit pings to multiple hosts.
Example C++ Code for Ping Sweep Attack (Attacker Module):
class PingSweep : public cSimpleModule
{
private:
int numHosts; // Number of hosts to ping
int currentHostIndex; // Index of the current host being pinged
simtime_t pingInterval; // Time interval between ping requests
cMessage *pingTimer; // Timer for sending the next ping
protected:
virtual void initialize() override;
virtual void handleMessage(cMessage *msg) override;
void sendPingRequest();
void handlePingReply(cPacket *pkt);
};
void PingSweep::initialize()
{
numHosts = par(“numHosts”).intValue();
pingInterval = par(“pingInterval”);
currentHostIndex = 0;
pingTimer = new cMessage(“pingTimer”);
scheduleAt(simTime(), pingTimer); // Start sending pings immediately
}
void PingSweep::handleMessage(cMessage *msg)
{
if (msg == pingTimer)
{
sendPingRequest();
scheduleAt(simTime() + pingInterval, pingTimer); // Schedule the next ping
}
else
{
// Handle ping reply
cPacket *pkt = check_and_cast<cPacket*>(msg);
handlePingReply(pkt);
}
}
void PingSweep::sendPingRequest()
{
// Ping the next host
std::string targetHost = “host” + std::to_string(currentHostIndex);
currentHostIndex = (currentHostIndex + 1) % numHosts;
// Create and send an ICMP Echo Request packet
cPacket *pingRequest = new cPacket(“ICMP Echo Request”);
EV << “Sending ping request to ” << targetHost << endl;
send(pingRequest, “out”); // Send the ping to the target host
}
void PingSweep::handlePingReply(cPacket *pkt)
{
EV << “Received ping reply from ” << pkt->getSenderModule()->getName() << endl;
delete pkt;
}
In this module:
- sendPingRequest() transmit ICMP Echo Requests to each host in the network, one by one.
- handlePingReply() processes the ICMP Echo Replies from the hosts, logging which hosts responded.
- The pings are transmitting at regular intervals definite by pingInterval.
- Configure the Attacker in omnetpp.ini
To set up the attacker’s ping sweep in the .ini file, set the number of hosts to scan and the ping interval.
Example omnetpp.ini Configuration for Attacker:
network = PingSweepNetwork
sim-time-limit = 100s
# Configure attacker to send ping requests to all hosts
*.attacker.numApps = 1
*.attacker.app[0].typename = “PingSweep”
*.attacker.app[0].numHosts = 3 # Attacker will sweep across 3 hosts (hostA, hostB, hostC)
*.attacker.app[0].pingInterval = 1s # Send pings every 1 second
This configuration:
- attacker sends pings to the three hosts (hostA, hostB, and hostC) in sequence.
- The interval among pings is set to 1 second.
- Run the Simulation
After configuring the network and set up the hosts and attacker, execute the simulation using OMNeT++:
- Qtenv or Tkenv: Utilize OMNeT++’s graphical interface to envision the network, monitor traffic, and track the ping sweep process.
- Packet Analysis: Monitor ICMP Echo Requests and Replies to see how the attacker classifies live hosts.
- Analyse the Results
Once the simulation is done, we can evaluate the attack’s effectiveness:
- Hosts Discovered: validate on how many hosts responded to the attacker’s ping requests.
- Response Times: Evaluate the response times of the ICMP Echo Replies to measure the delay of each host.
- Network Traffic: Monitor the ICMP traffic created by the ping sweep and evaluates its effects on network load.
- Extend the Project
Here are some extensions that can add to the project:
Stealthy Ping Sweep
Adjust the ping sweep attack to be less detectable by:
- Randomizing Ping Intervals: rather than sending pings at regular intervals randomize the time among pings to mitigate detection.
- Sending Fewer Pings: Only pings a subset of hosts at a time to reduce the volume of traffic.
Flooding Attack (DoS)
Expand the ping sweep attack to flood the network by transmit a high volume of pings to overwhelm the hosts and the network infrastructure.
Network Defences
Replicate defences against ping sweep attacks by:
- Implementing Firewalls: Set up hosts to drop ICMP requests from unknown sources.
- Intrusion Detection System (IDS): Execute an IDS module that identifies ping sweep behaviour and logs potential attackers.
Example Project Structure:
PingSweepAttackSimulation/
├── src/
│ └── PingSweepNetwork.ned # Network topology for ping sweep attack
│ └── PingSweep.cc # Custom ping sweep attack implementation
├── omnetpp.ini # Simulation configuration
└── Makefile # Build file for compiling the project
In this manual, we clearly explained the concepts about how to simulate and install the environment for ping sweep attack in OMNeT++ tool and also we offered the simulation procedures, sample snippets and the extension for this project with the project structure. If you want to know more details feel free to ask!
phdprime.com will clearly manage your simulation needs, and we assure you that your simulation results will be delivered promptly and with exceptional quality. Please send a message to phdprime.com outlining your project requirements, along with the foundational and reference materials, and we will provide you with comprehensive results.