How to create Flooding Attack in NS2 AODV ?
What is mean by Flooding Attack? Short Note :
Malicious Node will create a more no of RREQ to a node, which is even doesn't exist in the network topology. This is how malicious node, start to flood the request in the network. The purpose of this attack is to consume the network bandwidth and to exhaust the network resources all the time.
Steps :
> In aodv.h,
i) #define FLOOD_INTERVAL 0.09
ii) Add this, after BroadcastTimer class
class FloodTimer : public Handler
{
public:
FloodTimer(AODV* a): agent(a){}
void handle(Event*);
private:
AODV *agent;
Event intr;
};
iii) class AODV: public Agent
{
...........
...........
friend class FloodTimer;
...........
Protected:
............
/*
* Packet TX Routines
*/
void FloodRREQ(nsaddr_t dst);
............
nsaddr_t index; // IP Address of this node
u_int32_t seqno; // Sequence Number
int bid; // Broadcast ID
bool flooder;
/*
* Timers
*/
FloodTimer ftimer;
............
};
> In aodv.cc,
i) int AODV::command(int argc, const char*const* argv)
{
if(argc == 2)
{
Tcl& tcl = Tcl::instance();
if(strncasecmp(argv[1], "id", 2) == 0)
{
tcl.resultf("%d", index);
return TCL_OK;
}
if(strcmp(argv[1], "flooder") == 0)
{
flooder = true;
return TCL_OK;
}
if(strncasecmp(argv[1], "start", 2) == 0)
{
........
ftimer.handle((Event*) 0);
........
}
........
}
..........
}
ii) Add ftimer(this) and flooder = false,
AODV::AODV(nsaddr_t id) : Agent(PT_AODV),
btimer(this), htimer(this), ntimer(this),
rtimer(this), lrtimer(this), ftimer(this), rqueue()
{
........
flooder=false;
........
}
iii) In Timers, add FloodTimer()
void FloodTimer::handle(Event*)
{
if (agent->flooder==true)
{
agent->FloodRREQ(99);
// index will be a attacker, flood attacker !
}
Scheduler::instance().schedule(this, &intr, FLOOD_INTERVAL);
}
iv) After void AODV::SendRequest(nsaddr_t dst) function add this,
void AODV::FloodRREQ(nsaddr_t dst)
{
Packet *p = Packet::alloc();
struct hdr_cmn *ch = HDR_CMN(p);
struct hdr_ip *ih = HDR_IP(p);
struct hdr_aodv_request *rq = HDR_AODV_REQUEST(p);
aodv_rt_entry *rt = rtable.rt_lookup(dst);
printf("\n***** 'in FloodRREQ' at node::%d*****\n",index);
// rtable.rt_display(index);
// Fill out the RREQ packet
// ch->uid() = 0;
ch->ptype() = PT_AODV;
ch->size() = IP_HDR_LEN + rq->size();
ch->iface() = -2;
ch->error() = 0;
ch->addr_type() = NS_AF_NONE;
ch->prev_hop_ = index;
ih->saddr() = index;
ih->daddr() = IP_BROADCAST;
ih->sport() = RT_PORT;
ih->dport() = RT_PORT;
ih->ttl_ = NETWORK_DIAMETER;
rq->rq_type = AODVTYPE_RREQ;
rq->rq_hop_count = 1;
rq->rq_bcast_id = bid++;
rq->rq_dst = dst;
static int flood=0,num=0;
if(flood==0)
{
num=(rt ? rt->rt_seqno : 0);
flood=1;
}
rq->rq_dst_seqno = num;
rq->rq_src = index;
seqno += 2;
assert ((seqno%2) == 0);
rq->rq_src_seqno = seqno;
rq->rq_timestamp = CURRENT_TIME;
num=num+2;
Scheduler::instance().schedule(target_, p, 0.);
}
> In tcl file
i) At the end, add this code to make a node as flooder
$ns at 0.0 "[$node_(0) set ragent_] flooder"
Now, node 0 will create a RREQ to node 99 ( which doesn't exist in the network ) for every 0.09 seconds.
{
if(argc == 2)
{
Tcl& tcl = Tcl::instance();
if(strncasecmp(argv[1], "id", 2) == 0)
{
tcl.resultf("%d", index);
return TCL_OK;
}
if(strcmp(argv[1], "flooder") == 0)
{
flooder = true;
return TCL_OK;
}
if(strncasecmp(argv[1], "start", 2) == 0)
{
........
ftimer.handle((Event*) 0);
........
}
........
}
..........
}
ii) Add ftimer(this) and flooder = false,
AODV::AODV(nsaddr_t id) : Agent(PT_AODV),
btimer(this), htimer(this), ntimer(this),
rtimer(this), lrtimer(this), ftimer(this), rqueue()
{
........
flooder=false;
........
}
iii) In Timers, add FloodTimer()
void FloodTimer::handle(Event*)
{
if (agent->flooder==true)
{
agent->FloodRREQ(99);
// index will be a attacker, flood attacker !
}
Scheduler::instance().schedule(this, &intr, FLOOD_INTERVAL);
}
iv) After void AODV::SendRequest(nsaddr_t dst) function add this,
void AODV::FloodRREQ(nsaddr_t dst)
{
Packet *p = Packet::alloc();
struct hdr_cmn *ch = HDR_CMN(p);
struct hdr_ip *ih = HDR_IP(p);
struct hdr_aodv_request *rq = HDR_AODV_REQUEST(p);
aodv_rt_entry *rt = rtable.rt_lookup(dst);
printf("\n***** 'in FloodRREQ' at node::%d*****\n",index);
// rtable.rt_display(index);
// Fill out the RREQ packet
// ch->uid() = 0;
ch->ptype() = PT_AODV;
ch->size() = IP_HDR_LEN + rq->size();
ch->iface() = -2;
ch->error() = 0;
ch->addr_type() = NS_AF_NONE;
ch->prev_hop_ = index;
ih->saddr() = index;
ih->daddr() = IP_BROADCAST;
ih->sport() = RT_PORT;
ih->dport() = RT_PORT;
ih->ttl_ = NETWORK_DIAMETER;
rq->rq_type = AODVTYPE_RREQ;
rq->rq_hop_count = 1;
rq->rq_bcast_id = bid++;
rq->rq_dst = dst;
static int flood=0,num=0;
if(flood==0)
{
num=(rt ? rt->rt_seqno : 0);
flood=1;
}
rq->rq_dst_seqno = num;
rq->rq_src = index;
seqno += 2;
assert ((seqno%2) == 0);
rq->rq_src_seqno = seqno;
rq->rq_timestamp = CURRENT_TIME;
num=num+2;
Scheduler::instance().schedule(target_, p, 0.);
}
> In tcl file
i) At the end, add this code to make a node as flooder
$ns at 0.0 "[$node_(0) set ragent_] flooder"
Now, node 0 will create a RREQ to node 99 ( which doesn't exist in the network ) for every 0.09 seconds.
No comments:
Post a Comment