Search This Blog

Friday 7 February 2014

Creation of Flooding Attack in NS2 AODV ???

Short Note on Flooding Attack :

         Malicious Node will create a more no of  RREQ  to a node, which is even doesn't exist in the network topology. This is how malicious node,  start to flood the request in the network. The purpose of this attack is to consume the network bandwidth and to exhaust the network resources all the time.

Steps :

     >  In aodv.h,
                           i)    #define FLOOD_INTERVAL  0.09  

                           ii)   Add this, after BroadcastTimer class

                                 class FloodTimer : public Handler 
                                 {
                                  public:
                                           FloodTimer(AODV* a):    agent(a){}
                                             void     handle(Event*);
                                 private:
                                           AODV     *agent;
                                           Event     intr;
                                 };
          
                          iii)   class AODV: public Agent 
                                 {
                                               ...........
                                               ...........
                                               friend class FloodTimer;
                                                ...........
                                    Protected:
                                                ............
                                                /*
                                                 * Packet TX Routines
                                                 */

                                                void FloodRREQ(nsaddr_t dst);
                                                ............

                                                nsaddr_t        index;                  // IP Address of this node
                                                u_int32_t       seqno;                  // Sequence Number
                                                int             bid;                           // Broadcast ID
                                                bool flooder;
                                              
                                                /*
                                                 * Timers
                                                 */

                                                 FloodTimer ftimer;
                                                 ............
                                   };

     >  In aodv.cc,
                            i)    int AODV::command(int argc, const char*const* argv)
                                {
                                          if(argc == 2)
                                          {
            Tcl& tcl = Tcl::instance();

                if(strncasecmp(argv[1], "id", 2) == 0)
                                                   {
                tcl.resultf("%d", index);
                 return TCL_OK;
                                                   }
     
                      if(strcmp(argv[1], "flooder") == 0) 
                                                    {
                flooder = true;
                return TCL_OK;
                 }

                 if(strncasecmp(argv[1], "start", 2) == 0)
                {
                                                            ........
               ftimer.handle((Event*) 0);
                 ........
                                                    }
                                                    ........
                                             }
               ..........
                                      }

                       ii) Add  ftimer(this)  and  flooder = false,

                                AODV::AODV(nsaddr_t id) : Agent(PT_AODV),
                             btimer(this), htimer(this), ntimer(this),
                             rtimer(this), lrtimer(this), ftimer(this), rqueue()
                               {
                                         ........
                                          flooder=false;
                                        ........
                               }

                        iii) In Timers, add FloodTimer()

                                 void FloodTimer::handle(Event*) 
                                  {
                                          if (agent->flooder==true) 
                                        {
                                            agent->FloodRREQ(99);
                                            // index will be a attacker, flood attacker !
                                        }
                                          Scheduler::instance().schedule(this, &intr, FLOOD_INTERVAL);
                                   }  

                                iv) After void AODV::SendRequest(nsaddr_t dst) function add this,

                                       void AODV::FloodRREQ(nsaddr_t dst)
                                       {
                                        Packet *p = Packet::alloc();
                                        struct hdr_cmn *ch = HDR_CMN(p);
                                         struct hdr_ip *ih = HDR_IP(p);
                                        struct hdr_aodv_request *rq = HDR_AODV_REQUEST(p);
                                        aodv_rt_entry *rt = rtable.rt_lookup(dst);

                                        printf("\n***** 'in FloodRREQ' at  node::%d*****\n",index);
                                        // rtable.rt_display(index);
                                         // Fill out the RREQ packet
                                         // ch->uid() = 0;
                                         ch->ptype() = PT_AODV;
                                         ch->size() = IP_HDR_LEN + rq->size();
                                         ch->iface() = -2;
                                         ch->error() = 0;
                                         ch->addr_type() = NS_AF_NONE;
                                         ch->prev_hop_ = index;
 
                                         ih->saddr() = index;
                                         ih->daddr() = IP_BROADCAST;
                                        ih->sport() = RT_PORT;
                                         ih->dport() = RT_PORT;
                                         ih->ttl_ = NETWORK_DIAMETER;
                                         rq->rq_type = AODVTYPE_RREQ;
                                         rq->rq_hop_count = 1;
                                         rq->rq_bcast_id = bid++;
                                         rq->rq_dst = dst;
                                         static int flood=0,num=0;
                                         if(flood==0)
                                        {
                                          num=(rt ? rt->rt_seqno : 0);
                                          flood=1;
                                        }
                                         rq->rq_dst_seqno = num; 
                                         rq->rq_src = index;
                                         seqno += 2;
                                         assert ((seqno%2) == 0);
                                        rq->rq_src_seqno = seqno;
                                         rq->rq_timestamp = CURRENT_TIME;
                                        num=num+2;
                                        Scheduler::instance().schedule(target_, p, 0.);
                                       }

     >  In tcl file
                             i)  At the end, add this code to make a node as flooder
                                            $ns at 0.0 "[$node_(0) set ragent_] flooder"

Now, node 0 will create a RREQ to node 99 ( which doesn't exist in the network ) for every 0.09 seconds.

70 comments:

  1. Please tell about the tcl file for flooding which has to be written after modifying the tcl files

    ReplyDelete
    Replies
    1. hello @soma, can you help me about tcl script?, when i run the tcl file, it error. thank you so much!!!

      Delete
  2. How can i add more than 1 flooding node

    ReplyDelete
    Replies
    1. you only need to add another line in tcl file that's it.
      $ns at 0.0 "[$node_(0) set ragent_] flooder"
      $ns at 0.0 "[$node_(4) set ragent_] flooder"
      now, node 0 and node 4 will act as flooder.

      Delete
  3. Despite doing the above changes there is no flooding....throughput remains same in the absence and presence of attackers....Please tell why the flooding is not working despite incorporating all the changes

    ReplyDelete
    Replies
    1. @soma, did you set the path while installing ns2 ( after ./install ).
      The above code works fine. For setting path refer this link http://karthicksivakrr.blogspot.in/2013/11/ns2-tips_27.html

      Delete

    2. Sir,
      I have done all these stil the flooding does not work in the presence or absence of attackers...please check the wireless-flooding.tcl in tcl /ex files....if you calculate throughput it is the same in all cases...besides i have also done all the changes in the website and when i run the corresponding tcl file the flooding does not work....the presence of attackers in the tcl file by writing it with ragent does not do any work


      Moreover when i add the following line $ns at 0.0 "[$node_(0) set ragent_] flooder" in the tcl code it shows error
      num_nodes is set 25
      INITIALIZE THE LIST xListHead

      (_o5 cmd line 1)
      invoked from within
      "_o5 cmd at 0.0\" _o17 flooder\""
      invoked from within
      "catch "$self cmd $args" ret"
      invoked from within
      "if [catch "$self cmd $args" ret] {
      set cls [$self info class]
      global errorInfo
      set savedInfo $errorInfo
      error "error when calling class $cls: $args" $..."
      (procedure "_o5" line 2)
      (SplitObject unknown line 2)
      invoked from within
      "_o5 at 0.0\" _o17 flooder\""
      ("eval" body line 1)
      invoked from within
      "eval $scheduler_ at $args"
      (procedure "_o3" line 3)
      (Simulator at line 3)
      invoked from within
      "$ns at 0.0" [$n0 set ragent_] flooder""
      (file "bla_ck.tcl" line 193)



      So to remove the error i have to remove the space from the line $ns at 0.0 "[$node_(0) set ragent_] flooder" and remove all spaces and write it as :-
      $ns at 0.0"[$node_(0) set ragent_]flooder"

      When the line is written as above one then only the tcl file works , still the effect of modifying lines in the aodv.cc and aodv.h are not visible and there is no flooding

      Delete
    3. I have done all path settings still does not work....

      Delete
    4. @soma can you post your tcl code...???

      Delete
    5. Sir,
      The code is not getting posted here due to space constraint...any other source where i could post it

      Delete
    6. Sir,
      As suggested above in step (ii) in aodv.h where it is written to modify in the class AODV: public Tap,public Agent . I did not find the public Tap in the aodv.h file but as you have suggested to change in "class AODV: public Tap,public Agent" instead i changed in class AODV: public Agent.
      So what to do about the public Tap...please suggest

      Delete
    7. @soma, Public Tap is not needed here.Its for monitoring neighbour nodes.You changed it correctly. I ll remove that from post, thanks for mentioning it. send your code to karthicksivakrr@gmail.com.

      Delete
    8. Sir,
      I have sent the tcl file at the gmail id .Please guide a bit

      Delete
    9. Sir,
      Me too got the same error what @soma got. The modification in aodv.c and aodv.cc doesnot reflet in tcl output. please guide me

      Delete
    10. @Sonikha, if you have read this, you should have been read solution for this error too. if not,
      if(strcmp(argv[1], " flooder ") == 0).
      You used space in the flooder string. It should be like this, if(strcmp(argv[1], "flooder") == 0).
      if you are still facing the error, just post the error comments.

      Delete
  4. please can you contact me i work in same work this is my email i like to know more aboute this attack thank you . simo.otmani@gmail.com

    ReplyDelete
    Replies
    1. what do you want to know about flooding...???

      Delete
  5. Hello Karthick I need a tcl script to simulate a wired network with flooding DDos attack...Thanks

    ReplyDelete
  6. @rajeshwar, ns-2.35/tcl/ex/flooding.tcl file will work good.

    ReplyDelete
  7. Sir,
    the problem is solved by modifying some of these things :
    1 ) In aodv.h
    //Protected
    int initialized() { return 1 && target_; }
    bool flooder; /*add this In line 223*/
    2 ) In aodv.cc
    int AODV::command(int argc, const char*const* argv) {
    .......
    /*add this line */ if(strcmp(argv[1], "malicious") == 0) {
    //if(strncasecmp(argv[1], " flooder ") == 0) {
    flooder = true; // add this
    return TCL_OK; //add this
    }
    3 ) In tcl file add this
    $ns at 0.0 "[$n0 set ragent_] malicious"


    For rest the changes are as according which you suggested above in your blog

    ReplyDelete
  8. @soma, Its nice to hear you find out solution for your problem. though i find out the problem in your file.so, you did the mistake here
    if(strcmp(argv[1], " flooder ") == 0).
    You used space in the flooder string. It should be like this, if(strcmp(argv[1], "flooder") == 0).
    no need to change anything else. If its helpful.

    ReplyDelete
  9. Hi sir
    how can i modify agent->FloodRREQ(99) for my simulation

    ReplyDelete
  10. @mouna, What are your requirements...??? What are you trying...???

    ReplyDelete
  11. sir can you please guide me for flooding in wireless sensor network code..

    ReplyDelete
  12. sir can you help to remove this errors

    aodv/aodv.cc: In member function ‘virtual void FloodTimer::handle(Event*)’:
    aodv/aodv.cc:203:54: error: invalid operands of types ‘’ and ‘int’ to binary ‘operator==’
    aodv/aodv.cc: In member function ‘void AODV::forward(aodv_rt_entry*, Packet*, double)’:
    aodv/aodv.cc:1115:33: warning: suggest parentheses around ‘&&’ within ‘||’ [-Wparentheses]
    aodv/aodv.cc: In member function ‘void AODV::FloodRREQ(nsaddr_t)’:
    aodv/aodv.cc:1311:61: error: ‘num’ was not declared in this scope
    aodv/aodv.cc:1288:56: warning: unused variable ‘rt’ [-Wunused-variable]
    aodv/aodv.cc: At global scope:
    aodv/aodv.cc:46:12: warning: ‘extra_route_reply’ defined but not used [-Wunused-variable]
    aodv/aodv.cc:47:12: warning: ‘limit_route_request’ defined but not used [-Wunused-variable]
    make: *** [aodv/aodv.o] Error 1

    ReplyDelete
    Replies
    1. check properly the parenthesis and put it in the parenthesis( you need to check it and close it propoerly )... after this run i) make clean ii) make

      Delete
  13. INITIALIZE THE LIST xListHead
    ns: _o17 flooder:
    (_o17 cmd line 1)
    invoked from within
    "_o17 cmd flooder"
    invoked from within
    "catch "$self cmd $args" ret"
    invoked from within
    "if [catch "$self cmd $args" ret] {
    set cls [$self info class]
    global errorInfo
    set savedInfo $errorInfo
    error "error when calling class $cls: $args" $..."
    (procedure "_o17" line 2)
    (SplitObject unknown line 2)
    invoked from within
    "_o17 flooder"
    please hellp me with this error

    ReplyDelete
  14. can anyone help me on this
    please

    ReplyDelete
    Replies
    1. look above the comments published earlier by me and try it out... your problem will be solved

      Delete
    2. @soma I don't understand how to run this in NS2. All I know is how to run the standard AODV using a .tcl file. Can you please explain how to run this in steps?

      Delete
    3. @Victor Refer this post http://karthicksivakrr.blogspot.in/2013/11/ns2-tips.html

      Delete
  15. @Karthick Siva, I feels that the number of packet sent and recieved count during flooding attack, should be taken at RTR(Network layer) from tr file, the number of packet sent and recieved count during without flooding attack, should be taken at AGT(Application layer) from tr file.......then only we can compare the flooding attack...is it so?????

    ReplyDelete
  16. @siddu, flooding attack can be found by the number of RREQs send by a node to other node within a period. You meant finding the flooder node right...? Hope, it helps.

    ReplyDelete
  17. Hi there i did all the things it explains but still the tcl file run but without the run of nam so nothing happened please could anybody help me.

    ReplyDelete
  18. @Reem kadi, there isn't much info. Is your nam not running or are you getting any errors...???

    ReplyDelete
  19. sir,
    Is it possible to detect sip flooding attack using ns2 tool?

    ReplyDelete
  20. @Ranjini Ramachandran, can you give me a short brief about sip flooding attack.? SIP is application level protocol isn't it...???

    ReplyDelete
  21. This comment has been removed by the author.

    ReplyDelete
    Replies
    1. @Naveen, i thing you can do that. Just visualise the functionality of dymo protocol and then apply the same what we have done for AODV protocol. Hope this helps in a way.

      Delete
  22. This comment has been removed by the author.

    ReplyDelete
  23. @Naveen, no one going to provide code for your needs. You gotta connect everything and for calculating trust, i guess you already have well defined reasonable formula. if not, go through some of the IEEE, ACM trust papers. Choosing path which is trustable, i guess this needs well defined idea. That said, excluding malicious path is an easy one. and i am glad, you have done your work on your own.

    ReplyDelete
  24. This comment has been removed by the author.

    ReplyDelete
  25. Hai,
    im new to NS2.Do we want to make the modifications in the same aodv.cc file or in a copy of it?.Are there any steps after that?

    ReplyDelete
    Replies
    1. @Thanu, you need to change the existing aodv files like you want them to be. Need more, leave a reply.

      Delete
    2. @Thanu, you have asked the link between tclscript and aodv, I will try to answer as simple as I can. Tclscript is for animation/simulation. In tclscript we use aodv for routing purpose. Whatever changes you do in aodv, it will affect the routing related process only. Hope this helps...

      Delete
    3. Ok.I have gone through the aodv.cc file and found it tedious to understand some parts of the code.Can you explain the above code briefly?Also
      $ns at 0.0 "[$node_(0) set ragent_] flooder"
      By adding this code in tcl file how the node is set malicious?

      Delete
    4. @Thanu, in simple words, these are tcl script which are linked with cc files arguments. =>
      int AODV::command(int argc, const char*const* argv) => This is how, we can a set a node as flooder or malicious=> This is how we pass arguments from tcl to cc file; Its not much, but i think, its enough to start.

      Delete
  26. Hi,
    How can we get throughput and packet delivery ratio in ns2?

    ReplyDelete
    Replies
    1. Aren't these things calculated using formula...? If you knew the formula, you are asking for how can I calculate no of packets successfully transferred like that things, for that see the post "How to monitor neighbour nodes", you will find what you need. Hope this helps.

      Delete
  27. I'm new to ns2.I executed the above code and viewed the simulation.But i was not clear about the actual changes that are taking place compared to the normal aodv?How can we analyse the performance of the attacked aodv with the normal aodv?..To be more clear how we will know flooding has occured.?

    ReplyDelete
    Replies
    1. @Radhika J, In simulation, you can see a node(flooder) continuously sending RREQ packet to a node which is doesn't exist. You can see the broadcasting. Visually, you can see the circle's from the node. Got the point ?

      Delete
  28. Hello +Karthick C !!! Your blog very great. I am researching about attack in MANET. Your article help me so much. Can you help me creation of wormhole attack in NS2 AODV? thank you so much!!! good day for you!!!

    ReplyDelete
    Replies
    1. @Biran Tran, i am glad, you found it helpful. I wish, i tried that too. But i havn't tried wormhole attack. All the best to you.

      Delete
    2. my ns2 code is work!
      thank you so much!

      Delete
  29. Ok... thank you Karthick.Actually we are trying to implement solution to avoid the flooding and thats what our project is..could you send me your email Id so that i can give you more details regarding our work..

    ReplyDelete
    Replies
    1. @Thanu, i think, somewhere in the google+ aodv post's comment section, i already discussed about prevention algo. probably with @amatek. Look into it. If you still need to discuss, karthicksivakrr@gmail.com.

      Delete
  30. Hello Sir,
    I exactly try as above mentioned but in my case i m not getting any error and simulation doesnot show any flooding here is my full code --> http://www.heypasteit.com/clip/1OOC

    ReplyDelete
    Replies
    1. I even mail you all code file of mine

      Delete
    2. @Kirtesh, As per our conversation, i believe you haven't set the path after installing ns2. Thats what causing this; just you can't see the changes; even a single printf statement; read this => http://karthicksivakrr.blogspot.in/2013/11/ns2-tips_27.html. For compiling aodv read this => http://karthicksivakrr.blogspot.in/2013/11/ns2-tips.html. Hope this helps; if not, you know where to find me. Kindly remove the link to your code in the above comment, i guess its kinda discourage to the newbie to try on their own. Good luck;

      Delete
  31. Did I need to include aodv.h in tcl script I am not getting how to make it work please help

    ReplyDelete
    Replies
    1. No need; just the flooder statement will be enough.

      Delete
  32. I am thinking how to detect and fight flooding attack in AODV, can you suggest me? thank you so much

    ReplyDelete
  33. I believe, I already discussed about this with someone in google+ post comments section... All the best...

    ReplyDelete
  34. can you please tell me which is the best method for detection and prevention of flooding attack ????

    ReplyDelete
  35. can you please tell me which is the best method for detection and prevention of flooding attack ????

    ReplyDelete
  36. can you please tell me which is best method for detection and prevention of flooding attack??

    ReplyDelete
  37. can you please tell me the method for detection and prevention of flooding attack in aodv??

    ReplyDelete
  38. can you please tell me the method for detection and prevention of flooding attack in aodv??

    ReplyDelete
  39. How to set priority or threshold for neighbouring nodes in AODV?

    ReplyDelete
  40. Hello Mr. Karthick C,
    I did these modification step by step. When i set a node as malicious no changes are made, this node behave like a legitimate node, it sends a normal rate of RREQ packets. I verified that using AWK, by computing the number of sent RREQ messages during a period. Can you help me to solve this problem, i try to find the appropriate modification to simulate RREQ flooding or Data flooding attacks in AODV-based MANETs.

    Kind regards,
    Mohammad

    ReplyDelete

Thanks & Regrds,
Karthick SIva