Short Note on Flooding Attack :
Malicious Node will create a more no of RREQ to a node, which is even doesn't exist in the network topology. This is how malicious node, start to flood the request in the network. The purpose of this attack is to consume the network bandwidth and to exhaust the network resources all the time.
Steps :
> In aodv.h,
i) #define FLOOD_INTERVAL 0.09
ii) Add this, after BroadcastTimer class
class FloodTimer : public Handler
{
public:
FloodTimer(AODV* a): agent(a){}
void handle(Event*);
private:
AODV *agent;
Event intr;
};
iii) class AODV: public Agent
{
...........
...........
friend class FloodTimer;
...........
Protected:
............
/*
* Packet TX Routines
*/
void FloodRREQ(nsaddr_t dst);
............
nsaddr_t index; // IP Address of this node
u_int32_t seqno; // Sequence Number
int bid; // Broadcast ID
bool flooder;
/*
* Timers
*/
FloodTimer ftimer;
............
};
> In aodv.cc,
i) int AODV::command(int argc, const char*const* argv)
{
if(argc == 2)
{
Tcl& tcl = Tcl::instance();
if(strncasecmp(argv[1], "id", 2) == 0)
{
tcl.resultf("%d", index);
return TCL_OK;
}
if(strcmp(argv[1], "flooder") == 0)
{
flooder = true;
return TCL_OK;
}
if(strncasecmp(argv[1], "start", 2) == 0)
{
........
ftimer.handle((Event*) 0);
........
}
........
}
..........
}
ii) Add ftimer(this) and flooder = false,
AODV::AODV(nsaddr_t id) : Agent(PT_AODV),
btimer(this), htimer(this), ntimer(this),
rtimer(this), lrtimer(this), ftimer(this), rqueue()
{
........
flooder=false;
........
}
iii) In Timers, add FloodTimer()
void FloodTimer::handle(Event*)
{
if (agent->flooder==true)
{
agent->FloodRREQ(99);
// index will be a attacker, flood attacker !
}
Scheduler::instance().schedule(this, &intr, FLOOD_INTERVAL);
}
iv) After void AODV::SendRequest(nsaddr_t dst) function add this,
void AODV::FloodRREQ(nsaddr_t dst)
{
Packet *p = Packet::alloc();
struct hdr_cmn *ch = HDR_CMN(p);
struct hdr_ip *ih = HDR_IP(p);
struct hdr_aodv_request *rq = HDR_AODV_REQUEST(p);
aodv_rt_entry *rt = rtable.rt_lookup(dst);
printf("\n***** 'in FloodRREQ' at node::%d*****\n",index);
// rtable.rt_display(index);
// Fill out the RREQ packet
// ch->uid() = 0;
ch->ptype() = PT_AODV;
ch->size() = IP_HDR_LEN + rq->size();
ch->iface() = -2;
ch->error() = 0;
ch->addr_type() = NS_AF_NONE;
ch->prev_hop_ = index;
ih->saddr() = index;
ih->daddr() = IP_BROADCAST;
ih->sport() = RT_PORT;
ih->dport() = RT_PORT;
ih->ttl_ = NETWORK_DIAMETER;
rq->rq_type = AODVTYPE_RREQ;
rq->rq_hop_count = 1;
rq->rq_bcast_id = bid++;
rq->rq_dst = dst;
static int flood=0,num=0;
if(flood==0)
{
num=(rt ? rt->rt_seqno : 0);
flood=1;
}
rq->rq_dst_seqno = num;
rq->rq_src = index;
seqno += 2;
assert ((seqno%2) == 0);
rq->rq_src_seqno = seqno;
rq->rq_timestamp = CURRENT_TIME;
num=num+2;
Scheduler::instance().schedule(target_, p, 0.);
}
> In tcl file
i) At the end, add this code to make a node as flooder
$ns at 0.0 "[$node_(0) set ragent_] flooder"
Now, node 0 will create a RREQ to node 99 ( which doesn't exist in the network ) for every 0.09 seconds.
{
if(argc == 2)
{
Tcl& tcl = Tcl::instance();
if(strncasecmp(argv[1], "id", 2) == 0)
{
tcl.resultf("%d", index);
return TCL_OK;
}
if(strcmp(argv[1], "flooder") == 0)
{
flooder = true;
return TCL_OK;
}
if(strncasecmp(argv[1], "start", 2) == 0)
{
........
ftimer.handle((Event*) 0);
........
}
........
}
..........
}
ii) Add ftimer(this) and flooder = false,
AODV::AODV(nsaddr_t id) : Agent(PT_AODV),
btimer(this), htimer(this), ntimer(this),
rtimer(this), lrtimer(this), ftimer(this), rqueue()
{
........
flooder=false;
........
}
iii) In Timers, add FloodTimer()
void FloodTimer::handle(Event*)
{
if (agent->flooder==true)
{
agent->FloodRREQ(99);
// index will be a attacker, flood attacker !
}
Scheduler::instance().schedule(this, &intr, FLOOD_INTERVAL);
}
iv) After void AODV::SendRequest(nsaddr_t dst) function add this,
void AODV::FloodRREQ(nsaddr_t dst)
{
Packet *p = Packet::alloc();
struct hdr_cmn *ch = HDR_CMN(p);
struct hdr_ip *ih = HDR_IP(p);
struct hdr_aodv_request *rq = HDR_AODV_REQUEST(p);
aodv_rt_entry *rt = rtable.rt_lookup(dst);
printf("\n***** 'in FloodRREQ' at node::%d*****\n",index);
// rtable.rt_display(index);
// Fill out the RREQ packet
// ch->uid() = 0;
ch->ptype() = PT_AODV;
ch->size() = IP_HDR_LEN + rq->size();
ch->iface() = -2;
ch->error() = 0;
ch->addr_type() = NS_AF_NONE;
ch->prev_hop_ = index;
ih->saddr() = index;
ih->daddr() = IP_BROADCAST;
ih->sport() = RT_PORT;
ih->dport() = RT_PORT;
ih->ttl_ = NETWORK_DIAMETER;
rq->rq_type = AODVTYPE_RREQ;
rq->rq_hop_count = 1;
rq->rq_bcast_id = bid++;
rq->rq_dst = dst;
static int flood=0,num=0;
if(flood==0)
{
num=(rt ? rt->rt_seqno : 0);
flood=1;
}
rq->rq_dst_seqno = num;
rq->rq_src = index;
seqno += 2;
assert ((seqno%2) == 0);
rq->rq_src_seqno = seqno;
rq->rq_timestamp = CURRENT_TIME;
num=num+2;
Scheduler::instance().schedule(target_, p, 0.);
}
> In tcl file
i) At the end, add this code to make a node as flooder
$ns at 0.0 "[$node_(0) set ragent_] flooder"
Now, node 0 will create a RREQ to node 99 ( which doesn't exist in the network ) for every 0.09 seconds.
Please tell about the tcl file for flooding which has to be written after modifying the tcl files
ReplyDeletehello @soma, can you help me about tcl script?, when i run the tcl file, it error. thank you so much!!!
DeleteHow can i add more than 1 flooding node
ReplyDeleteyou only need to add another line in tcl file that's it.
Delete$ns at 0.0 "[$node_(0) set ragent_] flooder"
$ns at 0.0 "[$node_(4) set ragent_] flooder"
now, node 0 and node 4 will act as flooder.
Despite doing the above changes there is no flooding....throughput remains same in the absence and presence of attackers....Please tell why the flooding is not working despite incorporating all the changes
ReplyDelete@soma, did you set the path while installing ns2 ( after ./install ).
DeleteThe above code works fine. For setting path refer this link http://karthicksivakrr.blogspot.in/2013/11/ns2-tips_27.html
DeleteSir,
I have done all these stil the flooding does not work in the presence or absence of attackers...please check the wireless-flooding.tcl in tcl /ex files....if you calculate throughput it is the same in all cases...besides i have also done all the changes in the website and when i run the corresponding tcl file the flooding does not work....the presence of attackers in the tcl file by writing it with ragent does not do any work
Moreover when i add the following line $ns at 0.0 "[$node_(0) set ragent_] flooder" in the tcl code it shows error
num_nodes is set 25
INITIALIZE THE LIST xListHead
(_o5 cmd line 1)
invoked from within
"_o5 cmd at 0.0\" _o17 flooder\""
invoked from within
"catch "$self cmd $args" ret"
invoked from within
"if [catch "$self cmd $args" ret] {
set cls [$self info class]
global errorInfo
set savedInfo $errorInfo
error "error when calling class $cls: $args" $..."
(procedure "_o5" line 2)
(SplitObject unknown line 2)
invoked from within
"_o5 at 0.0\" _o17 flooder\""
("eval" body line 1)
invoked from within
"eval $scheduler_ at $args"
(procedure "_o3" line 3)
(Simulator at line 3)
invoked from within
"$ns at 0.0" [$n0 set ragent_] flooder""
(file "bla_ck.tcl" line 193)
So to remove the error i have to remove the space from the line $ns at 0.0 "[$node_(0) set ragent_] flooder" and remove all spaces and write it as :-
$ns at 0.0"[$node_(0) set ragent_]flooder"
When the line is written as above one then only the tcl file works , still the effect of modifying lines in the aodv.cc and aodv.h are not visible and there is no flooding
I have done all path settings still does not work....
Delete@soma can you post your tcl code...???
DeleteSir,
DeleteThe code is not getting posted here due to space constraint...any other source where i could post it
Sir,
DeleteAs suggested above in step (ii) in aodv.h where it is written to modify in the class AODV: public Tap,public Agent . I did not find the public Tap in the aodv.h file but as you have suggested to change in "class AODV: public Tap,public Agent" instead i changed in class AODV: public Agent.
So what to do about the public Tap...please suggest
@soma, Public Tap is not needed here.Its for monitoring neighbour nodes.You changed it correctly. I ll remove that from post, thanks for mentioning it. send your code to karthicksivakrr@gmail.com.
DeleteSir,
DeleteI have sent the tcl file at the gmail id .Please guide a bit
Sir,
DeleteMe too got the same error what @soma got. The modification in aodv.c and aodv.cc doesnot reflet in tcl output. please guide me
@Sonikha, if you have read this, you should have been read solution for this error too. if not,
Deleteif(strcmp(argv[1], " flooder ") == 0).
You used space in the flooder string. It should be like this, if(strcmp(argv[1], "flooder") == 0).
if you are still facing the error, just post the error comments.
please can you contact me i work in same work this is my email i like to know more aboute this attack thank you . simo.otmani@gmail.com
ReplyDeletewhat do you want to know about flooding...???
DeleteHello Karthick I need a tcl script to simulate a wired network with flooding DDos attack...Thanks
ReplyDelete@rajeshwar, ns-2.35/tcl/ex/flooding.tcl file will work good.
ReplyDeleteSir,
ReplyDeletethe problem is solved by modifying some of these things :
1 ) In aodv.h
//Protected
int initialized() { return 1 && target_; }
bool flooder; /*add this In line 223*/
2 ) In aodv.cc
int AODV::command(int argc, const char*const* argv) {
.......
/*add this line */ if(strcmp(argv[1], "malicious") == 0) {
//if(strncasecmp(argv[1], " flooder ") == 0) {
flooder = true; // add this
return TCL_OK; //add this
}
3 ) In tcl file add this
$ns at 0.0 "[$n0 set ragent_] malicious"
For rest the changes are as according which you suggested above in your blog
@soma, Its nice to hear you find out solution for your problem. though i find out the problem in your file.so, you did the mistake here
ReplyDeleteif(strcmp(argv[1], " flooder ") == 0).
You used space in the flooder string. It should be like this, if(strcmp(argv[1], "flooder") == 0).
no need to change anything else. If its helpful.
Hi sir
ReplyDeletehow can i modify agent->FloodRREQ(99) for my simulation
@mouna, What are your requirements...??? What are you trying...???
ReplyDeletesir can you please guide me for flooding in wireless sensor network code..
ReplyDeletesir can you help to remove this errors
ReplyDeleteaodv/aodv.cc: In member function ‘virtual void FloodTimer::handle(Event*)’:
aodv/aodv.cc:203:54: error: invalid operands of types ‘’ and ‘int’ to binary ‘operator==’
aodv/aodv.cc: In member function ‘void AODV::forward(aodv_rt_entry*, Packet*, double)’:
aodv/aodv.cc:1115:33: warning: suggest parentheses around ‘&&’ within ‘||’ [-Wparentheses]
aodv/aodv.cc: In member function ‘void AODV::FloodRREQ(nsaddr_t)’:
aodv/aodv.cc:1311:61: error: ‘num’ was not declared in this scope
aodv/aodv.cc:1288:56: warning: unused variable ‘rt’ [-Wunused-variable]
aodv/aodv.cc: At global scope:
aodv/aodv.cc:46:12: warning: ‘extra_route_reply’ defined but not used [-Wunused-variable]
aodv/aodv.cc:47:12: warning: ‘limit_route_request’ defined but not used [-Wunused-variable]
make: *** [aodv/aodv.o] Error 1
check properly the parenthesis and put it in the parenthesis( you need to check it and close it propoerly )... after this run i) make clean ii) make
DeleteINITIALIZE THE LIST xListHead
ReplyDeletens: _o17 flooder:
(_o17 cmd line 1)
invoked from within
"_o17 cmd flooder"
invoked from within
"catch "$self cmd $args" ret"
invoked from within
"if [catch "$self cmd $args" ret] {
set cls [$self info class]
global errorInfo
set savedInfo $errorInfo
error "error when calling class $cls: $args" $..."
(procedure "_o17" line 2)
(SplitObject unknown line 2)
invoked from within
"_o17 flooder"
please hellp me with this error
can anyone help me on this
ReplyDeleteplease
look above the comments published earlier by me and try it out... your problem will be solved
Delete@soma I don't understand how to run this in NS2. All I know is how to run the standard AODV using a .tcl file. Can you please explain how to run this in steps?
Delete@Victor Refer this post http://karthicksivakrr.blogspot.in/2013/11/ns2-tips.html
Delete@Karthick Siva, I feels that the number of packet sent and recieved count during flooding attack, should be taken at RTR(Network layer) from tr file, the number of packet sent and recieved count during without flooding attack, should be taken at AGT(Application layer) from tr file.......then only we can compare the flooding attack...is it so?????
ReplyDelete@siddu, flooding attack can be found by the number of RREQs send by a node to other node within a period. You meant finding the flooder node right...? Hope, it helps.
ReplyDeleteHi there i did all the things it explains but still the tcl file run but without the run of nam so nothing happened please could anybody help me.
ReplyDelete@Reem kadi, there isn't much info. Is your nam not running or are you getting any errors...???
ReplyDeletesir,
ReplyDeleteIs it possible to detect sip flooding attack using ns2 tool?
@Ranjini Ramachandran, can you give me a short brief about sip flooding attack.? SIP is application level protocol isn't it...???
ReplyDelete@Naveen, i thing you can do that. Just visualise the functionality of dymo protocol and then apply the same what we have done for AODV protocol. Hope this helps in a way.
ReplyDelete@Naveen, no one going to provide code for your needs. You gotta connect everything and for calculating trust, i guess you already have well defined reasonable formula. if not, go through some of the IEEE, ACM trust papers. Choosing path which is trustable, i guess this needs well defined idea. That said, excluding malicious path is an easy one. and i am glad, you have done your work on your own.
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteHai,
ReplyDeleteim new to NS2.Do we want to make the modifications in the same aodv.cc file or in a copy of it?.Are there any steps after that?
@Thanu, you need to change the existing aodv files like you want them to be. Need more, leave a reply.
Delete@Thanu, you have asked the link between tclscript and aodv, I will try to answer as simple as I can. Tclscript is for animation/simulation. In tclscript we use aodv for routing purpose. Whatever changes you do in aodv, it will affect the routing related process only. Hope this helps...
DeleteOk.I have gone through the aodv.cc file and found it tedious to understand some parts of the code.Can you explain the above code briefly?Also
Delete$ns at 0.0 "[$node_(0) set ragent_] flooder"
By adding this code in tcl file how the node is set malicious?
@Thanu, in simple words, these are tcl script which are linked with cc files arguments. =>
Deleteint AODV::command(int argc, const char*const* argv) => This is how, we can a set a node as flooder or malicious=> This is how we pass arguments from tcl to cc file; Its not much, but i think, its enough to start.
Hi,
ReplyDeleteHow can we get throughput and packet delivery ratio in ns2?
Aren't these things calculated using formula...? If you knew the formula, you are asking for how can I calculate no of packets successfully transferred like that things, for that see the post "How to monitor neighbour nodes", you will find what you need. Hope this helps.
DeleteI'm new to ns2.I executed the above code and viewed the simulation.But i was not clear about the actual changes that are taking place compared to the normal aodv?How can we analyse the performance of the attacked aodv with the normal aodv?..To be more clear how we will know flooding has occured.?
ReplyDelete@Radhika J, In simulation, you can see a node(flooder) continuously sending RREQ packet to a node which is doesn't exist. You can see the broadcasting. Visually, you can see the circle's from the node. Got the point ?
DeleteHello +Karthick C !!! Your blog very great. I am researching about attack in MANET. Your article help me so much. Can you help me creation of wormhole attack in NS2 AODV? thank you so much!!! good day for you!!!
ReplyDelete@Biran Tran, i am glad, you found it helpful. I wish, i tried that too. But i havn't tried wormhole attack. All the best to you.
Deletemy ns2 code is work!
Deletethank you so much!
Ok... thank you Karthick.Actually we are trying to implement solution to avoid the flooding and thats what our project is..could you send me your email Id so that i can give you more details regarding our work..
ReplyDelete@Thanu, i think, somewhere in the google+ aodv post's comment section, i already discussed about prevention algo. probably with @amatek. Look into it. If you still need to discuss, karthicksivakrr@gmail.com.
DeleteHello Sir,
ReplyDeleteI exactly try as above mentioned but in my case i m not getting any error and simulation doesnot show any flooding here is my full code --> http://www.heypasteit.com/clip/1OOC
I even mail you all code file of mine
Delete@Kirtesh, As per our conversation, i believe you haven't set the path after installing ns2. Thats what causing this; just you can't see the changes; even a single printf statement; read this => http://karthicksivakrr.blogspot.in/2013/11/ns2-tips_27.html. For compiling aodv read this => http://karthicksivakrr.blogspot.in/2013/11/ns2-tips.html. Hope this helps; if not, you know where to find me. Kindly remove the link to your code in the above comment, i guess its kinda discourage to the newbie to try on their own. Good luck;
DeleteDid I need to include aodv.h in tcl script I am not getting how to make it work please help
ReplyDeleteNo need; just the flooder statement will be enough.
DeleteI am thinking how to detect and fight flooding attack in AODV, can you suggest me? thank you so much
ReplyDeleteI believe, I already discussed about this with someone in google+ post comments section... All the best...
ReplyDeletecan you please tell me which is the best method for detection and prevention of flooding attack ????
ReplyDeletecan you please tell me which is the best method for detection and prevention of flooding attack ????
ReplyDeletecan you please tell me which is best method for detection and prevention of flooding attack??
ReplyDeletecan you please tell me the method for detection and prevention of flooding attack in aodv??
ReplyDeletecan you please tell me the method for detection and prevention of flooding attack in aodv??
ReplyDeleteHow to set priority or threshold for neighbouring nodes in AODV?
ReplyDeleteHello Mr. Karthick C,
ReplyDeleteI did these modification step by step. When i set a node as malicious no changes are made, this node behave like a legitimate node, it sends a normal rate of RREQ packets. I verified that using AWK, by computing the number of sent RREQ messages during a period. Can you help me to solve this problem, i try to find the appropriate modification to simulate RREQ flooding or Data flooding attacks in AODV-based MANETs.
Kind regards,
Mohammad