How to Implement Packet Injection in NS2

 

To implement the Packet injection in NS2 (Network Simulator 2) that comprises introducing extra packets into the network, normally by a malicious node, to simulate the network attacks, testing, or particular situations such as changing the traffic patterns. It can be completed using a malicious node which sends packets into an ongoing communication among other nodes. Given below is a basic procedure to implement this in ns2:

Steps to Implement Packet Injection in NS2:

  1. Set up the network topology: Make a nodes with source nodes and destination nodes for legitimate traffic, and one or more nodes that will inject packets into the network.
  2. Simulate normal traffic: Set up the legitimate communication among the source nodes and destination nodes.
  3. Inject additional packets: The malicious node injects additional packets into the network.
  4. Capture and analyse traffic: Find the simulation to monitor the injected traffic and its impacts on the network.

Example TCL Script for Packet Injection in NS2

In this sample, we mimic a legitimate traffic among the two nodes, and a third malicious node injects extra packets into the network.

  1. Set up the Network Topology

# Create a new simulator instance

set ns [new Simulator]

# Open trace and nam files

set tracefile [open “packet_injection_trace.tr” w]

$ns trace-all $tracefile

set namfile [open “packet_injection.nam” w]

$ns namtrace-all-wireless $namfile

# Define network nodes

set n0 [$ns node]   ;# Source node (legitimate)

set n1 [$ns node]   ;# Destination node (legitimate)

set n2 [$ns node]   ;# Malicious node (injecting packets)

# Create a UDP connection between n0 and n1 (legitimate traffic)

set udp0 [new Agent/UDP]

set null0 [new Agent/Null]

$ns attach-agent $n0 $udp0

$ns attach-agent $n1 $null0

$ns connect $udp0 $null0

# Create a CBR application to simulate normal traffic

set cbr0 [new Application/Traffic/CBR]

$cbr0 set packetSize_ 512

$cbr0 set rate_ 128Kb

$cbr0 attach-agent $udp0

# Function to simulate packet injection by a malicious node (n2)

proc packet_injection { attacker target } {

global ns

# Create UDP agents for the attacker (injecting packets)

set udp_attacker [new Agent/UDP]

set null_attacker [new Agent/Null]

$ns attach-agent $attacker $udp_attacker

$ns attach-agent $target $null_attacker

$ns connect $udp_attacker $null_attacker

# Create CBR traffic for the packet injection

set cbr_injection [new Application/Traffic/CBR]

$cbr_injection set packetSize_ 512

$cbr_injection set rate_ 512Kb   ;# Higher rate for the injected traffic

$cbr_injection attach-agent $udp_attacker

# Start sending injected packets

$ns at 2.0 “$cbr_injection start”

$ns at 4.0 “$cbr_injection stop”

}

# Start legitimate traffic

$ns at 1.0 “$cbr0 start”

$ns at 5.0 “$cbr0 stop”

# Schedule the packet injection from malicious node n2 targeting n1

$ns at 2.0 “packet_injection $n2 $n1”

# Define finish procedure

proc finish {} {

global ns tracefile namfile

$ns flush-trace

close $tracefile

close $namfile

exec nam packet_injection.nam &

exit 0

}

# End the simulation at 6.0 seconds

$ns at 6.0 “finish”

# Run the simulation

$ns run

Explanation of the Script:

  1. Legitimate Traffic:
    • A UDP connection is ascertained among the source node n0 and the destination node n1.
    • The CBR (Constant Bit Rate) application produces traffic from source node n0 to destination node n1 at a rate of 128 Kbps, mimicking normal traffic.
  2. Malicious Traffic (Packet Injection):
    • The malicious node (n2) is injects extra packets into the network, forwarding them to node n1 (target) at a higher rate (512 Kbps) to replicate a network attack or intrusion.
    • The packet_injection function configures a CBR application on the attacker node that begins at time 2.0 seconds and stops at 4.0 seconds.
  3. Trace Files and Visualization:
    • The simulation logs all network events to the trace file (packet_injection_trace.tr) that can be evaluated to monitor the impacts of packet injection.
    • To visualize the network by using the NAM file (packet_injection.nam) and the injected packets in the NAM network animator.
  1. Customizing the Packet Injection
  2. a) Injecting Different Packet Types:

We can change the script to inject various kinds of packets like TCP packets rather than UDP.

Replace the UDP agent with a TCP agent to simulate a various kinds of injected traffic:

set tcp_attacker [new Agent/TCP]

set tcp_sink [new Agent/TCPSink]

$ns attach-agent $attacker $tcp_attacker

$ns attach-agent $target $tcp_sink

$ns connect $tcp_attacker $tcp_sink

  1. b) Varying the Traffic Rate and Duration:

We can modify the rate and period of the injected traffic to replicate various scenarios like high-bandwidth attacks or short bursts of injected packets.

For instance, to simulate a burst of injected packets:

$cbr_injection set rate_ 10Mb   ;# Very high rate for short burst

$ns at 2.5 “$cbr_injection start”

$ns at 2.6 “$cbr_injection stop”  ;# Short duration burst

  1. c) Multiple Attackers:

We can launch more malicious nodes to mimic a distributed attack in which several attackers inject packets into the network.

set n3 [$ns node]

$ns at 2.0 “packet_injection $n3 $n1”  ;# Second attacker

  1. d) Simulating Denial of Service (DoS):

We can simulate a DoS attack by maximizing the rate of injected traffic to overcome the target node (n1).

$cbr_injection set rate_ 5Mb  ;# Overwhelm the target with high traffic rate

  1. Analysing the Packet Injection Attack

We can evaluate the trace file to monitor the impact of the packet injection on network performance, after the simulation. Given below are some ways to estimate the attack:

  • Packet loss: Verify if any legitimate packets were lost because of congestion caused by the injected packets.
  • Network congestion: Compute the latency or jitter in legitimate traffic by reason of the injected traffic.
  • Throughput: Investigate the throughput at the target node to observe how much of the traffic consists of injected packets.
  1. Advanced Features (Optional)
  2. a) Traffic Redirection:

We can mimic traffic redirection attacks in which the attacker node injects packets that redirect traffic from the legitimate communication channel.

  1. b) Packet Tampering:

We can change the payload of injected packets to replicate the tampering attacks in which the malicious node changes legitimate traffic.

  1. c) Stealthy Packet Injection:

We can decrease the rate of injected packets and spread them across a long period to mimic a stealthy attack that is harder to detect.

$cbr_injection set rate_ 64Kb   ;# Low rate for stealthy injection

We systematically carried out a detailed process on Packet Injection, with deployment and examine done through the simulation tool NS2. Additional informations regarding this topic will be shared, if required.

Receive personalized support for implementing Packet Injection in NS2. We provide you with network analysis insights for your projects, so feel free to send us all your project details for further assistance.