How to Implement Hello Flood Attack in NS2

 

To implement the Hello Flood Attack is a kind of denial-of-service (DoS) attack within the wireless sensor networks (WSNs) in which an attacker broadcasts an enormous number of “HELLO” packets including the high transmission power, tricking legitimate nodes into trusting the attacker is its neighbour. Consequently, the nodes are waste resources trying to ascertain the connections with the attacker, causing network disruption.

To execute a Hello Flood Attack in the simulation NS2, we want to mimic the situation in which the malicious node delivers excessive hello messages to the legitimate nodes. It includes set up the malicious node to send excessive or forged hello packets, and monitoring the outcomes of the network performance. Below is a procedure that implementing the hello flood attack in NS2:

Steps to Implement Hello Flood Attack in NS2:

  1. Set Up the Network Topology:
  • Describe several wireless nodes within the network to signify the legitimate sensor nodes.
  • Append a malicious node which will broadcast a large number of hello messages to their neighbouring nodes.
  1. Use a Routing Protocol that Utilizes Hello Messages:
  • These protocols such as AODV or DSR can be set up for wireless networks, and it frequently use the hello messages for neighbour discovery.
  • Alter the AODV protocol or setup the malicious node to transmission hello messages endlessly, and mimicking the hello flood attack.
  1. Configure the Malicious Node:
  • The malicious node will overflow the network with too much hello messages. We can replicate this node by delivering continuous routing packets such as AODV hello messages to all nodes in the network.
  1. Monitor the Impact of the Attack:
  • Monitor how legitimate nodes perform under the hello flood attack and the expected result is that legitimate nodes may become overloaded including the routing information, and outcome in packet loss, delays, or even network partitioning.

Tcl Script Example for Hello Flood Attack:

# Create a new simulator

set ns [new Simulator]

# Open trace and nam files for output

set tracefile [open out.tr w]

set namfile [open out.nam w]

$ns trace-all $tracefile

$ns namtrace-all-wireless $namfile 500 500

# Define wireless topology (Topography)

set topo [new Topography]

$topo load_flatgrid 500 500

# Configure the wireless channel

create-god 4

# Node configuration: AODV as routing protocol

$ns node-config -adhocRouting AODV \

-llType LL \

-macType Mac/802_11 \

-ifqType Queue/DropTail/PriQueue \

-ifqLen 50 \

-antType Antenna/OmniAntenna \

-propType Propagation/TwoRayGround \

-phyType Phy/WirelessPhy \

-channelType Channel/WirelessChannel \

-topoInstance $topo \

-agentTrace ON \

-routerTrace ON \

-macTrace OFF \

-movementTrace OFF

# Define nodes

set n0 [$ns node]  ;# Legitimate Node 1

set n1 [$ns node]  ;# Legitimate Node 2

set n2 [$ns node]  ;# Legitimate Node 3

set n3 [$ns node]  ;# Malicious node (attacker)

# Set node positions

$ns at 0.0 “$n0 setdest 100 200 0”

$ns at 0.0 “$n1 setdest 200 300 0”

$ns at 0.0 “$n2 setdest 300 400 0”

$ns at 0.0 “$n3 setdest 150 250 0”

# Create UDP traffic between n0 and n1

set udp0 [new Agent/UDP]

set null0 [new Agent/Null]

$ns attach-agent $n0 $udp0

$ns attach-agent $n1 $null0

$ns connect $udp0 $null0

# Create a CBR traffic source to generate legitimate traffic

set cbr [new Application/Traffic/CBR]

$cbr attach-agent $udp0

$cbr set packetSize_ 512

$cbr set interval_ 0.1

$ns at 1.0 “$cbr start”

# Malicious Node Behavior: Broadcast Hello Messages

# Attacker node (n3) will continuously broadcast hello messages

proc malicious_behavior {node} {

global ns

set helloAgent [new Agent/UDP]  ;# Using UDP for hello message simulation

$ns attach-agent $node $helloAgent

set helloCBR [new Application/Traffic/CBR]

$helloCBR attach-agent $helloAgent

$helloCBR set packetSize_ 64

$helloCBR set interval_ 0.01  ;# High rate to simulate flooding

$ns at 1.5 “$helloCBR start”

puts “Malicious node is flooding hello messages.”

}

# Start the Hello Flood Attack

$ns at 2.0 “malicious_behavior $n3”

# End simulation

$ns at 10.0 “finish”

proc finish {} {

global ns tracefile namfile

$ns flush-trace

close $tracefile

close $namfile

exit 0

}

# Run the simulation

$ns run

Explanation of the Script:

  • Nodes:
    • The nodes n0, n1, and n2 are legitimate wireless nodes.
    • Node n3 is the malicious node that executes the hello flood attack.
  • Traffic:
    • A legitimate CBR (Constant Bit Rate) traffic source that make among the nodes n0 and n1 to replicate the normal communication.
  • Malicious Behaviour:
    • The malicious node n3 begins flooding the network including the hello-like messages by delivering high-frequency UDP packets to all nodes. It mimickes the Hello Flood Attack.
    • The high frequency and small packet size (64 bytes) are denote the hello messages normally used in routing protocols such as AODV.
  • Analysis:
    • We can estimate the trace file (out.tr) to monitor the network’s performance, after the simulation ends. We can verify whether legitimate nodes affect from improved delays, packet loss, or reduced throughput because of the attack.
    • We can use the NAM (Network Animator) to envision the attack and these effect on the network.

Steps to Analyse the Hello Flood Attack:

  1. Trace File Analysis:
    • Analysis the trace file that to monitor how the legitimate nodes such as n0, n1, and n2 are  manage the hello messages transmission by the attacker.
    • Observe for signs of network congestion or packet drops by reason of the malicious behaviour.
  2. Impact on Throughput:
    • Compute the throughput of the communication among the nodes n0 and n1 to monitor how it varies before and after the attack starts.
    • A predictable behaviour is reduce in throughput as the legitimate nodes become overcome by the flood of hello messages.
  3. Use Network Animator (NAM):
    • To envision the performance of the network using NAM to monitor how the hello flood impacts the communication among the nodes.

Variations of the Attack:

  • Change the Flooding Rate: Modify the interval that the malicious node transmissions hello messages to emulate various intensities of the attack.
  • Multiple Malicious Nodes: Launch more than one attacker node to replicate a more dispersed hello flood attack.
  • Protocol-Specific Flooding: Alter the AODV or DSR protocol to directly operate the hello message broadcasting for a more realistic attack simulation.

Overall, we had effectively described the techniques regarding Hello Flood attack which are implemented and simulated in NS2. We will be provided entire procedure and informations, if required.

We are here to assist you in implementing your Hello Flood Attack in NS2. For tailored solutions, visit ns2project.com. Our team provides simulation support, focusing on nodes relevant to your project specifications.