How to implement internet attacks in OMNeT++

To implement the internet attacks in OMNeT++ has needs to include mimicking numerous kinds of malicious activities that can aim various layers of the network stack like Man-in-the-Middle (MitM), Distributed Denial of Service (DDoS), or SQL injection attacks, Denial of Service (DoS).  It can support in studying the effects of such attacks on network performance, security, and resilience. The following process is to set up and mimic various types of internet attacks in OMNeT++ using the INET framework.

Step-by-Step Implementations:

1. Set up OMNeT++ and INET Framework

• Make sure that OMNeT++ and the INET framework are installed and correctly configured. The INET framework offers vital modules for internet protocol simulations, which we can encompass to model many attacks.

2. Define the Network Topology

• Generate a network topology in a .ned file that contains nodes representing clients, servers, routers, and attackers. This network topology can be used to mimic internet-based attacks.

Example:

network InternetAttackNetwork

{

submodules:

client: StandardHost;

server: StandardHost;

router1: Router;

router2: Router;

attacker: StandardHost;

connections:

client.ethg++ <–> Eth10G <–> router1.ethg++;

router1.ethg++ <–> Eth10G <–> router2.ethg++;

router2.ethg++ <–> Eth10G <–> server.ethg++;

attacker.ethg++ <–> Eth10G <–> router1.ethg++;

}

• The attacker node is associated to the network and will execute malicious activities aiming the client or server.

3. Implement Different Types of Internet Attacks
4. Denial of Service (DoS) Attack

• Objective: Overcome a server or network with a flood of requests, constructing it unavailable to legitimate users.
• Implementation: Configure the attacker node to send a huge number of needs to the server in a tiny period.

Example configuration:

*.attacker.numApps = 1

*.attacker.app[0].typename = “UdpBasicApp”

*.attacker.app[0].destAddr = “server”

*.attacker.app[0].localPort = 5000

*.attacker.app[0].messageLength = 1024B

*.attacker.app[0].sendInterval = 0.01s  # High frequency to simulate a flood

• The attacker sends a flood of UDP packets to the server, mimicking a DoS attack.

1. Distributed Denial of Service (DDoS) Attack

• Objective: Like to DoS but includes several compromised devices (bots) attacking a unique target.
• Implementation: Expand the DoS attack by adding various attacker nodes that handle to flood the target server.

Example:

network DDoSAttackNetwork

{

submodules:

bot1: StandardHost;

bot2: StandardHost;

bot3: StandardHost;

server: StandardHost;

router: Router;

connections:

bot1.ethg++ <–> Eth10G <–> router.ethg++;

bot2.ethg++ <–> Eth10G <–> router.ethg++;

bot3.ethg++ <–> Eth10G <–> router.ethg++;

router.ethg++ <–> Eth10G <–> server.ethg++;

}

• Configure to each bot similarly to the DoS attack, but coordinate them to attack at the same time.

1. Man-in-the-Middle (MitM) Attack

• Objective: Intercept and possibly alter communication among two parties without their knowledge.
• Implementation: Set up an attacker node that interrupts packets among the client and server, possibly altering or logging them.

Example implementation:

class MitMAttack : public cSimpleModule

{

protected:

virtual void initialize() override;

virtual void handleMessage(cMessage *msg) override;

};

void MitMAttack::initialize()

{

// No initialization needed

}

void MitMAttack::handleMessage(cMessage *msg)

{

cPacket *pkt = check_and_cast<cPacket *>(msg);

EV << “Intercepted packet: ” << pkt->getFullName() << ” of size ” << pkt->getByteLength() << ” bytes.\n”;

 

// Optionally modify the packet

// send(pkt, “out”);  // Forward the packet after logging or modification

}

Define_Module(MitMAttack);

• This module captures packets through the attacker and logs or changes them before forwarding.

1. SQL Injection Attack

• Objective: To insert malicious SQL queries, exploit vulnerabilities in a web application.
• Implementation: Mimic an attacker sending crafted requests to a web server, which includes malicious SQL code.

Example configuration:

*.attacker.numApps = 1

*.attacker.app[0].typename = “TcpBasicClientApp”

*.attacker.app[0].connectAddress = “server”

*.attacker.app[0].connectPort = 80

*.attacker.app[0].requestData = “GET /search?query=’ OR ‘1’=’1′ — HTTP/1.1\r\nHost: server\r\n\r\n”

*.attacker.app[0].sendInterval = 1s

• To the server the attacker sends HTTP requests with SQL injection payloads.

4. Run the Simulation

• Compile and run the OMNeT++ simulation. The attacker nodes will implement the configured attacks on the network.

5. Analyze the Results

• To observe the impact of the internet attacks by using OMNeT++’s built-in tools. Focus on metrics like server response time, packet lose, communication delays and network throughput.
• Observe how the attacks affect the availability, confidentiality and integrity of the network.

6. Enhancements and Variations

• Combination of Attacks: Mimic various kinds of attacks at the same time to learn their combined impact on the network.
• Defensive Mechanisms: Perform network defences like rate limiting, intrusion detection systems (IDS), or encryption, firewalls, and monitor their effectiveness against the attacks.
• Simulation of Real-World Scenarios: Model specific real-world internet attack scenarios like  during a high-traffic event coordinate DDoS attack

Example Files

We can make the following files as part of the simulation:

• InternetAttackNetwork.ned: States the network topology.
• omnetpp.ini: Encompasses configuration settings for the internet attacks.
• MitMAttack.cc: If we select to make one, custom C++ code for the Man-in-the-Middle attack.

Over this paper, we see numerous types of malicious activities, and gain more knowledge to execute various kinds of Internet Attacks in OMNeT++. Further details we will offer as per your requirements.