How to implement teardrop attack in OMNeT++

To implement the teardrop attack in OMNeT++ has several steps. The term teardrop attack is one of the common types of denial-of-service (DoS) attack that exploits the way uneven IP packets are collected. The attack transfer the fragmented packets with overlapping offset fields that impact the target system to crash or behave unpredictably when it attempts to reassemble them. The below are the brief procedures on how to implement ateardrop attack in OMNeT++ using the INET framework:

Step-by-Step Implementation:

1. Set up OMNeT++ and INET Framework

• Make sure that OMNeT++ and the INET framework are installed and configured correctly. The INET framework delivers the required modules for emulating the network protocols has contain IP fragmentation and reassembly.

2. Define the Network Topology

• Generate a network topology in a .ned file that contains a client, server, router, and an attacker node. The attacker node will transfer the malformed fragmented packets to the server.

Example:

network TeardropAttackNetwork

{

submodules:

client: StandardHost;

server: StandardHost;

router: Router;

attacker: StandardHost;

connections:

client.ethg++ <–> Eth10G <–> router.ethg++;

attacker.ethg++ <–> Eth10G <–> router.ethg++;

router.ethg++ <–> Eth10G <–> server.ethg++;

}

• The attacker node is connected to the network and will be liable for sending fragmented packets to the server to perform the teardrop attack.

3. Create a Custom Teardrop Attack Module

• To mimic a teardrop attack, we need to generate a custom C++ module that makes fragmented IP packets with overlapping offsets.

Example C++ code for a custom teardrop attack module:

#include <omnetpp.h>

#include “inet/common/packet/Packet.h”

#include “inet/networklayer/contract/ipv4/Ipv4Header_m.h”

#include “inet/applications/base/ApplicationPacket_m.h”

using namespace omnetpp;

using namespace inet;

class TeardropAttack : public cSimpleModule

{

protected:

virtual void initialize() override;

virtual void handleMessage(cMessage *msg) override;

void sendTeardropFragmentedPacket();

};

void TeardropAttack::initialize()

{

// Schedule the first packet to be sent

scheduleAt(simTime() + par(“startTime”), new cMessage(“sendTeardropPacket”));

}

void TeardropAttack::handleMessage(cMessage *msg)

{

if (msg->isSelfMessage()) {

sendTeardropFragmentedPacket();

scheduleAt(simTime() + par(“interval”), msg);  // Continuously send fragmented packets

} else {

delete msg;

}

}

void TeardropAttack::sendTeardropFragmentedPacket()

{

// Create a packet that will be fragmented

auto payload = makeShared<ApplicationPacket>();

payload->setChunkLength(B(1024));  // Original packet size

auto packet = new Packet(“TeardropPacket”);

packet->insertAtBack(payload);

// Create the first fragment

auto fragment1 = packet->dup();

auto ipv4Header1 = makeShared<Ipv4Header>();

ipv4Header1->setIdentification(1);  // All fragments have the same ID

ipv4Header1->setFragmentOffset(0);  // First fragment offset

ipv4Header1->setMoreFragments(true);  // Indicate more fragments

ipv4Header1->setChunkLength(B(20));  // IP header length

fragment1->insertAtFront(ipv4Header1);

fragment1->setName(“Fragment1”);

// Send the first fragment

send(fragment1, “out”);

// Create the second fragment with an overlapping offset

auto fragment2 = packet->dup();

auto ipv4Header2 = makeShared<Ipv4Header>();

ipv4Header2->setIdentification(1);  // Same ID as the first fragment

ipv4Header2->setFragmentOffset(200);  // Overlapping offset with the first fragment

ipv4Header2->setMoreFragments(false);  // Last fragment

ipv4Header2->setChunkLength(B(20));  // IP header length

fragment2->insertAtFront(ipv4Header2);

fragment2->setName(“Fragment2”);

// Send the second fragment

send(fragment2, “out”);

 

delete packet;  // Clean up the original packet

}

Define_Module(TeardropAttack);

• This module simulates the creation and transmission of IP packets that are fragmented in a way that affects overlapping fragments, which is featured for teardrop attack.

4. Configure the Attacker Node

• In .ini file, configure the attacker node to use the teardrop attack module.

Example configuration in omnetpp.ini:

*.attacker.numApps = 1

*.attacker.app[0].typename = “TeardropAttack”

*.attacker.app[0].startTime = 1s

*.attacker.app[0].interval = 0.5s  // Interval between sending fragmented packets

• startTime determines when the teardrop attack starts.
• interval sets how frequently fragmented packets are sent.

5. Configure the Server Node

• The server node should be configured to receive and attempt to reassemble incoming traffic. The overlapping fragments sent by the attacker affect the server to misbehave.

Example:

*.server.numApps = 1

*.server.app[0].typename = “UdpSink”  // or another application to receive the packets

*.server.app[0].localPort = 5000

• The server is set up to receive fragmented packets and attempt to reassemble them.

6. Run the Simulation

• Compile and run OMNeT++ simulation. The attacker node will start transferring the  malformed, overlapping fragmented packets to the server, simulating the teardrop attack.

7. Analyse the Results

• Use OMNeT++’s analysis tools to observe the cause of the teardrop attack. Focus on whether the server experiences difficulties like crashes, packet loss, or high CPU usage because of reassembly of the malformed packets.
• Observe how the network and the server behave under the attack, and whether the attack affect any noticeable disruption.

8. Enhancements and Variations

• Varying Fragmentation Patterns: investigating the various fragmentation patterns, like varying the size of overlaps or the number of fragments, to see how they cause the server.
• Defensive Mechanisms: To execute and verify network defences, like reassembly timeouts or checksums, to prevent the effects of teardrop attacks.
• Distributed Attack: Simulate multiple attacker nodes coordinating a dispersed version of the teardrop attack to overcome the target more efficiently.

Example Files

We should produce the following files as part of simulation:

• TeardropAttackNetwork.ned: Defines the network topology.
• omnetpp.ini: Contains configuration settings for the teardrop attack simulation.
• TeardropAttack.cc: Custom C++ code for the teardrop attack module.

In the entire page, we understand how the teardrop attack can implement and analyse the outcomes using the OMNeT++ tool that has generate the topology then it configures the attack simulation and finally implement the teardrop attack module in the C++ language. Additionally if you need more details about how the tear drop will perform in other simulation we will support and provide that too. Find top project ideas and topics about teardrop attacks in OMNeT++. The implementation of teardrop attacks in the OMNeT++ program is done by omnet-manual.com. We offer excellent simulation results and clear explanations for your projects.