[ndnSIM] Flood a router with non existing content

Mohammad Nkrash Fhda mohammadnkrashfhda at gmail.com
Sat Sep 25 05:28:56 PDT 2021


Dear HADIBI ABDENNOUR and NDNSIM Team

in this example the network is very simple, you have one producer and two
subtree,  aech of them consist of gateway (border) router and two consumer
So to have more than 4 entries in PIT in the same topology you must to
increase number of the attacker in the same subtree, also increas the
number of the request that attraker must send every second


like this
for (int i = 0; i < 4; i++) {

      ndn::AppHelper consumerHelper("ns3::ndn::ConsumerCbr");
  if(i==0||  i==1){

    consumerHelper.SetAttribute("Frequency", StringValue("585"));
    }
    else {

    consumerHelper.SetAttribute("Frequency", StringValue("200"));
    }


    consumerHelper.SetPrefix("/root/" + Names::FindName(consumers[i]));
    consumerHelper.Install(consumers[i]);
  }


i adjust the number of request to 585 because after that the producer will
collapses and becomes unable to respond to requests
show the attached photo


On Fri, Sep 24, 2021 at 4:24 PM HADIBI ABDENNOUR via ndnSIM <
ndnsim at lists.cs.ucla.edu> wrote:

> Hi everyone,
> I'm trying to perform an Interest flooding attack by sending a large
> number of Interest packets to a data producer in order to flood PIT tables
> of  intermediate router using the code bellow, but the PIT size didnt
> exceed 4 entries, could please help me on that.
>
> Best regards
>
> // IFA.cpp based on ndn-tree-cs-tracers.cpp
> // using topo-small-binary-tree.txt Topology
> //
> #include "ns3/core-module.h"
> #include "ns3/network-module.h"
> #include "ns3/ndnSIM-module.h"
> //#include "ndn/L3RateTracer.h"
> namespace ns3 {
>
> /**
>  * This scenario simulates an Interest flooding attack on a tree topology
> (using topology reader module)
>  *
>  *    /------\      /------\      /------\      /------\
>  *    |rtr-1|      |rtr-2|      |lrtr-3|      |rtr-4|
>  *    \------/      \------/      \------/      \------/
>  *         ^          ^                ^           ^
>  *         |          |                |           |
>  *          \        /                  \         /
>  *           \      /                    \       /    10Mbps / 1ms
>  *            \    /                      \     /
>  *             |  |                        |   |
>  *             v  v                        v   v
>  *          /-------\                    /-------\
>  *          | rtr-1 |                    | rtr-2 |
>  *          \-------/                    \-------/
>  *                ^                        ^
>  *                |                        |
>  *                 \                      /  10 Mpbs / 1ms
>  *                  +--------+  +--------+
>  *                           |  |
>  *                           v  v
>  *                        /--------\
>  *                        |  root  |
>  *                        \--------/
>  *
>  *
>  * To run scenario and see what is happening, use the following command:
>  *
>  *     ./waf --run=IFA
>  */
>
> int
> main(int argc, char* argv[])
> {
>   CommandLine cmd;
>   cmd.Parse(argc, argv);
>
>   AnnotatedTopologyReader topologyReader("", 1);
>
> topologyReader.SetFileName("src/ndnSIM/examples/topologies/topo-small-binary-tree.txt");
>   topologyReader.Read();
>
>   // Install NDN stack on all nodes
>   ndn::StackHelper ndnHelper;
>   ndnHelper.setPolicy("nfd::cs::lru");
>   ndnHelper.setCsSize(100);
>   ndnHelper.InstallAll();
>
>   // Choosing forwarding strategy
>   ndn::StrategyChoiceHelper::InstallAll("/prefix",
> "/localhost/nfd/strategy/best-route");
>
>   // Installing global routing interface on all nodes
>   ndn::GlobalRoutingHelper ndnGlobalRoutingHelper;
>   ndnGlobalRoutingHelper.InstallAll();
>
>   // Getting containers for the consumer/producer
>   Ptr<Node> consumers[4] = {Names::Find<Node>("NodeC1"),
> Names::Find<Node>("NodeC2"),
>                             Names::Find<Node>("NodeC3"),
> Names::Find<Node>("NodeC4")};
>   Ptr<Node> producer = Names::Find<Node>("NodeP1");
>
>   for (int i = 0; i < 4; i++) {
>     ndn::AppHelper consumerHelper("ns3::ndn::ConsumerCbr");
>        // Each consumer will express the same data /root/<seq-no>
>     if(i==0){
>       consumerHelper.SetAttribute("Frequency", StringValue("200")); //
> Attacker sends 200 interests a second
>       consumerHelper.SetPrefix("/prefix/rand()");
>     }else{
>       consumerHelper.SetAttribute("Frequency", StringValue("10")); // each
> Ligitimate user sends 10 interests a second
>       consumerHelper.SetPrefix("/prefix");
>     }
>     ApplicationContainer app = consumerHelper.Install(consumers[i]);
>     app.Start(Seconds(0.01 * i));
>   }
>
>   ndn::AppHelper producerHelper("ns3::ndn::Producer");
>   producerHelper.SetAttribute("PayloadSize", StringValue("1024"));
>
>   // Register /root prefix with global routing controller and
>   // install producer that will satisfy Interests in /root namespace
>   ndnGlobalRoutingHelper.AddOrigins("/prefix", producer);
>   producerHelper.SetPrefix("/prefix");
>   producerHelper.Install(producer);
>   // Calculate and install FIBs
>   ndn::GlobalRoutingHelper::CalculateRoutes();
>
>   Simulator::Stop(Seconds(20.0));
>   ndn::L3RateTracer::InstallAll("rate-trace-IFA.txt", Seconds(19.0));
>   Simulator::Run();
>   Simulator::Destroy();
>   return 0;
> }
> } // namespace ns3
> int
> main(int argc, char* argv[])
> {  return ns3::main(argc, argv);}
>
> _______________________________________________
> ndnSIM mailing list
> ndnSIM at lists.cs.ucla.edu
> http://www.lists.cs.ucla.edu/mailman/listinfo/ndnsim
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/ndnsim/attachments/20210925/05c40e00/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: flooding attack.jpg
Type: image/jpeg
Size: 21205 bytes
Desc: not available
URL: <http://www.lists.cs.ucla.edu/pipermail/ndnsim/attachments/20210925/05c40e00/attachment-0001.jpg>


More information about the ndnSIM mailing list