14-814/18-637: Wireless Network Security - Spring 2016
Assignment #4 - Network Layer Misbehavior and Higher-Layer Impacts
- Assigned: March 3
- Due: March 24
- Description: The goal of this assignment is to build a network with support for protocols at several layers, then study
how attacks at lower layers of the protocol stack affect performance at higher layers. We'll provide you with sample MANET packet
dropping code in OMNET++ and leave you to discover what high-layer statistics are interesting and what lower-level attacks impact them.
The assignment has three primary components 1) familiarize yourself with some of the modules that provide higher-layer support,
2) understand and enhance the MANET packet dropping implementation that we have provided, 3) study the impact of PHY, MAC,
and network layer misbehavior on higher-layer performance. As with the previous assignments, we highly recommend that you start working
on the tasks as soon as possible.
- Tasks:
- Backup some Files! - Since you're about to modify important files in INET, it would be good to make a backup copy. As you
progress, please create backup copies of any
.cc
, .h
, and .ned
files in INET before you change
them...just in case.
- Create a Functional Network - Using the
AdhocHost
module, create a useful representation of a mobile ad hoc network
that includes enough nodes to be interesting (e.g., make sure routing isn't trivial or deterministic, allow the possibility of multiple
routing paths, long paths, etc.) and has support for end-to-end services (e.g., TCP, UDP, etc.) -- this file will get
you started on this task. Identify at least two interesting metrics at each of the physical, MAC, network, and transport layer (these can be
the same as in previous assignments) and create some plots using these statistics to demonstrate that your network functions end-to-end under
normal working conditions.
- Repeat Assignments #2 and #3 - Now that your network functions without attacks, demonstrate how the PHY and MAC layer misbehavior
studied in previous assignments reflects in your chosen metrics. Create several scenarios with different types and severities of attacks
and study how your chosen metrics are affected (if your chosen metrics aren't affected, maybe choose more metrics). Simulate several different
cases to see what you can learn about the higher-layer impact of lower-layer misbehavior, and create several plots for the most interesting
things you find.
- Study and Extend our MANET Packet Dropping Attack - Download this .zip archive, which contains the files
aodv_uu_omnet.cc
, aodv_uu_omnet.h
, AODVUU.ned
, and omnetpp.ini
that make up the AODV module
and parts of one of the MANET routing examples. Install these files at locations
\inet\src\networklayer\manetrouting\aodv-uu\aodv_uu_omnet.cc
, \inet\src\networklayer\manetrouting\aodv-uu\aodv_uu_omnet.h
,
\inet\src\networklayer\manetrouting\AODVUU.NED
, and \inet\examples\manetrouting\grid_aodv\omnetpp.ini
(creating backups as above). The AODV protocol of interest is actually a port from NS2, written quite differently from standard OMNET++
C++ modules (e.g., see lines 1081 and 1084 of aodv_uu_omnet.cc
). AODV is part of MANETINET, and though integrated into INET,
it started as a standalone project. Make sure to use the provided code, because, in addition to sample code to get you started, we fixed
several bugs in the AODV NED module AODVUU.ned
.
To find code blocks added by Brian, INET guru and former TA of this course, search for the comment wrappers //@bricks
and
//END ADDS
. These also serve as guides for where you may be making modifications to the AODV code. The code Brian added
introduces a parameter that specifies the probability with which the node will drop each packet, a parameter to specify the attack type,
and statistics to measure the received and dropped packets. The modified .ini
file includes Brian's configuration
[Config AODVUU_Malicious_1]
, which extends the AODVUU configuration and sets the attack type and drop probability. By
running this configuration and studying the scalar outputs produced, you can see the impact of packet dropping; you can filter your
scalars by *.manetrouting
to find the added drpPkMalicious
and rcvdPkIPV4
statistics, corresponding
to the number of dropped packets and the total packets seen by the malicious code, the ratio of which should be close to the drop probability.
Run this configuration for several values of the drop probability, varying from 0 to 1, and create a nice figure that shows the results of the
simulation study.
Next, building on Brian's code, introduce another attack type with two new parameters, changing from probabilistic packet dropping (i.e.,
drop every packet with probability p) to periodic probabilistic packet dropping as follows. One parameter will be the period, let's
call it T, and the other will be the duty cycle, let's call it d, where 0<d<1. In the periodic probabilistic
packet dropping attack, the node will drop packets with probability p for dT seconds, then drop no packets for (1-d)T
seconds, and continue forever. Once you make the necessary changes to all of the relevant files, run the configuration for a few values of
p, T, and d and tabulate the resulting statistics. How does the ratio of dropped packets to total packets seen now
compare to these parameters? As in the previous task, create a few interesting figures to demonstrate how this forwarding misbehavior
affects performance statistics at various layers.
- Think About Cross-Layer Detection - Now that you've studied how attacks at different layers affect your collection of statistics, think
about whether those statistics could be useful in detecting attacks or identifying what layer an attack could be occurring at. Specifically, by
inspecting your results from the previous tasks, would someone be able to figure out whether the misbehavior was at the MAC or network layer; could
they determine which node was under attack or mounting the attack; etc.? You don't need to implement anything here, but explore the possibilities of
what your statistics could be useful for.
- Deliverables: Each student will submit a written summary of their efforts in the above tasks, including the following:
- A brief description of what you did to fulfill each task, including details of the changes made to the
.h/.cc/.ned/.ini
code and any
other changes needed,
- Properly labeled and easy-to-understand plots created in each task, and
- Detailed explanations of your process, findings, and results of each study, and any conclusions you reached in your experimentation.
The written report should be formatted according to the IEEE
conference proceedings template, using either Microsoft Word or LaTeX, and converted to a .pdf
document.
- Submission Instructions: Each student should submit a
.pdf
version of their written summary via Blackboard, using the format
requested above. All students are expected to complete the assignment on their own; discussion about the assignment is allowed and encouraged, but
the writing and coding should be done individually.
- Grading: This assignment is worth 40 points: 5 points for task 1; 10 points for task 2; 15 points for task 3; and 10 points for task
4. We reserve the right to take off points for presentation aspects, e.g., incorrect format, poor writing, etc.