14-814/18-637: Wireless Network Security - Spring 2016

Assignment #4 - Network Layer Misbehavior and Higher-Layer Impacts

Assigned: March 3

Due: March 24

Description: The goal of this assignment is to build a network with support for protocols at several layers, then study how attacks at lower layers of the protocol stack affect performance at higher layers. We'll provide you with sample MANET packet dropping code in OMNET++ and leave you to discover what high-layer statistics are interesting and what lower-level attacks impact them. The assignment has three primary components 1) familiarize yourself with some of the modules that provide higher-layer support, 2) understand and enhance the MANET packet dropping implementation that we have provided, 3) study the impact of PHY, MAC, and network layer misbehavior on higher-layer performance. As with the previous assignments, we highly recommend that you start working on the tasks as soon as possible.

Tasks:

0. Backup some Files! - Since you're about to modify important files in INET, it would be good to make a backup copy. As you progress, please create backup copies of any .cc, .h, and .ned files in INET before you change them...just in case.
1. Create a Functional Network - Using the AdhocHost module, create a useful representation of a mobile ad hoc network that includes enough nodes to be interesting (e.g., make sure routing isn't trivial or deterministic, allow the possibility of multiple routing paths, long paths, etc.) and has support for end-to-end services (e.g., TCP, UDP, etc.) -- this file will get you started on this task. Identify at least two interesting metrics at each of the physical, MAC, network, and transport layer (these can be the same as in previous assignments) and create some plots using these statistics to demonstrate that your network functions end-to-end under normal working conditions.
   
   
2. Repeat Assignments #2 and #3 - Now that your network functions without attacks, demonstrate how the PHY and MAC layer misbehavior studied in previous assignments reflects in your chosen metrics. Create several scenarios with different types and severities of attacks and study how your chosen metrics are affected (if your chosen metrics aren't affected, maybe choose more metrics). Simulate several different cases to see what you can learn about the higher-layer impact of lower-layer misbehavior, and create several plots for the most interesting things you find.
   
   
3. Study and Extend our MANET Packet Dropping Attack - Download this .zip archive, which contains the files aodv_uu_omnet.cc, aodv_uu_omnet.h, AODVUU.ned, and omnetpp.ini that make up the AODV module and parts of one of the MANET routing examples. Install these files at locations \inet\src\networklayer\manetrouting\aodv-uu\aodv_uu_omnet.cc, \inet\src\networklayer\manetrouting\aodv-uu\aodv_uu_omnet.h, \inet\src\networklayer\manetrouting\AODVUU.NED, and \inet\examples\manetrouting\grid_aodv\omnetpp.ini (creating backups as above). The AODV protocol of interest is actually a port from NS2, written quite differently from standard OMNET++ C++ modules (e.g., see lines 1081 and 1084 of aodv_uu_omnet.cc). AODV is part of MANETINET, and though integrated into INET, it started as a standalone project. Make sure to use the provided code, because, in addition to sample code to get you started, we fixed several bugs in the AODV NED module AODVUU.ned.
   
   To find code blocks added by Brian, INET guru and former TA of this course, search for the comment wrappers //@bricks and //END ADDS. These also serve as guides for where you may be making modifications to the AODV code. The code Brian added introduces a parameter that specifies the probability with which the node will drop each packet, a parameter to specify the attack type, and statistics to measure the received and dropped packets. The modified .ini file includes Brian's configuration [Config AODVUU_Malicious_1], which extends the AODVUU configuration and sets the attack type and drop probability. By running this configuration and studying the scalar outputs produced, you can see the impact of packet dropping; you can filter your scalars by *.manetrouting to find the added drpPkMalicious and rcvdPkIPV4 statistics, corresponding to the number of dropped packets and the total packets seen by the malicious code, the ratio of which should be close to the drop probability. Run this configuration for several values of the drop probability, varying from 0 to 1, and create a nice figure that shows the results of the simulation study.
   
   Next, building on Brian's code, introduce another attack type with two new parameters, changing from probabilistic packet dropping (i.e., drop every packet with probability p) to periodic probabilistic packet dropping as follows. One parameter will be the period, let's call it T, and the other will be the duty cycle, let's call it d, where 0<d<1. In the periodic probabilistic packet dropping attack, the node will drop packets with probability p for dT seconds, then drop no packets for (1-d)T seconds, and continue forever. Once you make the necessary changes to all of the relevant files, run the configuration for a few values of p, T, and d and tabulate the resulting statistics. How does the ratio of dropped packets to total packets seen now compare to these parameters? As in the previous task, create a few interesting figures to demonstrate how this forwarding misbehavior affects performance statistics at various layers.
   
   
4. Think About Cross-Layer Detection - Now that you've studied how attacks at different layers affect your collection of statistics, think about whether those statistics could be useful in detecting attacks or identifying what layer an attack could be occurring at. Specifically, by inspecting your results from the previous tasks, would someone be able to figure out whether the misbehavior was at the MAC or network layer; could they determine which node was under attack or mounting the attack; etc.? You don't need to implement anything here, but explore the possibilities of what your statistics could be useful for.

Deliverables: Each student will submit a written summary of their efforts in the above tasks, including the following:

• A brief description of what you did to fulfill each task, including details of the changes made to the .h/.cc/.ned/.ini code and any other changes needed,
• Properly labeled and easy-to-understand plots created in each task, and
• Detailed explanations of your process, findings, and results of each study, and any conclusions you reached in your experimentation.

The written report should be formatted according to the IEEE conference proceedings template, using either Microsoft Word or LaTeX, and converted to a .pdf document.

Submission Instructions: Each student should submit a .pdf version of their written summary via Blackboard, using the format requested above. All students are expected to complete the assignment on their own; discussion about the assignment is allowed and encouraged, but the writing and coding should be done individually.

Grading: This assignment is worth 40 points: 5 points for task 1; 10 points for task 2; 15 points for task 3; and 10 points for task 4. We reserve the right to take off points for presentation aspects, e.g., incorrect format, poor writing, etc.