Webinar Contents:
Why use a Network Simulator
Introduction to NetSim
Introduction to Sinkhole Attack : Attack scenario in MANET using NetSim
Intrusion Detection System: Detection mechanism in MANET using NetSim
Analyzing Metrics
Areas of R & D in MANET
Q & A
2. NetSim
TM
Webinar Contents
1.Why use a Network Simulator
2.Introduction to NetSim
3.Introduction to Sinkhole Attack : Attack scenario in MANET using NetSim
4.Intrusion Detection System: Detection mechanism in MANET using NetSim
5.Analyzing Metrics
6.Areas of R & D in MANET
7.Q & A
4. NetSim
TM
Communication Networks have become
too complex for traditional analytical
methods or “rules of thumb” to provide an
accurate understanding of system behavior
and possible problems and solutions
5. NetSim
TM
I. Networking traffic will quadruple by
2017 driven by wireless & mobile
communication
II. 2+ billion videos watched online every
day
III. Mobiles, tablets & sensors to join with
existing internet cloud to form “network
of things”
I. Mobile Ad-hoc Networks
II. Wireless Sensor Networks
III. Cognitive Radio
IV. LTE / LTE-A
V. Internet of Things (IOT)
50 % of all research papers in IEEE & ACM refer a Network Simulator
Observations in computer networking
domain
Key areas of research & development
7. NetSim
TM
NetSim is a popular tool for Network Design, Network R & D and defense
applications. It allows users to create network scenarios, model traffic and
study network performance metrics
Wide range of technologies across LAN, WAN, BGP, WLAN, MANET, Wi-MAX,
Cellular(GSM and CDMA), Cognitive Radio, Sensor Networks, IOT and LTE as per
international Standards
Open architecture with protocol C source code for users to write, link and de-
bug.
9. NetSim
TM
Technology Libraries
Component
No
Networks / Protocols
Component 1
(Base. Required for all components)
Internetworks: Ethernet - Fast & Gigabit, Address Resolution Protocol, WLAN - 802.11 a, b, g , n, ac and e, Propagation
- Free space, Log-normal Shadowing, Rayleigh Fading, IPv4 with VPN, Firewalls, Routing - RIP, OSPF, Queuing - Round
Robin, FIFO, Priority, TCP, UDP.
Common Modules Applications: Traffic Generator: Voice, Video, FTP, Database, HTTP, Email, Peer-to-peer and
Custom. Virtual Network Stack, Simulation Kernel Command Line Interface, Metrics Engine with packet and event trace,
Packet Animator
Component 2
Legacy Networks: Aloha - Pure & Slotted, CSMA/CD, Token Ring, Token Bus, ATM, X.25, Frame Relay,
Multi-Protocol Label Switching (MPLS)
Component 3 BGP Networks: Border Gateway Protocol (BGP)
Component 4 Advanced Wireless Networks: MANET - DSR, AODV, OLSR, ZRP, Wi-Max
Component 5 Cellular Networks - GSM, CDMA
Component 6
(Component 4 required)
Wireless Sensor Networks, IOT & Personal Area Networks: WSN with agent model & battery models ZigBee
Component 7
Cognitive Radio Networks
WRAN
Component 8
Long Term Evolution
LTE
Component 9
(Component 4 required)
Military Radio
TDMA Link 16
10. NetSim
TM
1. New Technologies
• Internet of things
• 802.11 ac (Gigabit Wi-Fi)
• Rate adaptation algorithm for WLAN
• Military Radios: HF, UHF and VHF Bands
2. Network Emulator Add-on Module
• Connect NetSim to Real Devices running
Live Application
3. Interfacing with softwares
• MATLAB interface
• Wireshark Interface
4. Accelerated and multithreaded kernel
• Approx. 40x times faster than v8.3 for
large simulations
5. Simulation Scale up
• Pro version tested up to 100,000
devices
What’s new in v9
12. NetSim
TM
Sinkhole Attack in MANET
• Sinkhole attack is one of the severe attacks in wireless Ad hoc network.
• In sinkhole Attack, a compromised node or malicious node advertises wrong routing
information to produce itself as a specific node and receives whole network traffic.
• After receiving whole network traffic it can either modify the packet information or drop
them to make the network complicated.
• Sinkhole attacks affects the performance of Ad hoc networks protocols such as DSR protocol.
13. NetSim
TM
Sinkhole in DSR in NetSim
• In DSR the source broadcasts RREQ packet during Route Discovery.
• The destination on receiving the RREQ packet replies with a RREP packet containing the route to
reach the destination.
• But Intermediate nodes can also send RREP packet to the source if they have a route to the
destination in their route cache.
• Using this loophole the malicious node adds a fake route entry into its route cache with the
destination node as its next hop.
14. NetSim
TM
Sinkhole in DSR in NetSim
• On receiving the RREQ packet from the source the malicious node sends a fake RREP packet with
the fake route.
• The source node on receiving this packet observes this as a better route to the destination.
• All the Network Traffic is attracted towards the Sinkhole (Malicious Node) and it can either modify
the packet information or simply drop the packet (NetSim implementation)
15. NetSim
TM
Malicious.c
• A file Malicious.c is added to the DSR project which contains the following functions:
• fn_NetSim_DSR_MaliciousNode( ) - This function is used to identify whether a
current device is malicious or not in-order to establish malicious behavior
• fn_NetSim_DSR_MaliciousRouteAddToCache() - This function is used to add a fake
route entry into the route cache of the malicious device with its next hop as the
destination
• fn_NetSim_DSR_MaliciousProcessSourceRouteOption() - This function is used to
drop the received packets if the device is malicious, instead of forwarding the packet
to the next hop
16. NetSim
TM
Simulation of sinkhole attack in NetSim
Source – Device id 1
Destination – Device id 6
Sinkhole (malicious node) – Device id 2
18. NetSim
TM
Introduction
• An intrusion detection system (IDS) monitors network for malicious activities
• Once an attack is identified, or abnormal behaviour is sensed, measures are taken to recover from
the attack.
• The system also keeps track of the intruders so as to avoid further attacks in future.
19. NetSim
TM
IDS in NetSim
In NetSim Intrusion Detection System has two major functionalities
1.Watchdog
• A watchdog timer is added to each Node in the Network.
• The timer starts the moment a packet is sent.
• Once the packet is forwarded to the next hop within the Watchdog time
duration.
• If the next hop is malicious then it need not forward the packet (as per the
sinkhole attack implemented)
• A counter is used to keep track of number of time watchdog timer expires.
• Once the counter reaches the failure threshold the current node marks its next
hop as malicious and sends it for blacklisting.
2.Pathrater
• Adds malicious nodes to blacklist.
• Validates routes by verifying route reply.
• Discards route reply if blacklisted nodes are present in it.
20. NetSim
TM
Watchdog.c
Some of the important functions are:
• add_watchdog_timer() - Adds a watchdog timer to each Node in the Network.
• watchdog_timer_execute() - Checks if the packet is sent before timer expiry & checks
if failure threshold is reached.
Pathrater.c
Some of the important functions are:
• add_to_blacklist() - Adds malicious nodes to blacklist of the current device
• verify_route_reply() - Checks if the IP addresses in the route reply contains the IP of
any blacklisted node.
IDS in NetSim
21. NetSim
TM
Simulation of IDS in NetSim
Source – Device id 1
Destination – Device id 6
Intruder (malicious node) – Device id 3 , Device id 4
IDS running in all the nodes
26. NetSim
TM
Over 300+ Customers across 15 countries
Education - International
Defence / Space / Industry
Education - India
27. NetSim
TM
Research Areas in MANET
• Routing protocols – Location based, Power aware etc.
• QoS in adhoc networks
• Intrusion detection
• Performance Analysis
• Vehicular adhoc networks etc.,
The Project Codes of Sinkhole Attack, IDS and other projects in different Networks can be accessed using the link:
http://www.tetcos.com/File_Exchange/
28. NetSim
TM
Q & A Session
Note: Depending on the available time, we will try to cover all your questions. In case your query is not
answered, we assure you to answer your question via email.
29. NetSim
TM
For technical information contact
Visit: www.tetcos.com
E-mail: sales@tetcos.com
Tele-fax: +91 80 2663 062411
For Commercial information:
please contact our local channel partner available at http://tetcos.com/listcp.html