Applicable VersionNetSim StandardNetSim Pro

Applicable ReleaseV13.1



VANETs face different securities threats i.e., attacks that are carried out against them to disrupt the normal performance of the networks. In these attacks, a sinkhole attack is that kind of attack which occurs in Vehicular Ad-Hoc networks (VANET).

A sinkhole attack is one of the most severe attacks in wireless Ad hoc networks. In a sinkhole Attack, a compromised node or malicious node advertises wrong routing information to produce itself as a specific node and receives whole network traffic. After receiving whole network traffic, it can either modify the packet information or drop them to make the network complicated. Sinkhole attacks affect the performance of Ad hoc networks protocols such as the DSR protocol.

Note: NetSim VANET module features Basic Safety Messages (BSM). In the case of BSM applications, Wave Short Message Protocol (WAVE) stack is used to describe a transport layer and network layer of the TCP/IP stack.  And for this reason, in NetSim WSMP handles all Transport and Network layer functionalities. 

WSMP if enabled in the transport layer, the communication is direct from source to destination. Attack can’t be implemented in the BSM application. However, for other application, types (CBR, Custom, Voice, Video, etc.) you will be able to see the route establishment process and the role of UDP protocols. Attacks can be implemented in the above-mentioned application that runs on Network layer protocol (DSR, AODV, ZRP, OLSR).


Implementation in DSR

  • In DSR the source broadcasts the RREQ packet during Route Discovery.
  • The destination on receiving the RREQ packet replies with an RREP packet containing the route to reach the destination.
  • But Intermediate nodes can also send RREP packets to the source if they have a route to the destination in their route cache.
  • Using this as an advantage the malicious node adds a fake route entry into its route cache with the destination node as its next hop.
  • On receiving the RREQ packet from the source the malicious node sends a fake RREP packet with the fake route.
  • The source node on receiving this packet observes this as a better route to the destination.
  • All the Network Traffic is attracted towards the Sinkhole (Malicious Node), and it can either modify the packet Information or simply drop the packet.

 A file, malicious. c is added to the DSR project which contains the following functions:

  • fn_NetSim_DSR_MaliciousNode(); //This function is used to identify whether a current device is malicious or not in-order to establish malicious behavior.
  • fn_NetSim_DSR_MaliciousRouteAddToCache(); //This function is used to add a fake route entry into the route cache of the malicious device with its next-hop as the destination.
  • fn_NetSim_DSR_MaliciousProcessSourceRouteOption(); //This function is used to drop the received packets if the device is malicious, instead of forwarding the packet to the next hop.


You can set any device as malicious, and you can have more than one malicious node in a scenario. Device id’s of malicious nodes can be set inside the fn_NetSim_DSR_MaliciousNode() function.

Steps to simulate 

  1. Download the Sink_Hole_Attack_VANET project using the below link,                       Download:
  2. Follow the instructions specified in the following link to download and set up the Project in NetSim: Downloading and setting up NetSim File Exchange Projects
  3. Open the Source codes in Visual Studio by going to Your work-> Source code and Clicking on the Open code button in the NetSim Home Screen window.
  4. A malicious. c file is added to the DSR source code project in which the malicious node and its behavior are defined. 
  5. Now right-click on the DSR project in the solution explorer and select Rebuild. 
  6. Upon rebuilding, libDSR.dll will automatically get updated in the respective bin folder of the current workspace. 

NetSim Scenario

The network consists of 20 Vehicles and an RSU with properties configured as shown below:

Network Settings

  1. The SINK_HOLE_ATTACK_DSR_VANET_WorkSpace comes with a sample network configuration that is already saved. To open this example, go to Your work on the home screen of NetSim and click on the SINK_HOLE_ATTACK_DSR_VANET_Example from the list of experiments.
  2. Wireless Link Properties
    • Channel Characteristics - Pathloss only
    • Path loss model - LOG_DISTANCE
    • Path loss exponent - 2.5
  3. Application Properties
    Application Properties
    Application typeCBR
    Source Id16
    Destination Id10
    Transport ProtocolUDP
  4. Enable Packet trace in NetSim GUI.
  5. Run the Simulation for 100 seconds.


  • View the packet animation. You will find that the malicious node (Device id 9) gives Route Reply on receiving Route Request and attracts packets towards it. You will also find that the malicious node does not forward the packets that it receives
  • This will have a direct impact on the Application Throughput which can be observed in the Application Metrics table present in the NetSim Simulation Results window.

Useful webpages

1. NetSim documentation:

2. NetSim VANETs overview: