|Applicable Versions||NetSim Standard||NetSim Pro|
TABLE OF CONTENTS
- Files used in this project
- Steps to simulate
- Network Settings
- Results and Discussion
VANET refers to the group of vehicles that are interlinked to one another through a wireless network. Along with technology, comes the threats. Like other wireless networks, VANETs also are vulnerable to various security threats. one small security breach can cause big damage in the case of VANETs as in this case human lives are involved. Intrusion Detection Systems (IDS) are employed in VANETs to detect and identify any malicious activity in the network. The IDS works by analyzing the network and detecting any intrusions tried or made in the network so that proper steps could be taken timely to prevent damage from such activities.
Files used in this project
The following steps show how a user can run the IDS in NetSim to detect a malicious node and then set up a new route to the destination to avoid the malicious node.
- Creating Malicious nodes for a particular network scenario is explained in the Malicious.c file.
- To detect the intruder and to send data via a new route, the following files are added in DSR and IEEE802_11
This file contains code for avoiding the malicious node and finding a new route (once the IDS detects the malicious node) in networks running DSR in Layer 3. Note that this system would work only for UDP and not for TCP since TCP involves receiving acks from the destination.
If _NETSIM_PATHRATER_ is defined, the code is used to validate routes. When the Node is a Malicious Node, and a Route Reply is processed, the Function verifies the route reply in the route cache and checks for the blacklisted node. i.e., malicious node. When a malicious node is found that route entry is deleted from the cache.
This file contains code for the IDS and is added in IEEE802_11 operating in Layer 2.
If _NETSIM_WATCHDOG_ is defined, a watchdog timer starts the moment a packet is sent. Once a packet is forwarded to the next-hop node, the current node checks for watchdog timer duration if the packet is getting forwarded further on to the destination node or not.
The malicious node does not forward packets that it receives. The watchdog timer in the node (which forwarded the packet to the malicious node) expires. A counter is present which measures the number of times the watchdog timer expires (in other words the number of packets sent out but not forwarded by the next-hop node). Once this counter’s value reaches the failure threshold the next hope is marked by the current node as a malicious node.
- The downloaded folder consists of a folder named SUMO;this folder contains a file SumoRun.py a python script.This file must be replaced with the original SumoRun.py file present in the bin folder of NetSim install directory(C:\ProgramFiles\NetSim\Standard_v13_1\bin)
- Wireless Link Properties
- Channel Characteristics - Pathloss only
- Path loss model - LOG_DISTANCE
- Path loss exponent - 3.5
4. Application Properties
5. Enable Packet trace in NetSim GUI.
6. Run Simulation for 300 seconds.
Results and Discussion
- Open animation window. The Initial flow of packets are till node 3 since node 3 is detected as malicious.
- In the Result Dashboard, open packet trace using open packet trace hyperlink
- Here you would notice initially the malicious node(node-3) sends fake route information to Source node(node-2).Source node send packets to malicious node and it will drop the received packets.
- As Per the original code setting the Watchdog timer is set to 2 seconds and the failure threshold is set to 20 packets. So, you would notice that around 25 seconds, the malicious node is detected and the route to destination would change in the subsequent route discovery process.
- Once the Source node receives DSR_RREP from the non-listed blacklist node then it will forward the packets to that node.
- The time at which a malicious node is detected can be obtained from the CUSTOM METRICS (IDS METRICS) in the results window where the
- start time - time from which a node becomes malicious,
- detection time - time at which the node was added to blacklist can be obtained.