is it possible to simulate a dos attack in ns3?

[Abhijit Bhat]

Hello everyone,

i would like to know if its possible to simulate DoS attacks like SYN Flood, Ping Flood in ns3. If yes, can someone please throw some light on it?

[Tommaso Pecorella]

Hi,

technically it is possible. It is even "common", if one doesn't carefully setup his/her simulations. I mean, usually one start all the applications at the same time. If apps are using TCP, this means a syn flood.

The problem isn't doing the attack. The problem is evaluating the effect of the attack.

Since ns-3 is a network simulator, a flood will for sure be seen as a temporary network congestion. However, since ns-3 is a discrete event simulator and application delays (i.e., the time required to process an event) are often disregarded, the server will be able to process all the incoming pings, TCP sun etc. up to its internal buffers (which are pretty large).

So, my overall answer is: I wouldn't trust too much the results. Unless you have a deep knowledge of the rx buffers.

You can, of course, use a real linux stack to simulate the SUT (System Under Test) and leave to ns-3 the task to generate the DoS. This can be easily done.

Hope this helps,

T