Simulate network attacks and defences

NetSim is a network simulation software designed for the performance analysis of many types of communication networks, including 5G. While its primary focus is not cyber security, it provides a framework for modelling and simulating network attacks and observing the impact of an attack, and of its countermeasures, on network performance.

NetSim is available in a modular format, comprising components also referred to as Technology Libraries or Toolboxes. Each component focuses on a set of networking technologies. See the list of libraries in NetSim.

Looking for power-system cyberattacks?

This page covers attack simulation across general networking libraries. For cyberattacks on power-grid Cyber-Physical Power Systems, with protocols such as IEEE C37.118, IEC 61850 GOOSE/SV, Modbus, DNP3, and IEC 60870-5-104, see the dedicated NetSim Cyber product.

Explore NetSim Cyber »

Attack and defence projects by technology

Worked examples that model an attack, then measure its effect on the network.

Internet of Things

RPL, LEACH, and DDoS attacks on IoT and WSN deployments.

DIO Suppression Attack in IoT A malicious node suppresses RPL DIO control messages so neighbours cannot maintain or repair routes.
RPL DIS Flooding An attacker floods DIS messages, forcing nodes to reset trickle timers and waste energy on repeated DIO broadcasts.
Sinkhole Attack in RPL A node advertises a falsely favourable rank to draw routes and traffic through itself.
Sinkhole Attack in LEACH A compromised cluster head attracts sensor traffic in a LEACH-based wireless sensor network.
Intrusion Detection System for LEACH A detection scheme that identifies malicious nodes in a LEACH cluster.
DDoS Attacks: botnet, bit-and-piece Distributed denial-of-service attacks in an IoT network, including botnet and bit-and-piece flooding.

Internetworks

Data integrity, encryption, and Wi-Fi MAC attacks.

False Data Injection Attack Falsified data is injected into the network to mislead receivers and corrupt application state.
Implementing a new encryption algorithm Add a custom cipher (MISTY) to the protocol stack to secure traffic.
Backoff Attack in Wi-Fi A node manipulates the 802.11 contention backoff to seize an unfair share of the channel.

MANET

Routing attacks and defences for ad hoc networks.

Sinkhole Attack in DSR A node falsifies route replies to attract traffic in a DSR-routed MANET.
Sinkhole Attack in AODV A node advertises false route metrics to pull traffic through itself in an AODV network.
Secure AODV A hardened AODV variant that authenticates routing messages to resist tampering.
Intrusion Detection System for MANETs A detection scheme that flags malicious routing behaviour in a mobile ad hoc network.

Cognitive Radio

Spectrum-access attacks on secondary users.

Primary User Emulation (PUE) Attack An attacker mimics primary-user signals so secondary users vacate the band and lose spectrum access.

Vehicular Ad hoc Network

Attacks and detection for VANETs.

Sinkhole Attack A vehicle advertises false routes to attract traffic in a VANET.
Intrusion Detection System for VANET A detection scheme that identifies malicious vehicles in a VANET.

Network Emulation

Attacks against real applications through the emulator.

SlowHTTPtest DoS Attack A slow-HTTP denial-of-service attack driven through the NetSim emulator against a real server.

Built to be extended

NetSim ships with protocol source code in C. Modify the stack to model new attacks, build countermeasures, and develop your own security protocols.