Applicable versions | NetSim Standard | Netsim Pro |
Applicable Releases | v14.0 | v14.1 |
A DDoS attack in a 5G environment involves overwhelming a targeted 5G network, service, or infrastructure with a flood of malicious traffic, disrupting its normal operations and rendering it inaccessible to legitimate users.
We explain below how to simulate a simple DDoS attack in an 5G Network in NetSim. Config files for all cases are attached.
In NetSim, click on New Simulation > 5G NR
Case 1: Without a Malicious Node (No attacker).
- Drop 1gNB and 9UEs which is at 1000m away from gNB.
- Set shadow fading model to NONE in gNB Interface_4 5G_RAN-> physical layer properties.
- Configure a CBR traffic sent from Server to each UE at rate of 8 Mbps. Packet Size 1460B, IAT=1460µs.
- Run the simulation for 10 seconds and measure the throughput obtained by each UEs.
We then simulate 3 attack cases
- Case 2: Add 1 malicious node (wired). Configure traffic from malicious node to all UEs (1, 2, …, 9). Configure CBR traffic at smaller packet generation rate of 2Mbps. Packet Size 1460B, IAT=5840µs.
- Case 3: Add 2 malicious nodes (wired). Configure traffic from malicious node to all UEs (1, 2, …, 9). Configure CBR traffic at smaller packet generation rate of 2Mbps. Packet Size 1460B, IAT=5840µs.
- Case 4: Add 3 malicious nodes (wired). Configure traffic from malicious node to all UEs (1, 2, …, 9). Configure CBR traffic at smaller packet generation rate of 2Mbps. Packet Size 1460B, IAT=5840µs.
- Run the simulation for 10 seconds.
Compare network performance
- We take sum throughput of the “Sensor applications” as our measure of performance
Case 1: Normal Operation
Case 2: 1- attacker nodes
Case 3: 2- attacker nodes
Case 4: 3- attacker nodes
Results:
Application | Case 1 : Normal Operation Throughput (Mbps) | Case 2 : 1 - attacker node Gen. Rate=2 Mbps | Case 3: 2 - attacker nodes Gen. Rate=2 Mbps | Case 4: 3 - attacker nodes Gen. Rate=2Mbps |
UE 10 | 8.00 | 5.46 | 6.02 | 4.96 |
UE 11 | 7.99 | 7.22 | 6.01 | 5.06 |
UE 12 | 8.00 | 7.23 | 6.02 | 4.96 |
UE 13 | 8.00 | 7.23 | 6.01 | 4.96 |
UE 14 | 8.00 | 7.23 | 4.46 | 4.96 |
UE 15 | 7.99 | 7.22 | 6.02 | 4.97 |
UE 16 | 7.99 | 7.22 | 6.01 | 4.96 |
UE 17 | 7.99 | 5.46 | 6.01 | 5.06 |
UE 18 | 7.99 | 7.22 | 6.02 | 4.96 |
Sum Throughput (Mbps) of Legitimate Traffic | 71.95 Mbps | 61.49 Mbps | 52.57 Mbps | 44.86 Mbps |
We observe,
A ≈ 15% drop in throughput of legitimate traffic with 1 DDoS attack node.
A ≈ 40% drop in throughput of legitimate traffic with 3 DDoS attack node.
Steps to import experiment files to NetSim:
- Download the experiment file attached below, which is in the format of (*.netsimexp).
- Import the NetSim Experiment file.
- In NetSim Home Screen go to Your Work -> Import
- In the Import window, under the Source section, browse and select the downloaded Workspace file *.netsimexp for the source location option.
- Under the Destination section, select the "Create new Workspace and import experiments into the new Workspace" radio button.
- Further, browse and select the new workspace location to create the workspace directory.
- Click on Import.
- In NetSim Home Screen go to Your Work -> Import
- The imported experiments will be shown in the Your Work Menu of the new workspace.
Useful links
1. NetSim 5G Overview: https://www.tetcos.com/5g.html
2. NetSim 5G documentation (v14.0): https://www.tetcos.com/downloads/v14/5G-NR.pdf