Assignment 03

Due: Tuesday, Sept. 22, 2015 at noon 100 points

For this assignment, you will submit a single C++ compilable file containing a program written in C++. Remember, to submit a file for this course electronically, from the directory in which the file resides type in at the UNIX prompt the command: cssubmit 1570 section_letter assignment_number. Be sure that only the file you want to submit is in that directory - make a directory for every assignment! The submit system will deliver every .cpp file in the current directory to me. Name your file a meaningful name and give it a .cpp extension since you will be compiling it. Also, make sure that you compile and run your program using the GNU (g++) compiler before submitting to make sure that it will work for the submit script.

Background: As was stated in hw 2, Homer is trying to start a business. For this business, he will need an internal computer network for sending and receiving messages to and fro - mostly for ordering beer and doughnuts. Homer needs you to create a program that will simulate communication traffic on this network to identify security vulnerabilities. Before we get into the specifications for this program, you need to understand some basic terms and concepts of network security. Here they are:

Definitions....n'stuff:

    • A denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services to the internet. There are two general forms of DoS attacks: those that crash services and those that flood services.

    • Bandwidth is the maximum throughput (i.e., capacity) that a network can send and receive.

    • A packet is a formatted unit of data sent over a network. A packet has the address of sender, address of recipient, and a message.

    • A ping packet is basically a message that tests the reach-ability of another computer (e.g., “are you there?”). Every packet is identified by a source address (IP address of the sender) and a destination address (IP address of where it’s being sent to).

  • There are two general forms of DoS attacks: those that crash services and those that flood services (i.e., tie up a network so that normal incoming and outgoing messages can’t be serviced).

    • A smurf attack is where the attacker will send large numbers of packets with the source address faked to appear to be the address of the victim (i.e., it seems like the victim is sending out lots of packets when in reality it is the attacker who is sending them!). The victim’s network’s bandwidth is quickly used up, preventing any legitimate packets from getting through to their destination (i.e., the victim can’t send out any packets because his/her network is too busy!).

    • A ping flood is where the victim is sent an overwhelming number of ping packets. So the victim’s computer is tied up with a flood of incoming messages, preventing him/her to handle normal network services! It is very simple to launch; the attacker simply needs to have greater bandwidth than the victim has.

    • The ping of death is where the victim is sent a malformed (i.e., incorrectly formatted) ping packet, which will lead to a system crash on a vulnerable system.

Specifications: You are to write a program to simulate the processing of packets (and DoS attack detection) on Homer Simpson's Doughnut Network (HSDN). The program should have a single loop that will continue processing packets until a crash or a normal shut-down occurs (when the maximum number of packets have indeed been processed). Now, since this program is a simulation, that means there aren't really any incoming packets. It means that your program will generate packets as if they were real packets. The program then "handles" those packets as if they were real and shows how the network would react. Thus, each iteration of the aforementioned loop will generate a new packet and process it accordingly. Each packet consists of three parts:

  • a source address (an integer between 1 and 4, inclusive);

  • a destination address (an integer between 1 and 4, inclusive); and

  • a message code (an integer between 0 and 99, inclusive).

A message code between 0 and 84, inclusive, is considered just a "ping". A code between 85 and 98, inclusive, is considered a real communication. And any other code is considered a malformed ping packet. Now, Homer's network bandwidth is 50. But his network address is something he wants to input at the beginning of any simulation. So, your code should prompt Homer for his address. It has to be an integer between and including 1 and 4. If you process a ping packet, increment a counter for the number of ping packets processed and output the message "I am available" to the screen. If this counter becomes equal to the network bandwidth, a ping flood has occurred, in which case you should:

    • output a message to the screen "I am available"

    • output a message to the screen "A PING FLOOD HAS OCCURRED"

    • have the simulation loop terminated - a crash has occurred.

If you receive a ping message and the source address is Homer's address, then you should process it as a possible "smurf attack". Keep a counter for the number of times this happens. If that counter exceeds 1/3 Homer's max bandwidth, then the simulated system should crash (terminate the loop). Otherwise, receiving a ping message from a source address other than Homer's, should result in outputting a message, "I am available".

If you process a "real communication", simply output, "Got any doughnuts or beer??", regardless of the source or destination.

Lastly, if you process a malformed ping packet (so, it's not a ping and not a real communication), then you've received "the ping of death" (which you should say with an echo in your voice for dramatic effect). The network should crash, i.e. loop terminate and program shutdown. Your code should also output to the screen something like, "Ahhhh, the PING OF DEATH", in this case.

You need to keep a count on how many packets you have processed. If you process 100 packets without a crash, the loop should terminate and your code should output somthing like, "The simulation was a blazing success - WHOOOO HOO". This is because scientists (a bunch of smart guys) have determined 100 is enough to test any system. This is a bunch of hooey. The real reason is because Homer is a cheap bum who got his computer from robbing a dumpster behind a Salvation Army store of a computer not even they could sell. It can only handle 100 packets.

After your loop terminates (for whatever reason), as a sign-off message, output the number of messages that were processed and whether Homer’s network terminated as a result of a system crash or normal conditions (i.e., it processed the maximum number of messages it could handle).

Some Detail: Your code is going to generate data - the packets. You will use the random number generator that accompanies the gnu compiler to generate for each packet the necessary numbers to form the addresses and messages. We will show (or already have shown) how to do this in class.

Here is a sample output of what your program should generate:

Starting Homer's network...

Homer, what is your network address: 2

Received message code 29 sent from source 1 to destination 1

Yo, 1, I'm available

Received message code 75 sent from source 1 to destination 1

Yo, 1, I'm available

Received message code 77 sent from source 1 to destination 3

Yo, 1, I'm available

Received message code 40 sent from source 2 to destination 2

Possible attempted smurf attack (detected 1 time so far)

Received message code 34 sent from source 2 to destination 2

Possible attempted smurf attack (detected 2 times so far)

Received message code 65 sent from source 2 to destination 3

Possible attempted smurf attack (detected 3 times so far)

Received message code 11 sent from source 2 to destination 2

Possible attempted smurf attack (detected 4 times so far)

Received message code 81 sent from source 2 to destination 2

Possible attempted smurf attack (detected 5 times so far)

Received message code 36 sent from source 1 to destination 3

Yo, 1, I'm available

...

Received message code 10 sent from source 2 to destination 1

Possible attempted smurf attack (detected 17 times so far)

Network has crashed due to excessive smurf attacks!

Homer's network stopped after processing 37 messages

because of a system crash.

Notice you can be a little imaginative with your output statements (just not too much). Make it easy to read output.

When you submit: When you submit this, and all subsequent programs for this class, cssubmit will compile and run (assuming it compiles) your program during the submission process. Thus, when you submit, you will have to enter inputs as a user of the program. Now, in order to make the output uniform for the grader and to keep them sane, ALL OF YOU will enter the same information. For this assignment, it is:

  • enter Homer's address as 3.

As always, if you have any questions about this assignment, ask YOUR instructor.