COBRAM: Component-Based Reusable Adaptive Mitigation for Mobile Ad-Hoc Networks
M. A. Fecko
Date: February 01 - February 01, 2017
This paper presents component-based reusable adaptive mitigation (COBRAM) – a novel framework for defending against control and data plane attacks on wireless network protocols. The COBRAM system consists of two main parts: the mitigated protocol-components and the component activation engine. It applies several novel mitigation techniques embedded in the specific protocol components to maximize the reusability of mitigations across multiple protocols and attacks. The activation engine selects the appropriate mitigated component based on the type of the detected attack(s) and the inferred network state. An extensive performance evaluation showed that COBRAM can restore network throughput to 60-88% of the baseline with 44% of the nodes attacking, with outages limited to 5-20s.