Mitigation of control plane attacks at the network layer

We describe the design, implementation and testing of the Component-Based Reusable Adaptive Mitigation (COBRAM) system, which is designed to mitigate attacks against control plane protocols at the MAC and routing layers of mobile wireless networks. The main parts of the COBRAM system are: (1) a set of extensible mitigation techniques that modify or extend a node´s protocol components to resist attacks; (2) an intelligent activation engine that invokes these mitigation techniques based on externally provided reliability metrics and its own network observations; and (3) a network performance feedback system to determine the effectiveness of a deployed mitigation technique. All three parts of the COBRAM system were implemented and tested in various scenarios to determine its effectiveness in thwarting various control plane attacks by both single and multiple compromised nodes. In the scenarios of up to 48 nodes, COBRAM has been shown to restore network throughput to 60-88% of the baseline with 44% of the nodes attacking, with outages limited to 5-20s.