CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◬ AI & Machine Learning Jun 02, 2026

Inferring Routing-Layer Defense Mechanisms from Observable Behavior in OLSR-Based MANETs

arXiv Security Archived Jun 02, 2026 ✓ Full text saved

arXiv:2606.00184v1 Announce Type: new Abstract: Mobile ad hoc networks (MANETs) based on proactive routing protocols such as OLSR remain vulnerable to routing-layer attacks. While prior work has focused primarily on attack detection, the problem of identifying deployed defenses has received comparatively little attention. This work examines whether the presence of a routing-layer defense can be inferred from features derived exclusively from externally observable routing and control-plane behavi

Full text archived locally
✦ AI Summary · Claude Sonnet


    Computer Science > Cryptography and Security [Submitted on 29 May 2026] Inferring Routing-Layer Defense Mechanisms from Observable Behavior in OLSR-Based MANETs Nadav Schweitzer, Kiril Danilchenko, Ariel Stulman Mobile ad hoc networks (MANETs) based on proactive routing protocols such as OLSR remain vulnerable to routing-layer attacks. While prior work has focused primarily on attack detection, the problem of identifying deployed defenses has received comparatively little attention. This work examines whether the presence of a routing-layer defense can be inferred from features derived exclusively from externally observable routing and control-plane behavior. The evaluated Fictive Mitigation mechanism operates entirely within standard OLSR control traffic and introduces no new packet types, making passive detection inherently difficult. Using ns-3 simulations across baseline, attack-only, defense-only, and combined attack-defense regimes under both static and mobile conditions, we derive features from observable routing dynamics and control-plane activity available to a passive observer. Despite the restricted observability available to the adversary, the results show that defense detection remains feasible in this setting. Ensemble models achieve in-domain accuracy up to 0.91 (AUC 0.96). Cross-domain generalization is asymmetric: models trained on static data degrade under mobility (\approx 0.67), whereas mobile-trained models transfer more robustly (\approx 0.84). Restricting the model to a compact invariant feature subset of four metrics yields near-symmetric cross-domain transfer (\approx 0.86 in both directions). These findings indicate that the evaluated defense mechanism leaves a detectable statistical footprint in passively observable routing behavior, providing adversaries with a potential reconnaissance capability in protected MANET deployments. Subjects: Cryptography and Security (cs.CR) ACM classes: C.2.2; I.2.6 Cite as: arXiv:2606.00184 [cs.CR]   (or arXiv:2606.00184v1 [cs.CR] for this version)   https://doi.org/10.48550/arXiv.2606.00184 Focus to learn more Submission history From: Ariel Stulman [view email] [v1] Fri, 29 May 2026 15:08:41 UTC (411 KB) Access Paper: HTML (experimental) view license Current browse context: cs.CR < prev   |   next > new | recent | 2026-06 Change to browse by: cs References & Citations NASA ADS Google Scholar Semantic Scholar Export BibTeX Citation Bookmark Bibliographic Tools Bibliographic and Citation Tools Bibliographic Explorer Toggle Bibliographic Explorer (What is the Explorer?) Connected Papers Toggle Connected Papers (What is Connected Papers?) Litmaps Toggle Litmaps (What is Litmaps?) scite.ai Toggle scite Smart Citations (What are Smart Citations?) Code, Data, Media Demos Related Papers About arXivLabs Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)
    💬 Team Notes
    Article Info
    Source
    arXiv Security
    Category
    ◬ AI & Machine Learning
    Published
    Jun 02, 2026
    Archived
    Jun 02, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗