Using the COMPA autonomous architecture for mobile network security

The COMPA (Control, Orchestration, Management, Policy, and Analytics) adaptive control loop realizes an automation pattern that can operate recursively at many layers in a carrier network. An overall COMPA autonomic control loop can orchestrate functions, themselves implemented as COMPA autonomic loops. Thus the COMPA automation patter can recurse right down to resource level in a network. One of the most exciting application areas for the COMPA automation pattern is in assuring mobile network security. The recursive nature of the pattern is the ideal mechanism for automating monitoring and root cause analysis of security threats to networks. In this paper we present a Proof of Concept of a COMPA compliant system for a Distributed Denial of Service (DDoS) scenario. The system monitors, performs root cause analysis, and mitigates a DDoS attack. The system was built by integrating a number of existing components that were deployed as VNFs. Our experiences of using the system were that the system could handle a DDoS attack quickly and automatically. In addition, the system was very flexible to build and deploy.