Distributed Denial of Service (DDoS) attack is one of the most challenging security issues over Wireless Ad Hoc Networks that deprive all legitimate flows from a fair share of bandwidth by overwhelming the buffer space of network resources. The attack process is performed by controlling many of hosts called "zombies" to attack a single victim by planting a zombie program on these machines. With lots of zombie hosts cooperation, the size of an attack can be damaging. The great demand for security, place particular emphasis on the detection and prevention approaches. This paper is focusing on DDoS attack that exploit the weaknesses in Transmission Control Protocol (TCP) over Mobile Ad Hoc networks (MANETs), TCP incorrectly triggers the congestion control mechanism to defend against DDoS attack, which leads to performance degradation.

The simulation results show that our Protected Dynamic end-to-end Congestion avoidance me-chanism used in TCP-PDCM has the best perfor-mance results under DDoS attack of all other TCP variants over MANETs.