Ad hoc network possesses the features of distribution, flexible infrastructure, and equal nodes. AA Gutub  proposes a new trend of data visualization, trying to link illogical data inputs which are as source of judgments in interactive ways. Hajj services are improved to gain advantage from the development of the exploratory data visualization technology  . However, it is vulnerable to all kinds of security attacks due to the poor security management. High security system suitable to hide sensitive text-data on personal computer is proposed and implemented  . The system hiding techniques involves AES cryptography followed by image based steganography as two layers to insure high security. The flexible security system provides security information to the user to select the cover-image within the PC based on his/her security priority  . Prevention methods such as cryptography   only consume limited resources, but also are costly. From the detection  perspective, intrusion detection system is necessary to detect attackers.
The main purpose of the congestion control is to improve the network performance by reducing the delay and buffering the overflow caused by network congestion. However, the traditional congestion control cannot be used directly in the Ad hoc network. This is because the delay and packets loss are not necessarily caused by network congestion, but may be mistaken as congestion loss. Here, we focus on the congestion control that can adapt to the security of Ad hoc networks and propose a new algorithm. By estimating the average queue length at the nodes, the congestion control is dynamically adjusted. When the occurrence of the possible congestion is predicted, the network will select a new path where all nodes have been certified as trusted nodes, generating session keys in the TCP three-way handshake to prevent the denial of service attacks. So it has important theoretical significance and the value of practical application in the field of information security and wireless network security.
2. The Design of Secure Congestion Control for TCP
2.1. The Selection of Secure Path
In the past decades, the watchdog system  using promiscuous-hearing technology has been implemented to increase the failure counter of sending node if packets loss is observed. In an adaptive confirmation system  , if the source node receives the acknowledgement packet from the destination node, it represents a successful transmission. Otherwise, the source node switches to double ACK mode to detect malicious nodes. In the proposed enhanced adaptive confirmation  system with intrusion detection, secure ACK (SACK) is an improved version of the double ACK system. When a malicious behavior is found in SACK mode, the source node will switch to misbehavior report authentication (MRA) to find an alternative path to reach the destination node, affecting the malicious behavior report.
In solving the problem of black hole attack  , all legal nodes will send joining request with a trust value of 1 at the initial stage of the network. If the requesting node does not receive acknowledgement from the delegate node, it will stop sending joining request. Each node first verifies the node’s address before processing any request and then processes the request if the node is on the trust-list. When the delegate node receives the joining request, it will validate the trust value of the requesting node. If the trust value is matched, the requesting node is added to the trusted list and gets broadcasted in the network. The threshold for the joining request is set to 20 requests per second. Figure 1 shows the algorithm’s flow chart.
The concept of bilinear mapping  is introduced to allocate the nodes’ key to handle the denial of service attacks  and ensure the security of the connection
Figure 1. The algorithm of selecting a secure path.
of TCP three-way handshake. After allocating the resource for the source node (S), S starts to send packets with authentication tags. Whenever the intermediate node detects congestion, it will send Explicit Congestion Notification (ECN) to Acknowledgement (ACK)  .
2.2. The Design of Congestion Control
A simple example is shown in Figure 2. The source node S sends packets to the destination node D, the primary path is S to 1 to 3 and then to D. When intermediate node 1 predicts the occurrence of possible congestion, it will stop sending packets and initialize the safe route discovery mechanism. From the trust-list of node 1, node 2 is selected as the next hop. After receiving the packets from node 1, node 2 will send packets to the destination node D.
The average queue length can provide a direct measurement of the congestion status. The maximum value of the threshold (Max) and minimum value of the threshold (Min) are set to the queue length respectively, and the queue threshold represents the current state of the queue. Here, wq stands for the queue weight, and the link utility would be very low if the three thresholds’ values are set too small. On the other hand, congestion may occur before the node is notified if the thresholds are too large. Equation (1), (2), and (3) are used to set the thresholds’ values.
Figure 2. A simple example for secure congestion control.
The average queue length is used to specify all traffic fluctuations, which reflect persistent congestion in the network through a long-term variation of the instant queue. The average queue length is calculated by Equation (4) as followed.
Equation (3) is used to dynamically set wq. H represents hop counts, and S represents the number of packets sent per second. If the average queue length is smaller than the value of Min and the instant queue is smaller than half of the queue length, nodes are in the normal status.
The congestion may occur when the average queue length is between the values of Min and Max, and the discovery mechanism for a secure path is initiated. When the instant queue is larger than Max, the value of Max should be reset because of the wrong selected path. If the average queue length is larger than Max, the nodes are in the congestion status and the congestion control is carried out. The flow chart of the algorithm is shown in Figure 3.
3. Simulation Results and Analysis
Here, NS-2  is used to compare the performance of the new algorithm with a secure congestion control and the TCP Reno algorithm under malicious attacks. The number of malicious nodes is set to 10 and the maximum running speed of nodes is 20 m/s. The wireless propagation model is two-ray ground.
As shown in Figure 4, during secure attacks, the new algorithm reduces the possibility of link-disconnection caused routing reestablishment. In comparison, link interruptions frequently occur for the TCP Reno algorithm. As a result, packets loss rate gets more severe with the increasing simulation time.
In Figure 5, with the increase of simulation time, the number of packets received by the receiver per second declines for the TCP Reno algorithm, resulting
Figure 3. The algorithm of congestion control.
Figure 4. Comparison of packets loss rate with different time.
Figure 5. The algorithm of selecting a secure path.
a sharp decrease in the throughput. In comparison, the new algorithm has very low packets loss rate and makes most packets received successfully, providing a relatively constant throughput.
We then fixed simulation time at 300 s and Studied the difference between the packets loss rate and the end-to-end delay under different hop counts.
In Figure 6, when the number of hop counts is less, because the nodes are in the normal status, the end-to-end delay is relatively low for both algorithms. The congestion may occur during the increase of the number of hop counts. The new algorithm selects a new path to prevent the attack of malicious nodes, while the TCP Reno algorithm continues to send packets on the original path, which can only drop packets when congestion occurs. As a result, the end-to-end delay is larger for the TCP Reno algorithm.
In Figure 7, with the increase of hop counts, the probability of packets loss in the network will increase for both algorithms. The TCP Reno algorithm causes serious packets loss due to its incapability to predict the congestion. In comparison, the new algorithm makes a prediction based on the average queue length and changes the path in advance, reducing the number of packets loss.
Figure 6. Comparison of end-to-end delay.
Figure 7. Comparison of packets loss rate with different hops.
The simulation results above indicate that the new algorithm is always superior to the TCP Reno algorithm in terms of security, network throughput, end-to-end delay, and packets loss rate.
We propose a new secure congestion control mechanism by using the average queue length to predict the degree of congestion in the network. By comparing the performance of the new algorithm and the TCP Reno algorithm under malicious attacks, the simulation results show that the new algorithm has better performance in security, network throughput, end-to-end delay, and packets loss rate. Thus, the performance can be improved effectively in Ad hoc networks.