In Mobile Ad hoc Network (MANET), data and route security are the primary concerns. One of the major techniques used to ensure data and route security is an intrusion detection and mitigation system (IDS). MANET attacks can be classified into active and passive attacks. Among active attacks, the rushing attack is one of the basic network layer attacks. In MANET, it early exploits the duplicate suppression mechanism of Ad hoc on-demand distance vector (AODV) protocol by quickly forwarding the RREQ packet to neighboring nodes without processing it, to influence a source node to include the rushed node in its route, which leads to data loss when transmitting the data packet to the correct destination node.
This document proposes the rushing attack detection and prevention algorithm called Early Rushing Attack Detection and Prevention in AODV MANETs (E-RADP) to fill this gap. In our proposed algorithm, instead of a single constant threshold value, a ratio of the RREQ time and hop count, and previous time stamps are introduced into the RREQ packet header. To advance security, threshold value, ratio, and intermediate delay are used for rushing attack detection and prevention processes. For the performance analysis, the network simulator NS2.35 is used. The proposed protocol is compared with AODV, Prevention of Multiple Rushing Attacks Using AODV Routing Protocol (PMRA), and Rushing Attack Prevention with modified AODV (MAODV) based on true positive, true negative, false positive, and false negative values of normal and malicious nodes, and throughput, packet delivery ratio and end-to-end delay. E-RADP improves the rushing attack detection rate (DR), throughput, and packet loss rate (PLR) of existing protocols. It also improves the end-to-end delay (E2ED) of existing protocols when a rushing node is present in a MANET. Thus, the performance analysis shows that E-RADP is highly secure and faster than existing algorithms.