The paper "Controlling High Bandwidth Aggregates in the Network" by Ratul Mahajan, Steven M. Bellovin, Sally Floyd, John Ioannidis, Vern Paxson, and Scott Shenker discusses the vulnerabilities of the current Internet infrastructure to denial of service (DoS) attacks and flash crowds, which are characterized by severe congestion caused by specific aggregates of traffic rather than a single flow or general traffic increase. The authors propose two mechanisms to address these issues: Local Aggregate-Based Congestion Control (Local ACC) and Pushback. Local ACC involves a local mechanism at a single router to detect and control an aggregate causing congestion. This mechanism identifies the aggregate responsible for congestion and limits its throughput to prevent degradation of service for other traffic. The paper also introduces Pushback, a cooperative mechanism where a congested router can request upstream routers to rate-limit traffic corresponding to the identified aggregate, preventing upstream bandwidth from being wasted on packets that will be dropped downstream. The authors provide detailed descriptions of both mechanisms, including algorithms for identifying high-bandwidth aggregates, determining rate limits, and propagating pushback requests upstream. They also present simulation results to evaluate the effectiveness of Local ACC and pushback in various scenarios, including DoS attacks and flash crowds. The simulations show that Local ACC and pushback can significantly reduce the impact of congestion caused by aggregates, although pushback may introduce some degradation for legitimate traffic in certain cases. The paper concludes by discussing the advantages and limitations of pushback, emphasizing that it is not a panacea and can sometimes make matters worse if not used carefully. It also addresses implementation and operational issues, such as the potential complexity of managing a large number of rate-limited aggregates.The paper "Controlling High Bandwidth Aggregates in the Network" by Ratul Mahajan, Steven M. Bellovin, Sally Floyd, John Ioannidis, Vern Paxson, and Scott Shenker discusses the vulnerabilities of the current Internet infrastructure to denial of service (DoS) attacks and flash crowds, which are characterized by severe congestion caused by specific aggregates of traffic rather than a single flow or general traffic increase. The authors propose two mechanisms to address these issues: Local Aggregate-Based Congestion Control (Local ACC) and Pushback. Local ACC involves a local mechanism at a single router to detect and control an aggregate causing congestion. This mechanism identifies the aggregate responsible for congestion and limits its throughput to prevent degradation of service for other traffic. The paper also introduces Pushback, a cooperative mechanism where a congested router can request upstream routers to rate-limit traffic corresponding to the identified aggregate, preventing upstream bandwidth from being wasted on packets that will be dropped downstream. The authors provide detailed descriptions of both mechanisms, including algorithms for identifying high-bandwidth aggregates, determining rate limits, and propagating pushback requests upstream. They also present simulation results to evaluate the effectiveness of Local ACC and pushback in various scenarios, including DoS attacks and flash crowds. The simulations show that Local ACC and pushback can significantly reduce the impact of congestion caused by aggregates, although pushback may introduce some degradation for legitimate traffic in certain cases. The paper concludes by discussing the advantages and limitations of pushback, emphasizing that it is not a panacea and can sometimes make matters worse if not used carefully. It also addresses implementation and operational issues, such as the potential complexity of managing a large number of rate-limited aggregates.