Date Added: Jan 2011
Recent events have illustrated the Internet's vulnerability to both Denial of Service (DoS) attacks and flash crowds in which links (or servers) in the network become severely congested. In both DoS attacks and flash crowds, the congestion is neither due to a single flow, nor due to a general increase in traffic, but to a well-defined subset of the traffic - an aggregate. This paper proposes Aggregate-based Congestion Control (ACC) to protect the network from such aggregates. The approach involves mechanisms for detecting and controlling high-bandwidth aggregates at the congested router, and a cooperative mechanism pushback, using which these aggregates can be controlled upstream.