In Proof of Work-based blockchains, a built-in rate limit is enforced by the mining difficulty adjustment and the message fees. Without this filter, however, an attacker may be able to easily issue a very large number of messages to potentially harm the network. In order to enable the machine-to-machine economy, IOTA does not allow neither mining race nor fees, which makes an explicit rate control mechanism necessary to prevent spam and denial-of-service attacks.
In Coordicide, we propose a mechanism called Adaptive Proof of Work: In order to issue a new message, the issuing node is asked to compute a small Proof of Work (orders of magnitude smaller than in Bitcoin). If the node tries to issue consecutive messages in a short time interval, then it has to solve a progressively more difficult puzzle - making it impossible to create a burst of transactions. The mechanism described acts as an emergency break during spam attacks, by slowing down the rate of messages a node can generate. For honest nodes, the Proof of Work, however, should be small enough not to hamper performance.
The following graphic shows how the Proof of Work requirement is increased as the amount of messages increases, and how the requirement drops when the amount of messages drops: