DOS and DDOS Approaches
Traffic filtering: verify all incoming traffic source addresses for validity (requires a lot of processing)
Traffic limiting: When a flood of packets are entering the network, limit incoming access regardless of source (some may be legitimate)
Traffic anomaly detectors: Perform analysis of traffic to see what normal traffic looks like, block abnormal patterns