From what i read it's hard to get around some of these DDOS attacks. My idea is why not only have a login server to the internet. Once you log in and your account it is verified then it checks your IP address which is not a hard process. Then it attaches you to the server after that and only allows your IP address that was verified. Wouldn't matter if your IP address ever changed because the login server would check your IP the next time you logged into it again. This way only the logging server could be effected by the DDOS attacks and if it takes a minute or two longer to Log in who cares as long as it doesn't effect the game. Login server could have QOS so DDOS attacks couldn't take all the bandwidth.