It is widely recognized that distributed denial-of-service (DDoS) attacks can disrupt electronic commerce and cause large revenue losses. However, effective defenses continue to be mostly unavailable. We describe and evaluate VIPnet, a novel value-added network service for protecting e-commerce and other transaction-based sites from DDoS attacks. In VIPnet, e-merchants pay Internet Service Providers (ISPs) to carry the packets of the e-merchants' best clients (called VIPs) in a privileged class of service (CoS), protected from congestion, whether malicious or not, in the regular CoS. VIPnet rewards VIPs with not only better quality of service, but also greater availability. Because VIP rights are clientand server-specific, cannot be forged, are usage-limited, and are only replenished after successful client transactions (e.g., purchases), it is impractical for attackers to mount and sustain DDoS attacks against an e-merchant's VIPs. VIPnet can be deployed incrementally and d...