Followed by the rapid development of the Internet, the network security catches more eyes on it gradually. Under this subject, there is still no complete solution for protection against Distributed Denial of Service (DDoS) attacks. Though, the related technique for information security is getting better day after day, how to create an effective scheme for defending DDoS attacks is one of the major issues for internet administrations. The key point on defending DDoS attacks is to distinguish the assault traffic from legitimate traffic. This thesis proposes Dynamic Level Weight Distribution (DLWD) scheme which classifies the traffic and applies unique policy to distinct traffic. While being attacked, this scheme can really alleviate the damage, guarantee the service quality for legitimate users, and confine the bandwidth used by those malicious attackers. We adopted NS2 for simulation and comparison, and verified that this scheme can defend DDoS attacks effectively.