A method and apparatus for defending against denial of service (DoS) attacks which employ IP (Internet Protocol) address spoofing. In accordance with an illustrative embodiment of the invention, a carrier offers a "premium" service which comprises marking IP data packets based on whether it has in fact been able to verify the accuracy of the specified IP source address. This marking flag may be implemented with use of a zero/non-zero Type-of-Service (TOS) field value in the IP header, and verification of the source address may be performed with use of a Reverse Path Forwarding (RPF) or other similar such test. The "premium" service is referred to herein as "IP CallerID."