A mobile app backend is hosted on AWS and is experiencing frequent DDoS attacks. The backend services are critical for business operations and must remain highly available. Which layered defense strategy would you implement to ensure the resilience of the backend services?