Defending QUIC from acknowledgement-based DDoS attacks