It's theoretically impossible to have an anti-DDoS on an open network: this is because it has to be receptive to new, previously unknown senders/clients.
You could limit things by having a closed network, with an open-network essentially being a gateway to the closed network, but the open portion would still be vulnerable.
In a purely closed network you could achieve anti-DDoS by (1) having all nodes w/ a [known] static address, (2) rejecting all traffic from an unknown address, and (3) when a node starts saturating the network, exclude it for a length of time.
I agree with your premise but must ask....if every legitimate connection from a PS or an XBox comes from a MAC address already known to Sony/Microsoft by virtue of the fact that they assigned/recorded such addresses at time of manufacture could they not set up a firewall/filter that rejected traffic from unknown MAC addresses?
I also confess to being mostly unfamiliar with the DOS-ers methods i.e. are they using hacked consoles or are they using PCs running scripts etc.?
I realize spoofing etc might defeat such countermeasures in part and that the vast majority of consoles are behind routers, gateways, etc.
I know that a variety of sites, some legitimate and others less so, have fought these battles in the past and achieved some semblance of immunity.