Denial of service (DoS) attacks are major threat againstavailability in the Internet. A large number of countermea-sure techniques try to detect attack and then filter out DoSattack packets. Unfortunately these techniques that filterDoS traffic by looking at known attack patterns or statisticalanomalies in the traffic patterns can be defeated by chang-ing the attack patterns and masking the anomalies that aresought by the filter. Hence, detecting DoS traffic is one ofthe main challenges for filtering techniques. Furthermoretechniques that drop any malicious packet need to processthe packet and processing is time-consuming.This paper addresses how an efficient and good filter canbe designed by helping an overlay network layer to mitigateDoS attacks. Fosel (Filtering by helping an Overlay Secu-rity Layer) filter is independent from DoS attack types, sowe do not worry about the changing attack patterns. Fur-thermore it reduces processing time noticeably.Through simulation this paper shows by employing Foselfilter, DoS attacks have a negligible chance to saturate thetarget by malicious packets. Our simulation demonstratesthat Fosel architecture reduces the probability of successfulattack to minuscule levels. Furthermore Fosel is between10% and 50% faster than SOS (Secure Overlay Services) architecture to drop malicious packets based on attackrate.