DDoS attack is a serious threat to the Internet. Although some DDoS attacks with clear signatures can be effectively countered by existing DDoS defense measures, most DDoS attacks without clear signatures (e.g., brute-force DDoS attacks) are very difficult to counter cost-effectively, since the defense system is not clear which packets are DDoS packets and which are not. Although several rate-limiting methods are proposed to counter the unclear signature DDoS attacks, each may drop good packets and their cost-effectiveness are not clearly understood. People would have a more urgent need to understand clearly the impact of the unclear signatures DDoS attacks on their network services. This paper presents a game theoretic analysis of the Internet's resilience against unclear signatures DDoS attacks when signature-based rate limiting is deployed, where (a) countering DDoS attacks is modeled as a Bayesian game, (b) a high volume of simulations is done to compute the Nash equilibria of the game, (c) a family of Nash equilibrium based resilience analyses are done, and (d) the {\em upper} bound of the defense system's resilience under unclear signatures DDoS attacks and which kinds of attacking strategies are more dangerous or more likely to be enforced by the attacker are given in the simulations. Our analysis may substantially improve people's understanding about the nature of (a) the DDoS threat and (b) the defense system's resilience against this threat.