I get the idea, seems like a hot topic in the comments and a solution is definitely possible. The "placing protocols to avoid abuse" seems like the most difficult part :).
Yeah the controls part is always tough. Remember, a mechanism can be out in place but it needs not be fast nor easy. Maybe slowness can help? Good luck!
I ended up allowing a mechanism to exclude ip addresses for a specific user. The step after this is too have certain IPs excluded from the entire IPDetective list and not just for a specific user.