Laserly One: Oh make no mistake; I do have resources to put to the problem in the event that someone makes a concerted effort to attack my specific address and am not shy about going after them in retaliation if need be. The thing is, I have found it better not to "need be". However the kinds of attacks that the OP refer to (and I have seen when I did use a standard port number) are NOT this kind of attack. They are coordinated zombie attacks that happen so slowly that most log scanners tend to miss the actual threat. Indeed I only noticed it when doing a manual scan of the log files and the pattern jumped out at me. This is the kind of attack I am advising that moving your port number will avoid. Directed attacks are a whole other ball of wax.
Originally Posted by laserlight
And since you brought up the analogy of ciphers I would remind you of the other aspect of ciphers that only really experienced folks should try to implement them. Bad ones are easy to crank out but good ones take time and effort. My solution to this takes neither time nor effort and if someone of mediocre experience and little time wants to stop the attack, I posit that doing what I suggest is far more effective than any hastily-enacted defense of port 22. If nothing else it *will* buy them time to work up a better defense but at worst the attack is thwarted in seconds with no additional infrastructure. I am not now nor have I ever implied that this is adequate to protect something major like a business or research facility but it is a viable defense for the average home server.