Not all attacks are equal: understanding and preventing DoS in web applications
DoS attacks are simple but can be devastating: an attacker crafts and sends traffic to your app in a way that overwhelms your servers. (…) This article (…) provides a framework for engineering and application security teams to think about denial-of-service risk, breaks down DoS vulnerabilities into high-, medium-, and low-risk classes, and has recommendations for mitigations at each layer.
source