I spoke at a conference about the Prevention, Detection and Mitigation of Denial of Service Attacks years ago. Reviewing its content, I’m surprised of how current the information is even now, at least for level 3–4 DoS attacks: it’s true that there are newer techniques, but for all intents and purposes they are still the same procedures.

If I were to repeat it, the one thing I would add for sure is the recently released Roboo, the HTTP Robot Mitigator, a level 7 tool that verifies the existence of full browser stacks using advanced non-interactive HTTP challenge/responses mechanism to detect and mitigate HTTP robot and DoS attacks.