You can protect your site from such attacks by enabling rate-limiting feature. It will block the IP if it crosses a limit of requests in a minute.
As a normal human will not make more than 100 requests on a site in a single minute. So if any IP is making more than the limit it can be a Dos attack to consume server resources.
To enable rate-limiting follow these steps.
1. Go to Firewall->Rate-Limiting tab in the plugin.
2. You will find an option Rate Limiting for normal users.
Just choose the action you want to take once the rate limit is reached and the limit of the requests.