Here are two types of attacks that are intended to monopolize your system’s resources.
Amplification attacks generate a high volume of packets to flood the target website without alerting the intermediary, by returning a large reply to a small request. The basic defense against these attacks is blocking spoofed-source packets.
DNS amplification attacks for example use DNS requests with a spoofed source address as the target.
As you can see, an attacker uses a modest number of machines with little bandwidth to send fairly substantial attacks. This is done by spoofing the source IP of the DNS request such that the response is not sent back to the computer that issued the request, but instead to the victim. Using very simple tools the attacker can send many thousands of spoofed requests to open revolvers, and the responses — which are much lager than the request — amplify the amount of bandwidth sent to the victim.