Adaptive responses to trickle-type denial of service attacks

What is claimed is: 1. A computer-implemented method for mitigating effects of a trickle-type denial of service (DoS) attack, under the control of one or more computer systems configured with executable instructions, the method comprising: receiving a plurality of requests to a Web server; providing, by the Web server, a processing thread for each of the plurality of requests; monitoring utilization of at least one resource related to the provided processing threads; monitoring at least one parameter for the provided processing threads; in response to the monitored at least one parameter being indicative of a potential trickle-type DoS attack capable of depleting concurrently available connections to the Web server, (a) iteratively increasing a maximum number of concurrent threads to the Web server by adjusting the maximum number after an amount of time elapses, and (b) iteratively decreasing a timeout value for any new threads by adjusting the timeout value after the amount of time elapses until the monitored utilization of the at least one resource is below a determined utilization threshold for at least a determined minimum period of time; and iteratively decreasing the maximum number of concurrent threads and/or iteratively increasing a timeout value for new threads to normal operational settings when the monitored utilization is below the determined utilization threshold for at least the determined minimum period of time, wherein the concurrently available connections are based at least in part on Web server resources allocated to handle established connections and pending connections to the Web server. 2. The computer-implemented method of claim 1 , wherein each iterative decrease of the maximum number of concurrent threads and each iterative increase of a timeout value for new threads occurs after the monitored utilization of the at least one resource is below a determined utilization threshold for at least the determined minimum period of time for a previous maximum number of concurrent threads and a previous timeout value. 3. The computer-implemented method of claim 1 , wherein the monitored at least one parameter includes at least one of a ratio of different data transfer rates, a ratio of available threads to established threads, a ratio of packets received per thread per unit time, an amount of variance in the packets received per thread per unit time, a ratio of bytes received per thread per unit time, an amount of variation in packet size, an amount of variation in header information, or an amount of unrecognized header information. 4. The computer-implemented method of claim 1 , further comprising: terminating, by the Web server, the handling of a request found to be indicative of a trickle-style DoS attack. 5. The computer-implemented method of claim 1 , wherein processing thread for each of the plurality of requests includes generating a new thread for each request or assigning a thread for each request from a managed thread pool. 6. A computer-implemented method for dynamically adjusting connection parameters, under the control of one or more computer systems configured with executable instructions, the method comprising: receiving a plurality of requests to be processed to a server; assigning a processing thread for each of at least a portion of the plurality of requests, up to a maximum number of concurrent threads; monitoring at least one parameter for the assigned processing threads; in response to the monitored at least one parameter being indicative of illegitimate activity for at least a portion of the plurality of requests, the illegitimate activity capable of depleting concurrently available connections to the server, (a) iteratively increasing the maximum number of concurrent threads to the server by adjusting the maximum number after an amount of time elapses, and (b) iteratively decreasing a timeout value for any new threads by adjusting the timeout value after the amount of time elapses until the monitored utilization of the at least one resource is below a determined utilization threshold for at least a determined minimum period of time; and iteratively decreasing the maximum number of concurrent threads and/or iteratively increasing a timeout value for new threads to normal operational settings when the monitored utilization is below the determined utilization threshold for at least the determined minimum period of time, wherein the concurrently available connections are based at least in part on server resources allocated to handle established connections and pending connections to the server. 7. The computer-implemented method of claim 6 , wherein the number of available threads is able to be increased and the timeout value is able to be decreased to optimize at least one of a number of requests handled per unit time or an average amount of resources needed to process each request. 8. The computer-implemented method of claim 6 , further comprising: in response to the monitored at least one parameter being indicative of illegitimate activity for at least a portion of the plurality of requests, further causing early termination of any of the requests indicative of illegitimate activity. 9. The computer-implemented method of claim 6 , wherein the monitored at least one parameter includes at least one of a ratio of different data transfer rates, a ratio of available threads to established threads, a ratio of packets received per thread per unit time, an amount of variance in the packets received per thread per unit time, a ratio of bytes received per thread per unit time, an amount of variation in packet size, an amount of variation in header information, or an amount of unrecognized header information. 10. The computer-implemented method of claim 6 , wherein the maximum number of concurrent threads is increased directly to a first duress value and the timeout value for new threads is decreased directly to a second duress value. 11. The computer-implemented method of claim 6 , wherein the maximum number of concurrent threads and the timeout value for new threads are adjusted iteratively until utilization of at least one resource used to process the threads is below a determined utilization threshold. 12. The computer-implemented method of claim 6 , wherein the maximum number of concurrent threads and the timeout value for new threads are able to be adjusted back to default values specified in a configuration file. 13. The computer-implemented method of claim 6 , wherein the at least one parameter for the assigned processing threads is monitored for all established threads in combination, each established thread individually, or a sub-set of the established threads. 14. The computer-implemented method of claim 6 , further comprising: monitoring headers received through the plurality of requests; and generating a set of common request headers. 15. The computer-implemented method of claim 14 , wherein the at least one parameter indicative of unintended activity includes a number of request headers not included in the set of common request headers. 16. The computer-implemented method of claim 6 , wherein the at least one parameter indicative of unintended activity includes a ratio or percentage of packets of a common size less than a maximum transmission size. 17. A computer-implemented method for mitigating effects of a trickle-type denial of service (DoS) attack, under the control of one or more computer systems configured with executable instructions, the method comprising: receiving a plurality of requests to a Web server operating in