How do you detect and mitigate a Distributed Denial of Service (DDoS) attack targeting a critical web service?