SPV clients behaving normally are highly abusive: they use up maximum
node resources with minimum cost to themselves.
This must be a new use of the word "abuse" I haven't come across before :)
At any rate, some of these assumptions are incorrect. Botnets of compromised web servers are quite common, and asymmetry in node resources is obviously biased against the kinds of devices people increasingly have (phones, tablets) where extremely limited memory bandwidth is common and apps routinely have just 16 or 32mb of memory to do everything including the GUI.
A good anti-DoS strategy looks much the same as a good load shedding strategy. There's little reason to treat them separately. Perhaps instead of talking about DoS we should instead talk about what happens if Bitcoin suddenly gets too popular. Now there are suddenly lots of good users all wanting to use the network, and not enough nodes to support them all. What do we do?
Some rules seem obvious - try to prioritise existing users over new users, old coins over new coins (dPriority already does this) etc. If you run out of TCP sockets prefer to disconnect recent connections (probably new users) to long lived connections (probably high powered backbone peers). If you run out of disk seeks prefer processing new blocks to serving old parts of the chain, etc.