A company is operating a web application on Amazon EC2 instances, which are protected by an Application Load Balancer (ALB). Recently, the application has been subjected to a DoS attack where the logs indicate a consistent pattern of requests originating from a limited number of client IP addresses that frequently change. To mitigate this threat with minimal ongoing management, which strategy should the company implement to effectively block the malicious traffic?