hi
yes indeed QOS is one of the solutions that mitigate DOS or distributed DOS attacks if used correctly i.e all control protocols including hellos.. have an ip precedence of 6 or 7 so if you assign other traffics those ip precende you may run into some issues since the control protocols will have the same priority in treatement as that traffic with 6 or 7.
also if you configure qos this control protocols will have 25 percent of the available bandwidth by default UNLESS YOU TOuch the command max-reserved-bandwidth.
but qos only is not sufficient ie if a hacker send tousands or handreds of thousand of fragmented packet that will eat up all your CPU so you end up with crashed router, same if some send a lot of half open tcp session , or half open udp that will eat up your memory..
so qos with other tools can help mitigate that kind of attacks but still DOS attack remains one the most difficult to eliminate totaly. other tools are specialized devices IPS IDS PIX ASA...
HTH
do rate if it helps