As part of Piwik's multi-layered security approach, there are a number of areas which could detect possible attack and mitigate (e.g., block).
Scenarios:
Could optionally be extended to tracking requests with caveat that this would have some impact on performance.
Note: some of the above involves integration with the web server (e.g., Apache); I have no idea how doable some of this is with other servers (e.g., IIS, lighttpd, nginx, cherokee, jetty, tomcat, ...).
See also: #2888