Protect firebase database listeners from DOS network attack and abuse of simple credentials

Firebase makes so much sense on the phone. but not for the internet, everyone knows that

• I am using firebase
• They know the url of the database
• They see how the database is structured for the parts that I allow them to read.
• A DOS attack can happen by opening many listeners in the database

I want to implement a listener in news feeds, bookmarks and mail drafts so that the user can continue editing from the phone, for example. Yes, I know that the security rules protect the database, so nobody can read other users' data. But that doesn't protect me from abuse.

Is there any other way to use realtime sync without compromising security? in addition to using the cloud-based features to check the link every minute or on click.