DoS Attack from china and other supicious contry

If it is really a distributed DoS attack (How do you know? If there are merely connection attempts, it simply could be malware...), it is typically performed through a botnet - exploited and trojanized computers of unknowing people controlled by some third party. There is little chance to find out who's behind this, but if you have more evidence, a larger impact on the availability of your site and maybe a blackmailing letter, you should forward the data to the police.

It's happening because you have a system connected to the internet. There may be other causes of course as to why you in particular right now, but you have to understand that dealing with this kind of stuff is simply part of the cost of having an online presence.

How are you determining they are attacking you? What form does the attack take? At the moment you've given us no information to help you find out if you have a particular problem.

Keep blocking the IP addresses like you are already doing. It sounds to me like the attacker targeting your website has pretty limited resources (20 IP's is a very small amount). Your website could be a deliberate target or it could be a random target chosen to test the DoS capabilities of their little network of bots or shells. The attack probably won't last very long, especially if they see that it isn't effective.

You can also simply block whole ranges of IPs if you have nothing anyone in china, or taiwan has any business with (eg not a blog but a company website that doesn't do business in china or russia). While it wouldn't stop a full botnet attack, it should help take some pressure off

Just block China's subnet with iptables