Sorry for the late reply.
The conclusion interest me. Bitcoin have 12775 nodes (according to
https://bitnodes.io/ which exclude node which don't accept incoming connection), so DoS cost is quite expensive and it probably only reduce propagation speed to whole network. However, it's major concern for altcoin which have very few full node count.
I agree that a DoS attack against the whole Bitcoin P2P network would probably be very expensive. However, attacking the most connected nodes might be a more cost-effective attack strategy than attacking random nodes. Therefore it is desirable to protect the identity of well-connected nodes.
They are both correct (ignoring the errors coming from their methodology). Bitnodes shows nodes that are listening for incoming connection (among spy nodes) but the other is showing all nodes in existence including nodes that don't listen for incoming connections.
See
https://luke.dashjr.org/programs/bitcoin/files/charts/historical.html which differentiates between listening and non-listening nodes.