It's ultra easy to understand. Instead of protecting a website, or board, with random letters or number to fill in a box, in order to verify it's a human posting, the proof of work captcha make the computer solve a simple mathematical problem. This way, a DDos attack, or massive bot spamming, would be countered by the fact that the attacking computer would use a lot of CPU ressources, thus spamming itself, rendering the spam not cost-effective.