LDoS (low-rate denial-of-service) attacks are stealthier and trickier than the traditional DDoS (distributed DoS) attacks. According to the characteristic of periodicity and short burst in LDoS flows, a detectionsystem DSBWA (detection system based on wavelet analysis) against LDoS attacks has been designed andimplemented based on feature extraction using wavelet transform. The proposed system, focusing on the number ofarriving packets at the monitoring node, extracts five feature indices of LDoS flows through wavelet multi-scaleanalysis of network traffic. Then a synthesis diagnosis is made by a trained BP neural network. Once the attack isverified, the information related to attackers can be obtained by locating malicious pulses. Simulation results in NS-2 show that the scheme DSBWA, capable of detecting the variants of LDoS attack, achieves high detection rate with low computation cost, and hence has good practical value.