Low-rate denial of service (LDoS) attack can cause the packets loss of the legitimate users and reduce the transmission performance of the transport system by sending short bursts of packets periodically. The LDoS attack flows always mix with the legitimate traffic, hence, it is hard to be detected. This study designs an LDoS attack classifier based on network model, which uses hidden semi-Markov model (HSMM), and deploys a decision indicator to detect LDoS attacks. In this method, wavelet transform is exploited to compute the network traffic’s wavelet energy spectrum entropy, which is used as the input of the HSMM. The proposed detection method has been evaluated in NS-2 and Test-bed, and experimental results show that it achieves a better performance with detection rate of 96.81%.