LDoS　(low-rate　denial-of-service)　was　a　new　type　of　DoS　attack.　In　this　paper,　LDoS　attack　traffic　was　simulated　on　OPNET　platform　and　generated　by　estimating　the　retransmission　time　out　(RTO)　of　normal　TCP　flow　based　on　the　analysis　of　LDoS　attack　features,　and　the　performance　of　targets　under　the　attacking　of　LDoS　was　tested.　We　investigated　the　cache　queue　of　target　router　for　the　purpose　of　detection　and　defense　of　LDoS　attack.　Test　result　show　that　two　criterions　--　packet　percentage　and　threshold--can　detect　LDoS　attack　flows.