Low-rate denial of service (LDoS) attack is a new class of DoS, which exploits TCP's congestion con- trol mechanism. LDoS attack can reduce the throughput of the attacked link by sending low-rate packets in the way of periodic pulse. Because of its low-rate characteristic, it can elude the monitor of traditional detection approach. Most applications in the Internet use TCP protocol, so the dam- age of LDoS attack is not inferior to the traditional °ood type DDoS attack. The characteristics of LDoS attack in frequency domain were analyzed, by adopting digital sig- nal processing technology. The ¯ltering algorithm was de- signed as a Finite impulse response (FIR) ¯lter to eliminate the illegitimate frequencies in frequency domain. Exper- iments result show that 92.88% of LDoS attack energy is ¯ltered, and 19.75% of normal energy is eliminated.