Low-rate attacks are focused on bringing a target down quietly. This is very different to high rate brute-force attacks. These attacks leave connections open on the target by creating a relatively low number of connections over a period of time and leaving those sessions open for as long as possible. A famous example of these types of attacks is the Slowloris tool, which allows an attacker to take down a victim's web server with minimal bandwidth requirements and without launching numerous connections at the same time.
Slowloris is an application layer (Layer-7) DDoS attack which operates by utilizing valid partial HTTP requests. The attacker sends HTTP headers with opening connections to a targeted web server and then keeps ...