Abstract: Different from traditional DoS attacks, low-rate DoS (LDoS) is stealthy, periodic and low-rate in attack volume, and is very hard to be detected and defended in time. Regarding these features of LDoS attack, we present a real-time mitigating mechanism based on Q -learning for LDoS attack. Taking the adaptation control system as the target of protecting, a Q -learning module implemented with BP-neutral network, which takes characteristic parameters extracted periodically from network as its input, is used to make choice of the best defense measures. The selected defense measure then is carried out by the victim system. Defense measures are designed based on dynamic service resource allocation. The mitigating mechanism adjusts the service capability of system in real time according to the system running state, so as to ensure the service quality offered to normal service requests. Finally, the attack scenario and whole mitigating process are modeled and simulated by CPN and BP neutral networks. And simulated results shows that our mitigating mechanism can relieve the effect of LDoS attack on victim system efficiently with high sensitivity.