Denial of service (DoS) attacks is among the most harmful network threats. Low-rate DoS (LDoS) attacks feature good concealment and are likely to evade detection by conventional signal analysis-based methods. A LDoS attack detection method that combines the convolutional neural network and the gated recurrent unit is proposed in the present work. To evaluate the proposed method, we collect real user traffic from a university's website, label the traffic with LDoS attacks as normal traffic. In order to get the real attack traffic, this paper has collected some new LDoS attack programs, such as slowloris, slowhttptest, pwnlloris, torhammer and httplog, which can be obtained from public channels, and constructed a LAN environment that conformed to the working scenario of the program. By running the attack program, the attack traffic could be obtained. In a large sample scenario, the average detection rate of our proposed method can reach 98.68%. This article focuses on the research: the average detection rate of the detection method proposed in this article in the case that the security agency can only intercept a small number of attack samples. That is, in the small sample scenario, the detection of the collected traffic shows that the average detection rate of the proposed detection method can reach 89.54% in a small sample scenario. Its effective detection rate is obviously superior to the existing similar detection methods.