This academic paper presents the theory and use of an algorithm designed to detect denial-of-service (DoS) attacks by an adversary who has detailed knowledge of the system under attack.
The description is very detailed, but not enough to allow the reader to reproduce the algorithm described. The attack space is constrained by limiting the system to one that reads records from a distributed database. While this covers many systems, it is hardly comprehensive.
In summary, the proposed algorithm is a creditable effort, with a sound basis in theory. The paper is recommended reading for those with a commercial or academic interest in the field of online security.