The network has enabled enormous volumes of services without any restrictions, different users need to have access to the service provided are more focused by malicious users. It is imperative to identify malicious entry or access to services, hence this paper discusses the various aspects of malicious access due to DDoS attacks and on how to detect it also this method uses the decisions made by hackers to manage the Traceback information science. In this paper, we consider the flash crowds based on the difference between DDoS attacks, a flash crowd is used to mitigate the DDoS attack. There is a tendency to see information on flux entropy variations on routers’ short-term and store them. Once the victim has been aware of a DDoS attack, the victim starts pushback tracing. The initial Traceback rule identifies its upstream routers where attacks have taken place and transmits the requests for Traceback to the upstream connected routers. If the flow rate is low, the low detection rule is initiated to trace the attackers and therefore the study is evaluated based on the instances where the packets are attacked by malicious users. The evaluation is conducted based on whether the packet traversed is malicious or normal and finally the accuracy of IP Traceback techniques and time complexity are tested.