Denial of Service attacks is divided into two types, one is logic attack and the another one is flooding attack. Logic attack exploits security holl of the software such as operating system and web server bugs, then causes system crash or degrade in the performance. Logic attack can be defended by upgrading software and/or filtering particular packet sequences. Comparing each packets of the flooding attack and the other normal communication traffics, the only difference is the number of the packets. Flooding attack creates enormous amount of packets. Therefore, to protect systems from flooding attacks, the same method for logic attacks can not be used. During the network operations, flooding attack is usually detected by using traffic monitoring tools such as MRTG. However those tools will not detect the attack automatically. In this paper, the method for automatic detection of the flooding attacks is described. For the monitoring tools, AGURI, that we have developed, is used. Using the traffic pattern aggregation method, AGURI can monitor the traffics in a long term and detect flooding attacks.