A malicious attack detection system and associated method of use is disclosed. This includes receiving and parsing a header frame of a data packet into header information and internet protocol ("IP" or "TCP/IP") addresses, checking the header information for a potential malicious attack condition and if present then a constraint filter result is generated, comparing the internet protocol ("IP") addresses to determine if an internet protocol ("IP") address had been previously received, determining if an internet protocol ("IP") address had been previously received, determining the number of constraint filter results to determine if an incremented count is above a predetermined threshold during a predetermined threshold time period, and dropping at least one data packet based on a determination. Preferably, but not necessarily, the process is carried out at wire-speed meaning when a new data packet arrives, all processing above is complete with regard to the previous data packet.