DDoS attacks are rapidly growing bigger and upsetting online businesses than ever before.During 2012, DDoS attacks were performed on six US banks, viz, Bank of America, JP Morgan Chase, US Bancorp, Citigroup, and PNC Bank. The attacker(s) bombarded their targets with crest traffic of more than 60 gigabits per second. In 2013, Spamhaus, an antispam organization, was the victim for a DDoS attack of 300 gigabits per second. CyberBunker, a Dutch company, outwardly performed this attack on Spamhaus and got blacklisted after it. During 2014, the security company named Cloudflare was struck by 400 gigabits per second of traffic. Initially, the attack was aimed at one of Cloudflare's customers, but it later spread to the Cloudflare's own network. In 2018, a record-breaking attack was performed on GitHub, a popular code hosting website, with an impulsive blitz of traffic that marked the scales at 1.35 terabits per second. At this moment, from freelance websites to multinational banks, it sounds like nobody has enough online security. This paper presents a novel low and high-rate DDoS attack detection using statistical metrics. The NS3 simulation result shows that the proposed method detects the low and high volume of attacks in minimum time with reduced false positive and false negative than the existing method.