One method is by looking at your logs (on your syslog server reporting events on your access-lists) to see a large volume of packets on different ports getting blocked (same source). This is a difficult and manual method, and one that relies on your access-lists to block it and log it.
A better method is using an IDS (Intrusion Detection System), either network (Cisco IDS 4200 Series) or host based (Cisco's is called Entercept), that will report this to you in a proactive manner. IDS sensors analyze traffic in real time, enabling users to quickly respond to security breaches. They can also be used to block attacks. They compare packets/events to a list of signatures that identify what the event actually is.
Hope it helps.
Steve