This article proposes a traffic anomaly detector, operated in post-mortem and in real time, through the passive monitoring of packet traffic headers. Frequent attacks on the network infrastructure, using various forms of denial of service attacks, have led to a greater need to develop techniques for analyzing network traffic. If efficient scanning tools were available, it could be possible to detect attacks, anomalies and take steps to contain the attacks properly before they had time to propagate through the network. This article suggests a technique for detecting traffic anomalies based on the analysis of the correlation of destination IP addresses in outbound traffic on an outbound router. This address correlation data is transformed using discrete wavelength transform for the effective detection of anomalies by statistical analysis. The results of the screening-based evaluation suggest that the proposed approach could provide an effective means of detecting anomalies close to the source. A multidimensional indicator is also presented using the port number correlation and the number of flows as an anomaly detection means.