© 2017 Association for Computing Machinery. DDoS attacks are a threat to the security of the network. In recent years these attacks have been directed especially against the application layer. This phenomenon is mainly due to the large number of existing tools available for the easy generation of this type of attack. The methods used in the application layer reach detection rates of between 98.5 and 98.32%. Therefore, the problem of detecting DDoS attacks persists. In this work we propose a detection alternative based on the dynamism of the web user. To do this, two mouse characteristics are evaluated: movement and right click. A dataset of 11055 applications was also used, from which the two characteristics were extracted and entered into a classification algorithm. To this end, a Java application was developed for the classification of real users and those behind DDoS attacks. The results show that the proposed characteristics achieve an efficiency of 100%. It is concluded that these characteristics reveal the dynamism of the user and can be used as a method of detection of DDoS attacks.