It seems to me like you have two questions here:

• 1. How to identify attacks.
• 2. How to achieve 1 using Perl.

For part 1, you need to research Network security, learn what you should be looking for (searching may help). For part two you need to learn Perl:

• http://learn.perl.org
• http://perldoc.perl.org
• The Tutorials section of this site.

Update: fixed typo