Hi,
That is a very broad area and the SSG code isn't really tuned to perform network diagnostics. Your best bet would be the port mirror captures from the switch. You can use the 'Statistics' option in wireshark to identify the top talkers.
That said, you can look for the below on the SSG:
1. Interface stats ==> get counter stat int e0/1 (or any other interface). Repeat this a couple of times and look for increments of errors like in-overrun, unknown packet etc.,
2. If the fllod is not being dropped on the interface and reaching the processor, CPU utilisation will raise based on the amount of traffic. Track this with 'get perf cpu all detail'
3. SSG does have a good number of protection featues against floods and DOS attacks, like syn flood protection, session limit etc., If they are turned ON in your DMZ zone, you will see alerts in the event log (get event). The source IP will be reported here.