In the present era of information technology, the technology in World has become more advanced; law enforcement agencies must provide their computer crime investigators with the technology required to conduct complex computer investigations. Besides access to technology, law enforcement agencies must also be given Forensic Computer support as many computer crimes leave “footprints” on the computer as well as on the internet [ 4] Most prosecutors also lack the training and specialization to focus on the prosecution of criminals who use computer-based and Internet system as a means of committing crimes. Thus, they must have a working knowledge of computer-based and Internet investigations if they are to handle these crimes effectively.
A good example is a recent case in UK where a teenager was acquitted after being charged in court for Distribution Denial of Service (DDOS) attack that crippled the Port of Houston, a US web-based computer system. Denial of Service (DoS) attacks and more particularly the distributed ones (DDoS) are one of the latest and most powerful threats that have appeared in the world of networking. The wildly publicized DDoS attacks against Yahoo, eBay, Amazon.com and the White House websites have revealed the vulnerability of well-equipped networks.
There are two principal classes of attacks: Logic attacks & Flooding attacks. The logic attacks, such as the “Ping of Death” exploit the existing software flaws to substantially degrade network performance, the flooding attacks such as “Smurf” overwhelm the victim's CPU, memory and network resources by sending a large number of spurious requests. In this paper, we will focus only on flooding attacks [ 5].