The problem addressed in this paper is the difficulty in criminalizing denial of service attacks in Brazil. With the advent of Law 12.737 of 2012 in Brazil, known as the Computer Crimes Law, these attacks could be considered crimes. However, no procedures were found to support it. This paper proposes a methodology based on the 2012 Computer Crime Law to assist computer networks forensic analysis, focused on charging offenders who commit denial of service attacks, as well as to present a computational architecture to automate its steps. For this purpose, it was promoted a review of related works and also dedicated sections for the clarification of terms needed to contextualize the research. At the end of the article, the methodology and its steps are presented, and also the proposed architecture and the results of experiments performed to validate the proposal. It is concluded that the availability of the information obtained by the aid of the proposed methodology demonstrates that the investigation authority can proceed with the duly substantiated liability of the offending agents.