Date Added: Dec 2010
In web environment a major challenge facing by the law enforcing agency is to collect accurate & effective evidences from the growing volumes of crime data. In cyber space multi-step attack involve group of action where some of these actions may be legitimate but when combine together constitute malicious activity. Code injection attack is a type of multi step attack which may be carried out by potentially malicious invaders through inserting script code and SQL statement into available feedback form or suggestion box on vulnerable web site. In this paper architecture for gathering evidence subjected to code injection attack is proposed.