Distributed Denial of Service (DoS) Attack This represents a serious problem for Internet communications. This problem is exacerbated if an attacker tampers with the data. Source IP address. Attackers can easily change the source IP address leads to unauthorized access to network resources. Many solutions are available. Please identify this issue in your research community. In this paper, we proposed a detection method that takes data flow into account. Metric. An attacker can change any field in the IP, so expect a packet hop count field. In this article, he will introduce one. A Heuristic Fuzzy Logic Approach to Spoofing Detection package. Effective implementation of fuzzy rules the two member functions HC and PTT are the Receive IP header. The classification of forged packets is as follows: Identify changes up close Hop count and packet transmission time due to fuzzy Membership function using fuzzy triangles Membership features.