One of the reasons that it helps to bring in law enforcement is getting the legal authority to track the attack back to the originator. Law enforcement can help with finding the bot net's command-and-control (C&C) servers, which might lead to the hacker. Using the detailed traffic you have collected, you should be able to identify some of the originating IP addresses of the bot attack traffic. You (or law enforcement) can contact the owner of the IP addresses and request a forensic copy of the malware, which can be dissected to find the C&C server's IP address, which in turn can be used to find the hacker's origination address.
To be honest, being able to locate and prosecute the DDoS attacker is a long shot. The lack of cohesive communications between all the parties that need to be involved in an investigation, the legal implications of the global nature of the assault, and the growing sophistication of bot nets all fight against a successful prosecution. But as Paul and CastleCops can tell you, it can be done.