标题:AN INVESTIGATOR DIGITAL FORENSICS FREQUENCIES PARTICLE SWARM OPTIMIZATION FOR DETECTION AND CLASSIFICATION OF APT ATTACK IN FOG COMPUTING ENVIRONMENT (IDF-FPSO)
期刊名称:Journal of Theoretical and Applied Information Technology
印刷版ISSN:1992-8645
电子版ISSN:1817-3195
出版年度:2020
卷号:98
期号:7
页码:937-952
出版社:Journal of Theoretical and Applied
摘要:The hough there are several approaches to detect the malware attacks in cloud, the detection techniques could not be applied in FOG based environment. This is because of its possession of distinct features. As FOG computing has been evolving, it is mandatory to develop detection and mitigation schemes of malware attacks. Thus, in this research, an approach for investigation of digital forensics has been developed, where it classifies and detects the APT attack named Shamoon attack from different attack types in FOG environment. Digital Forensics has been recently gaining focus in solving or investing the cybercrimes. Several researches have been developed in this field where they have analyzed several security challenges. Previous technologies, to measure these attacks are completely based on methodology of pattern matching. If an attack is newly occurred, then the detection rate is very low and false negative will be very high. Thus the challenges are highly increased as the data volume increases, and the technology used by attacker is continually developed. As there is a lack in detection technology and the deployment boards, and the low efficient models in FOG computing makes the challenge a difficult one. Thus a proposed scheme has been introduced where Frequency Particle Swarm Optimization (FPSO) has been utilized in investigating digital forensics Particle Swarm Optimization in order to detect and to classify the APT attack (Shamoon attack) in FOG environment. This approach uses four phases. In feature extraction, best set of features are extracted. Using FPSO (Frequencies PSO), best weighed features are predicted. These weighed features are clustered using K-means clustering and classified using k-nearest neighbors ( KNN) classifier. The performance of this approach is then evaluated using confusion matrix and results are provided. Finally, the proposed KNN-FPSO classifier is compared with other existing classifiers and the results are recorded.
