AN INVESTIGATOR DIGITAL FORENSICS FREQUENCIES PARTICLE SWARM OPTIMIZATION FOR DETECTION AND CLASSIFICATION OF APT ATTACK IN FOG COMPUTING ENVIRONMENT (IDF-FPSO) | [Journal of Theoretical and Applied Information Technology • 2020]

Author(s):

1. AHMAD K. Al HWAITAT: King Abdullah The II IT School, Department Of Computer Science, The University Of ordan, Jordan

2. SAHER MANASEER: King Abdullah The II IT School, Department Of Computer Science, The University Of Jordan, Jordan

3. RIZIK M. H. Al-SAYYED: King Abdullah The II IT School, The University Of Jordan, Department Of Information Technology, Jordan

4. MOHAMMED AMIN ALMAIAH: King Faisal University, Department Computer Science, Saudi Arabia

5. OMAR ALMOMANI: The World Islamic Siences And Education University,Department Computer Networks, Jordan

Abstract:

The hough there are several approaches to detect the malware attacks in cloud, the detection techniques could not be applied in FOG based environment. This is because of its possession of distinct features. As FOG computing has been evolving, it is mandatory to develop detection and mitigation schemes of malware attacks. Thus, in this research, an approach for investigation of digital forensics has been developed, where it classifies and detects the APT attack named Shamoon attack from different attack types in FOG environment. Digital Forensics has been recently gaining focus in solving or investing the cybercrimes. Several researches have been developed in this field where they have analyzed several security challenges. Previous technologies, to measure these attacks are completely based on methodology of pattern matching. If an attack is newly occurred, then the detection rate is very low and false negative will be very high. Thus the challenges are highly increased as the data volume increases, and the technology used by attacker is continually developed. As there is a lack in detection technology and the deployment boards, and the low efficient models in FOG computing makes the challenge a difficult one. Thus a proposed scheme has been introduced where Frequency Particle Swarm Optimization (FPSO) has been utilized in investigating digital forensics Particle Swarm Optimization in order to detect and to classify the APT attack (Shamoon attack) in FOG environment. This approach uses four phases. In feature extraction, best set of features are extracted. Using FPSO (Frequencies PSO), best weighed features are predicted. These weighed features are clustered using K-means clustering and classified using k-nearest neighbors ( KNN) classifier. The performance of this approach is then evaluated using confusion matrix and results are provided. Finally, the proposed KNN-FPSO classifier is compared with other existing classifiers and the results are recorded.

Page(s): 937-952

DOI: DOI not available

Published: Journal: Journal of Theoretical and Applied Information Technology, Volume: 98, Issue: 7, Year: 2020

Keywords:

machine learning , Digital Forensics , FOG Computing , Shamoon Attack , Information Security , Cyber Security

References:

References are not available for this document.

Citations

Citations are not available for this document.

Citations

Downloads

Views