A SURVEY OF DIGITAL FORENSIC METHODS UNDER ADVANCED PERSISTENT THREAT IN FOG COMPUTING ENVIRONMENT

摘要

DA Digital forensics has been recently become a significant approach to investigate cybercrimes. Several questions exist about the future of this domain. Many researchers have been done in this field for development, they analyzed the challenges within the domain of cloud computing and an advanced persistent threat (APT) attack. These challenges are rapidly increasing as the volume of data increase, and the technology that the attacker used is continually developed. However, the lack of valid evidence data that is due to the diversity of technology, the deployment platforms, and the less effective models for processing huge volume of data as seen in FOG computing whereas there is a limitation in the analysis tools that are using for investigation of cybercrime. The work in this paper represented in two folds the first is a survey and the second is a proposed method. The survey review the current forensic Methods under Advanced Persistent Threat (APT) attack and concentrates on the challenge that faces cybercrime in Fog Environment. The other part surveys Meta-heuristic approach such as particle swarm optimization (PSO) and Frequencies particle swarm optimization (FPSO).Then we propose a unique method, which deals with ambient environment and other ways of dealing at the network level. The proposed method deals with APT attacks in a two-sided manner. The first side identifies the detection and the second side analyzes the behavior of the spread process. The proposed method is based on optimizing the solution using Investigator Digital forensics particle swarm optimization (IDF-PSO) that will be enhanced to detect APT attack that is considered an optimal solution for collecting digital evidence, through to detection and classification APT attack and Study of propagation behavior.