Оглавление
Группа авторов. Machine Learning Techniques and Analytics for Cloud Security
Table of Contents
List of Figures
List of Table
Guide
Pages
Machine Learning Techniques and Analytics for Cloud Security
Preface
1. Hybrid Cloud: A New Paradigm in Cloud Computing
1.1 Introduction
1.2 Hybrid Cloud
1.2.1 Architecture
1.2.2 Why Hybrid Cloud is Required?
1.2.3 Business and Hybrid Cloud
1.2.4 Things to Remember When Deploying Hybrid Cloud
1.3 Comparison Among Different Hybrid Cloud Providers
1.3.1 Cloud Storage and Backup Benefits
1.3.2 Pros and Cons of Different Service Providers
1.3.2.1 AWS Outpost
1.3.2.2 Microsoft Azure Stack
1.3.2.3 Google Cloud Anthos
1.3.3 Review on Storage of the Providers. 1.3.3.1 AWS Outpost Storage
1.3.3.2 Google Cloud Anthos Storage
1.3.4 Pricing
1.4 Hybrid Cloud in Education
1.5 Significance of Hybrid Cloud Post-Pandemic
1.6 Security in Hybrid Cloud
1.6.1 Role of Human Error in Cloud Security
1.6.2 Handling Security Challenges
1.7 Use of AI in Hybrid Cloud
1.8 Future Research Direction
1.9 Conclusion
References
2. Recognition of Differentially Expressed Glycan Structure of H1N1 Virus Using Unsupervised Learning Framework
2.1 Introduction
2.2 Proposed Methodology
2.3 Result
2.3.1 Description of Datasets
2.3.2 Analysis of Result
2.3.3 Validation of Results. 2.3.3.1 T-Test (Statistical Validation)
2.3.3.2 Statistical Validation
2.3.4 Glycan Cloud
2.4 Conclusions and Future Work
References
3. Selection of Certain Cancer Mediating Genes Using a Hybrid Model Logistic Regression Supported by Principal Component Analysis (PC-LR)
3.1 Introduction
3.2 Related Methods
3.3 Methodology
3.3.1 Description
3.3.2 Flowchart
3.3.3 Algorithm
3.3.4 Interpretation of the Algorithm
3.3.5 Illustration
3.4 Result
3.4.1 Description of the Dataset
3.4.2 Result Analysis
3.4.3 Result Set Validation
3.5 Application in Cloud Domain
3.6 Conclusion
References
4. Cost-Effective Voice-Controlled Real-Time Smart Informative Interface Design With Google Assistance Technology
4.1 Introduction
4.2 Home Automation System
4.2.1 Sensors
4.2.2 Protocols
4.2.3 Technologies
4.2.4 Advantages
4.2.5 Disadvantages
4.3 Literature Review
4.4 Role of Sensors and Microcontrollers in Smart Home Design
4.5 Motivation of the Project
4.6 Smart Informative and Command Accepting Interface
4.7 Data Flow Diagram
4.8 Components of Informative Interface
4.9 Results
4.9.1 Circuit Design
4.9.2 LDR Data
4.9.3 API Data
4.10 Conclusion
4.11 Future Scope
References
5. Symmetric Key and Artificial Neural Network With Mealy Machine: A Neoteric Model of Cryptosystem for Cloud Security
5.1 Introduction
5.2 Literature Review
5.3 The Problem
5.4 Objectives and Contributions
5.5 Methodology
5.6 Results and Discussions
5.6.1 Statistical Analysis
5.6.2 Randomness Test of Key
5.6.3 Key Sensitivity Analysis
5.6.4 Security Analysis
5.6.5 Dataset Used on ANN
5.6.6 Comparisons
5.7 Conclusions
References
6. An Efficient Intrusion Detection System on Various Datasets Using Machine Learning Techniques
6.1 Introduction
6.2 Motivation and Justification of the Proposed Work
6.3 Terminology Related to IDS
6.3.1 Network
6.3.2 Network Traffic
6.3.3 Intrusion
6.3.4 Intrusion Detection System
6.3.4.1 Various Types of IDS
6.3.4.2 Working Methodology of IDS
6.3.4.3 Characteristics of IDS
6.3.4.4 Advantages of IDS
6.3.4.5 Disadvantages of IDS
6.3.5 Intrusion Prevention System (IPS)
6.3.5.1 Network-Based Intrusion Prevention System (NIPS)
6.3.5.2 Wireless Intrusion Prevention System (WIPS)
6.3.5.3 Network Behavior Analysis (NBA)
6.3.5.4 Host-Based Intrusion Prevention System (HIPS)
6.3.6 Comparison of IPS With IDS/Relation Between IDS and IPS
6.3.7 Different Methods of Evasion in Networks
6.4 Intrusion Attacks on Cloud Environment
6.5 Comparative Studies
6.6 Proposed Methodology
6.7 Result
6.8 Conclusion and Future Scope
References
7. You Are Known by Your Mood: A Text-Based Sentiment Analysis for Cloud Security
7.1 Introduction
7.2 Literature Review
7.3 Essential Prerequisites
7.3.1 Security Aspects
7.3.2 Machine Learning Tools
7.3.2.1 Naïve Bayes Classifier
7.3.2.2 Artificial Neural Network
7.4 Proposed Model
7.5 Experimental Setup
7.6 Results and Discussions
7.7 Application in Cloud Security
7.7.1 Ask an Intelligent Security Question
7.7.2 Homomorphic Data Storage
7.7.3 Information Diffusion
7.8 Conclusion and Future Scope
References
8. The State-of-the-Art in Zero-Knowledge Authentication Proof for Cloud
8.1 Introduction
8.2 Attacks and Countermeasures
8.2.1 Malware and Ransomware Breaches
8.2.2 Prevention of Distributing Denial of Service
8.2.3 Threat Detection
8.3 Zero-Knowledge Proof
8.4 Machine Learning for Cloud Computing
8.4.1 Types of Learning Algorithms. 8.4.1.1 Supervised Learning
8.4.1.2 Supervised Learning Approach
8.4.1.3 Unsupervised Learning
8.4.2 Application on Machine Learning for Cloud Computing
8.4.2.1 Image Recognition
8.4.2.2 Speech Recognition
8.4.2.3 Medical Diagnosis
8.4.2.4 Learning Associations
8.4.2.5 Classification
8.4.2.6 Prediction
8.4.2.7 Extraction
8.4.2.8 Regression
8.4.2.9 Financial Services
8.5 Zero-Knowledge Proof: Details
8.5.1 Comparative Study
8.5.1.1 Fiat-Shamir ZKP Protocol
8.5.2 Diffie-Hellman Key Exchange Algorithm
8.5.2.1 Discrete Logarithm Attack [6]
8.5.2.2 Man-in-the-Middle Attack
8.5.3 ZKP Version 1
8.5.4 ZKP Version 2
8.5.5 Analysis
8.5.6 Cloud Security Architecture
8.5.7 Existing Cloud Computing Architectures
8.5.8 Issues With Current Clouds
8.6 Conclusion
References
9. A Robust Approach for Effective Spam Detection Using Supervised Learning Techniques
9.1 Introduction
9.2 Literature Review
9.3 Motivation
9.4 System Overview
9.5 Data Description
9.6 Data Processing
9.7 Feature Extraction
9.8 Learning Techniques Used
9.8.1 Support Vector Machine
9.8.2 k-Nearest Neighbors
9.8.3 Decision Tree
9.8.4 Convolutional Neural Network
9.9 Experimental Setup
9.10 Evaluation Metrics
9.11 Experimental Results
9.11.1 Observations in Comparison With State-of-the-Art
9.12 Application in Cloud Architecture
9.13 Conclusion
References
10. An Intelligent System for Securing Network From Intrusion Detection and Prevention of Phishing Attack Using Machine Learning Approaches
10.1 Introduction
10.1.1 Types of Phishing
10.1.1.1 Spear Phishing
10.1.1.2 Whaling
10.1.1.3 Catphishing and Catfishing
10.1.1.4 Clone Phishing
10.1.1.5 Voice Phishing
10.1.2 Techniques of Phishing. 10.1.2.1 Link Manipulation
10.1.2.2 Filter Evasion
10.1.2.3 Website Forgery
10.1.2.4 Covert Redirect
10.2 Literature Review
10.3 Materials and Methods. 10.3.1 Dataset and Attributes
10.3.2 Proposed Methodology
10.3.2.1 Logistic Regression
10.3.2.2 Naïve Bayes
10.3.2.3 Support Vector Machine
10.3.2.4 Voting Classification
10.4 Result Analysis. 10.4.1 Analysis of Different Parameters for ML Models
10.4.2 Predictive Outcome Analysis in Phishing URLs Dataset
10.4.3 Analysis of Performance Metrics
10.4.4 Statistical Analysis of Results
10.4.4.1 ANOVA: Two-Factor Without Replication
10.4.4.2 ANOVA: Single Factor
10.5 Conclusion
References
11. Cloud Security Using Honeypot Network and Blockchain: A Review
11.1 Introduction
11.2 Cloud Computing Overview
11.2.1 Types of Cloud Computing Services
11.2.1.1 Software as a Service
11.2.1.2 Infrastructure as a Service
11.2.1.3 Platform as a Service
11.2.2 Deployment Models of Cloud Computing
11.2.2.1 Public Cloud
11.2.2.2 Private Cloud
11.2.2.3 Community Cloud
11.2.2.4 Hybrid Cloud
11.2.3 Security Concerns in Cloud Computing
11.2.3.1 Data Breaches
11.2.3.2 Insufficient Change Control and Misconfiguration
11.2.3.3 Lack of Strategy and Security Architecture
11.2.3.4 Insufficient Identity, Credential, Access, and Key Management
11.2.3.5 Account Hijacking
11.2.3.6 Insider Threat
11.2.3.7 Insecure Interfaces and APIs
11.2.3.8 Weak Control Plane
11.3 Honeypot System
11.3.1 VM (Virtual Machine) as Honeypot in the Cloud
11.3.2 Attack Sensing and Analyzing Framework
11.3.3 A Fuzzy Technique Against Fingerprinting Attacks
11.3.4 Detecting and Classifying Malicious Access
11.3.5 A Bayesian Defense Model for Deceptive Attack
11.3.6 Strategic Game Model for DDoS Attacks in Smart Grid
11.4 Blockchain
11.4.1 Blockchain-Based Encrypted Cloud Storage
11.4.2 Cloud-Assisted EHR Sharing via Consortium Blockchain
11.4.3 Blockchain-Secured Cloud Storage
11.4.4 Blockchain and Edge Computing–Based Security Architecture
11.4.5 Data Provenance Architecture in Cloud Ecosystem Using Blockchain
11.6 Comparative Analysis
11.7 Conclusion
References
12. Machine Learning–Based Security in Cloud Database—A Survey
12.1 Introduction
12.2 Security Threats and Attacks
12.3 Dataset Description
12.3.1 NSL-KDD Dataset
12.3.2 UNSW-NB15 Dataset
12.4 Machine Learning for Cloud Security
12.4.1 Supervised Learning Techniques
12.4.1.1 Support Vector Machine
12.4.1.2 Artificial Neural Network
12.4.1.3 Deep Learning
12.4.1.4 Random Forest
12.4.2 Unsupervised Learning Techniques
12.4.2.1 K-Means Clustering
12.4.2.2 Fuzzy C-Means Clustering
12.4.2.3 Expectation-Maximization Clustering
12.4.2.4 Cuckoo Search With Particle Swarm Optimization (PSO)
12.4.3 Hybrid Learning Techniques
12.4.3.1 HIDCC: Hybrid Intrusion Detection Approach in Cloud Computing
12.4.3.2 Clustering-Based Hybrid Model in Deep Learning Framework
12.4.3.3 K-Nearest Neighbor–Based Fuzzy C-Means Mechanism
12.4.3.4 K-Means Clustering Using Support Vector Machine
12.4.3.5 K-Nearest Neighbor–Based Artificial Neural Network Mechanism
12.4.3.6 Artificial Neural Network Fused With Support Vector Machine
12.4.3.7 Particle Swarm Optimization–Based Probabilistic Neural Network
12.5 Comparative Analysis
12.6 Conclusion
References
13. Machine Learning Adversarial Attacks: A Survey Beyond
13.1 Introduction
13.2 Adversarial Learning
13.2.1 Concept
13.3 Taxonomy of Adversarial Attacks
13.3.1 Attacks Based on Knowledge
13.3.1.1 Black Box Attack (Transferable Attack)
13.3.1.2 White Box Attack
13.3.2 Attacks Based on Goals
13.3.2.1 Target Attacks
13.3.2.2 Non-Target Attacks
13.3.3 Attacks Based on Strategies
13.3.3.1 Poisoning Attacks
13.3.3.2 Evasion Attacks
13.3.4 Textual-Based Attacks (NLP)
13.3.4.1 Character Level Attacks
13.3.4.2 Word-Level Attacks
13.3.4.3 Sentence-Level Attacks
13.4 Review of Adversarial Attack Methods
13.4.1 L-BFGS
13.4.2 Feedforward Derivation Attack (Jacobian Attack)
13.4.3 Fast Gradient Sign Method
13.4.4 Methods of Different Text-Based Adversarial Attacks
13.4.5 Adversarial Attacks Methods Based on Language Models
13.4.6 Adversarial Attacks on Recommender Systems
13.4.6.1 Random Attack
13.4.6.2 Average Attack
13.4.6.3 Bandwagon Attack
13.4.6.4Reverse Bandwagon Attack
13.5 Adversarial Attacks on Cloud-Based Platforms
13.6 Conclusion
References
14. Protocols for Cloud Security
14.1 Introduction
14.2 System and Adversarial Model. 14.2.1 System Model
14.2.2 Adversarial Model
14.3 Protocols for Data Protection in Secure Cloud Computing
14.3.1 Homomorphic Encryption
14.3.2 Searchable Encryption
14.3.3 Attribute-Based Encryption
14.3.4 Secure Multi-Party Computation
14.4 Protocols for Data Protection in Secure Cloud Storage
14.4.1 Proofs of Encryption
14.4.2 Secure Message-Locked Encryption
14.4.3 Proofs of Storage
14.4.4 Proofs of Ownership
14.4.5 Proofs of Reliability
14.5 Protocols for Secure Cloud Systems
14.6 Protocols for Cloud Security in the Future
14.7 Conclusion
References
15. A Study on Google Cloud Platform (GCP) and Its Security
15.1 Introduction
15.1.1 Google Cloud Platform Current Market Holding
15.1.1.1 The Forrester Wave
15.1.1.2 Gartner Magic Quadrant
15.1.2 Google Cloud Platform Work Distribution
15.1.2.1 SaaS
15.1.2.2 PaaS
15.1.2.3 IaaS
15.1.2.4 On-Premise
15.2 Google Cloud Platform’s Security Features Basic Overview
15.2.1 Physical Premises Security
15.2.2 Hardware Security
15.2.3 Inter-Service Security
15.2.4 Data Security
15.2.5 Internet Security
15.2.6 In-Software Security
15.2.7 End User Access Security
15.3 Google Cloud Platform’s Architecture
15.3.1 Geographic Zone
15.3.2 Resource Management
15.3.2.1 IAM
15.3.2.2 Roles
15.3.2.2.1 Basic Roles
15.3.2.2.2 Predefined Roles
15.3.2.2.3 Custom Roles
15.3.2.3 Billing
15.4 Key Security Features
15.4.1 IAP
15.4.2 Compliance
15.4.3 Policy Analyzer
15.4.4 Security Command Center
15.4.4.1 Standard Tier
15.4.4.2 Premium Tier
15.4.4.2.1 Event Threat Detection
15.4.4.2.2 Cloud Logging
15.4.4.2.3 Container Threat Detection
15.4.4.2.4 Security Health Analytics
15.4.4.2.5 Web Security Scanner
15.4.5 Data Loss Protection
15.4.6 Key Management
15.4.7 Secret Manager
15.4.8 Monitoring
15.5 Key Application Features
15.5.1 Stackdriver (Currently Operations)
15.5.1.1 Profiler
15.5.1.2 Cloud Debugger
15.5.1.3 Trace
15.5.2 Network
15.5.3 Virtual Machine Specifications
15.5.4 Preemptible VMs
15.6 Computation in Google Cloud Platform
15.6.1 Compute Engine
15.6.2 App Engine
15.6.3 Container Engine
15.6.4 Cloud Functions
15.7 Storage in Google Cloud Platform
15.8 Network in Google Cloud Platform
15.9 Data in Google Cloud Platform
15.10 Machine Learning in Google Cloud Platform
15.11 Conclusion
References
16. Case Study of Azure and Azure Security Practices
16.1 Introduction
16.1.1 Azure Current Market Holding
16.1.2 The Forrester Wave
16.1.3 Gartner Magic Quadrant
16.2 Microsoft Azure—The Security Infrastructure
16.2.1 Azure Security Features and Tools
16.2.2 Network Security
16.3 Data Encryption
16.3.1 Data Encryption at Rest
16.3.2 Data Encryption at Transit
16.3.3 Asset and Inventory Management
16.3.4 Azure Marketplace
16.4 Azure Cloud Security Architecture. 16.4.1 Working
16.4.2 Design Principles
16.4.2.1 Alignment of Security Policies
16.4.2.2 Building a Comprehensive Strategy
16.4.2.3 Simplicity Driven
16.4.2.4 Leveraging Native Controls
16.4.2.5 Identification-Based Authentication
16.4.2.6 Accountability
16.4.2.7 Embracing Automation
16.4.2.8 Stress on Information Protection
16.4.2.9 Continuous Evaluation
16.4.2.10 Skilled Workforce
16.5 Azure Architecture
16.5.1 Components
16.5.1.1 Azure Api Gateway
16.5.1.2 Azure Functions
16.5.2 Services
16.5.2.1 Azure Virtual Machine
16.5.2.2 Blob Storage
16.5.2.3 Azure Virtual Network
16.5.2.4 Content Delivery Network
16.5.2.5 Azure SQL Database
16.6 Features of Azure
16.6.1 Key Features
16.6.1.1 Data Resiliency
16.6.1.2 Data Security
16.6.1.3 BCDR Integration
16.6.1.4 Storage Management
16.6.1.5 Single Pane View
16.7 Common Azure Security Features
16.7.1 Security Center
16.7.2 Key Vault
16.7.3 Azure Active Directory
16.7.3.1 Application Management
16.7.3.2 Conditional Access
16.7.3.3 Device Identity Management
16.7.3.4 Identity Protection
16.7.3.5 Azure Sentinel
16.7.3.6 Privileged Identity Management
16.7.3.7 Multifactor Authentication
16.7.3.8 Single Sign On
16.8 Conclusion
References
17. Nutanix Hybrid Cloud From Security Perspective
17.1 Introduction
17.2 Growth of Nutanix
17.2.1 Gartner Magic Quadrant
17.2.2 The Forrester Wave
17.2.3 Consumer Acquisition
17.2.4 Revenue
17.3 Introductory Concepts
17.3.1 Plane Concepts
17.3.1.1 Control Plane
17.3.1.2 Data Plane
17.3.2 Security Technical Implementation Guides
17.3.3 SaltStack and SCMA
17.4 Nutanix Hybrid Cloud
17.4.1 Prism
17.4.1.1 Prism Element
17.4.1.2 Prism Central
17.4.2 Acropolis
17.4.2.1 Distributed Storage Fabric
17.4.2.2 AHV
17.5 Reinforcing AHV and Controller VM
17.6 Disaster Management and Recovery
17.6.1 Protection Domains and Consistent Groups
17.6.2 Nutanix DSF Replication of OpLog
17.6.3 DSF Snapshots and VmQueisced Snapshot Service
17.6.4 Nutanix Cerebro
17.7 Security and Policy Management on Nutanix Hybrid Cloud
17.7.1 Authentication on Nutanix
17.7.2 Nutanix Data Encryption
17.7.3 Security Policy Management
17.7.3.1 Enforcing a Policy
17.7.3.2 Priority of a Policy
17.7.3.3 Automated Enforcement
17.8 Network Security and Log Management
17.8.1 Segmented and Unsegmented Network
17.9 Conclusion
References
18. A Data Science Approach Based on User Interactions to Generate Access Control Policies for Large Collections of Documents
18.1 Introduction
18.2 Related Work
18.3 Network Science Theory
18.4 Approach to Spread Policies Using Networks Science
18.4.1 Finding the Most Relevant Spreaders
18.4.1.1 Weighting Users
18.4.1.2 Selecting the TopSpreaders
18.4.2 Assign and Spread the Access Control Policies
18.4.2.1 Access Control Policies
18.4.2.2 Horizontal Spreading
18.4.2.3 Vertical Spreading (Bottom-Up)
18.4.2.4 Policies Refinement
18.4.3 Structural Complexity Analysis of CP-ABE Policies
18.4.3.1 Assessing the WSC for ABE Policies
18.4.3.2 Assessing the Policies Generated in the Spreading Process
18.4.4 Effectiveness Analysis
18.4.4.1 Evaluation Metrics
18.4.4.2 Adjusting the Interaction Graph to Assess Policy Effectiveness
18.4.4.3 Method to Complement the User Interactions(Synthetic Edges Generation)
18.4.5 Measuring Policy Effectiveness in the User Interaction Graph
18.4.5.1 Simple Node-Based Strategy
18.4.5.2 Weighted Node-Based Strategy
18.5 Evaluation
18.5.1 Dataset Description
18.5.2 Results of the Complexity Evaluation
18.5.3 Effectiveness Results From the Real Edges
18.5.4 Effectiveness Results Using Real and Synthetic Edges
18.6 Conclusions
References
19. AI, ML, & Robotics in iSchools: An Academic Analysis for an Intelligent Societal Systems
19.1 Introduction
19.2 Objective
19.3 Methodology
19.3.1 iSchools, Technologies, and Artificial Intelligence, ML, and Robotics
19.4 Artificial Intelligence, ML, and Robotics: An Overview
19.5 Artificial Intelligence, ML, and Robotics as an Academic Program: A Case on iSchools—North American Region
19.6 Suggestions
19.7 Motivation and Future Works
19.8 Conclusion
References
Index
WILEY END USER LICENSE AGREEMENT
