Читать книгу Machine Learning Techniques and Analytics for Cloud Security - Группа авторов - Страница 11

Our objective in writing this book was to provide the reader with an in-depth knowledge of how to integrate machine learning (ML) approaches to meet various analytical issues in cloud security deemed necessary due to the advancement of IoT networks. Although one of the ways to achieve cloud security is by using ML, the technique has long-standing challenges that require methodological and theoretical approaches. Therefore, because the conventional cryptographic approach is less frequently applied in resource-constrained devices, the ML approach may be effectively used in providing security in the constantly growing cloud environment. Machine learning algorithms can also be used to meet various cloud security issues for effective intrusion detection and zero-knowledge authentication systems. Moreover, these algorithms can also be used in applications and for much more, including measuring passive attacks and designing protocols and privacy systems. This book contains case studies/projects for implementing some security features based on ML algorithms and analytics. It will provide learning paradigms for the field of artificial intelligence and the deep learning community, with related datasets to help delve deeper into ML for cloud security.

This book is organized into five parts. As the entire book is based on ML techniques, the three chapters contained in “Part I: Conceptual Aspects of Cloud and Applications of Machine Learning,” describe cloud environments and ML methods and techniques. The seven chapters in “Part II: Cloud Security Systems Using Machine Learning Techniques,” describe ML algorithms and techniques which are hard coded and implemented for providing various security aspects of cloud environments. The four chapters of “Part III: Cloud Security Analysis Using Machine Learning Techniques,” present some of the recent studies and surveys of ML techniques and analytics for providing cloud security. The next three chapters in “Part IV: Case Studies Focused on Cloud Security,” are unique to this book as they contain three case studies of three cloud products from a security perspective. These three products are mainly in the domains of public cloud, private cloud and hybrid cloud. Finally, the two chapters in “Part V: Policy Aspects,” pertain to policy aspects related to the cloud environment and cloud security using ML techniques and analytics. Each of the chapters mentioned above are individually highlighted chapter by chapter below.

Part I: Conceptual Aspects of Cloud and Applications of Machine Learning

 – Chapter 1 begins with an introduction to various parameters of cloud such as scalability, cost, speed, reliability, performance and security. Next, hybrid cloud is discussed in detail along with cloud architecture and how it functions. A brief comparison of various cloud providers is given next. After the use of cloud in education, finance, etc., is described, the chapter concludes with a discussion of security aspects of a cloud environment.

 – Chapter 2 discusses how to recognize differentially expressed glycan structure of H1N1 virus using unsupervised learning framework. This chapter gives the reader a better understanding of machine learning (ML) and analytics. Next, the detailed workings of an ML methodology are presented along with a flowchart. The result part of this chapter contains the analytics for the ML technique.

 – Chapter 3 presents a hybrid model of logistic regression supported by PC-LR to select cancer mediating genes. This is another good chapter to help better understand ML techniques and analytics. It provides the details of an ML learning methodology and algorithms with results and analysis using datasets.

Part II: Cloud Security Systems Using Machine Learning Techniques

 – Chapter 4 shows the implementation of a voice-controlled real-time smart informative interface design with Google assistance technology that is more cost-effective than the existing products on the market. This system can be used for various cloud-based applications such as home automation. It uses microcontrollers and sensors in smart home design which can be connected through cloud database. Security concerns are also discussed in this chapter.

 – Chapter 5 discusses a neoteric model of a cryptosystem for cloud security by using symmetric key and artificial neural network with Mealy machine. A cryptosystem is used to provide data or information confidentiality and a state-based cryptosystem is implemented using Mealy machine. This chapter gives a detailed algorithm with results generated using Lenovo G80 with processor Intel® Pentium® CPU B950@210GHz and RAM 2GB and programming language Turbo C, DebC++ and disc drive SA 9500326AS ATA and Windows 7 Ultimate (32 Bits) OS.

 – Chapter 6 describes the implementation of an effective intrusion detection system using ML techniques through various datasets. The chapter begins with a description of an intrusion detection system and how it is beneficial for cloud environment. Next, various intrusion attacks on cloud environment are described along with a comparative study. Finally, a proposed methodology of IDS in cloud environment is given along with implementation results.

 – Chapter 7 beautifully describes text-based sentiment analysis for cloud security that extracts the mood of users in a cloud environment, which is an evolving topic in ML. A proposed model for text-based sentiment analysis is presented along with an experimental setup with implementation results. Since text-based sentiment analysis potentially identifies malicious users in a cloud environment, the chapter concludes with applications of this method and implementation for cloud security.

 – Chapter 8 discusses zero-knowledge proof (ZKP) for cloud, which is a method for identifying legitimate users without revealing their identity. The ZKP consist of three parts: the first is ticket generator, the second is user, and the third is verifier. For example, to see a movie in a theater we purchase ticket. So, the theater counter is the ticket generator; and while purchasing a ticket here we generally don’t reveal our identifying information such as name, address or social security number. We are allowed to enter the theater when this ticket is verified at the gate, so, this is the verifier algorithm. This chapter also discusses ZKP for cloud security.

 – Chapter 9 discusses an effective spam detection system for cloud security using supervised ML techniques. Spam, which is an unwanted message that contains malicious links, viral attachments, unwelcome images and misinformation, is a major security concern for any digital system and requires an effective spam detection system. Therefore, this chapter begins by discussing the requirements for such a system. Then, it gradually moves towards a supervised ML-technique-based spam detection system, mainly using a support vector machine (SVM) and convolutional neural network (CNN). Implementation results are also given with application in cloud environment.

 – Chapter 10 describes an intelligent system for securing network from intrusion detection and phishing attacks using ML approaches, with a focus on phishing attacks on the cloud environment. It begins by describing different fishing attacks on cloud environment and then proposes a method for detecting these attacks using ML. Next, analysis of different parameters for ML models, predictive outcome analysis in phishing URLs dataset, analysis of performance metrics and statistical analysis of results are presented.

Part III: Cloud Security Analysis Using Machine Learning Techniques

 – Chapter 11 discusses cloud security using honeypot network and blockchain. It begins with an overview of cloud computing and then describes cloud computing deployment models and security concerns in cloud computing. Then the honeypot network and its system design are discussed, followed by the use of blockchain-based honeypot network. A good comparative analysis is given at the end of the chapter.

 – Chapter 12 includes a survey on ML-based security in cloud database. The chapter starts with a discussion of the various ML techniques used to provide security in a cloud database. Then a study is presented which mainly consists of three parts: first, supervised learning methods, such as support vector machine (SVM), artificial neural network, etc., are given; second, unsupervised learning methods, such as K-means clustering, fuzzy C-means clustering, etc., are given; third, hybrid learning techniques, such as hybrid intrusion detection approach (HIDCC) in cloud computing, clustering-based hybrid model in deep learning framework, etc., are given. Comparative analyses are also given at the end.

 – Chapter 13 provides a survey on ML-based adversarial attacks on cloud environment. The chapter starts with the concepts of adversarial learning followed by the taxonomy of adversarial attacks. Various algorithms found in the literature for ML-based adversarial attacks on cloud environment are also presented. Then, various studies on adversarial attacks on cloud-based platforms and their comparative studies are discussed.

 – Chapter 14 provides a detailed study of the protocols used for cloud security. The chapter starts by discussing the system and adversarial models, and then the protocols for data protection in secure cloud computing are given followed by a discussion of the protocols for data protection in secure cloud storage. Finally, various protocols for secure cloud systems are discussed. The authors also attempt to give a futuristic view of the protocols that may be implemented for cloud security.

Part IV: Case Studies Focused on Cloud Security

 – Chapter 15 is a detailed presentation of the Google cloud platform (GCP) and its security features. It begins by discussing GCP’s current market holdings and then describes the work distribution in GCP. Next, the chapter gradually moves towards a basic overview of security features in GCP and describes the GCP architecture along with its key security and application features. Then, an interesting part is presented that describes various computations used in GCP, followed by a discussion of the storage, network, data and ML policies used in GCP.

 – Chapter 16 presents a case study of Microsoft Azure cloud and its security features. The beginning of the chapter covers Azure’s current market holdings and the Forrester Wave and Gartner Magic Quadrant reports. Then, the security infrastructure of Azure is given, which covers its security features and tools, Azure network security, data encryption used in Azure, asset and inventory management, and the Azure marketplace. Next, details of Azure cloud security architecture are presented along with its working and design principles, followed by the components and services of Azure architecture. The chapter ends with a discussion of its various features and why Azure is gaining popularity.

 – Chapter 17 presents a case study on Nutanix hybrid cloud from a security perspective. Nutanix is a fast-growing hybrid cloud in the current scenario. The chapter begins with the growth of Nutanix and then presents introductory concepts about it. Next, Nutanix hybrid cloud architecture is discussed in relation to computation, storage and networking. Then, reinforcing AHV and controller VM are described, followed by disaster management and recovery used in Nutanix hybrid cloud. A detailed study on security and policy management in Nutanix hybrid cloud is then presented. The chapter concludes with a discussion of network security and log management in Nutanix hybrid cloud.

Part V: Policy Aspects

 – Chapter 18 describes a data science approach based on user interactions to generate access control policies for large collections of documents in cloud environment. After a general introduction to network science theory, various approaches for spreading policies using network science are discussed. Then, evaluations and matrices to evaluate policies for cloud security are described. This chapter concludes with a presentation of all the simulation results.

 – Chapter 19 discusses the policies of iSchools with artificial intelligence, machine learning, and robotics through analysis of programs, curriculum and potentialities towards intelligent societal systems on cloud platform. iSchools are a kind of consortium that develops with the collection of information and technology-related schools and academic units. In the last decade there has been a significant growth in the development of such academic bodies. This chapter provides a policy framework for iSchools, the methodology involved and a list of available iSchools. The chapter concludes with some policy suggestions and future work related to iSchools.

The Editors

October 2021