Machine Learning Techniques and Analytics for Cloud Security. Группа авторов
9 discusses an effective spam detection system for cloud security using supervised ML techniques. Spam, which is an unwanted message that contains malicious links, viral attachments, unwelcome images and misinformation, is a major security concern for any digital system and requires an effective spam detection system. Therefore, this chapter begins by discussing the requirements for such a system. Then, it gradually moves towards a supervised ML-technique-based spam detection system, mainly using a support vector machine (SVM) and convolutional neural network (CNN). Implementation results are also given with application in cloud environment.
– Chapter 10 describes an intelligent system for securing network from intrusion detection and phishing attacks using ML approaches, with a focus on phishing attacks on the cloud environment. It begins by describing different fishing attacks on cloud environment and then proposes a method for detecting these attacks using ML. Next, analysis of different parameters for ML models, predictive outcome analysis in phishing URLs dataset, analysis of performance metrics and statistical analysis of results are presented.
Part III: Cloud Security Analysis Using Machine Learning Techniques
– Chapter 11 discusses cloud security using honeypot network and blockchain. It begins with an overview of cloud computing and then describes cloud computing deployment models and security concerns in cloud computing. Then the honeypot network and its system design are discussed, followed by the use of blockchain-based honeypot network. A good comparative analysis is given at the end of the chapter.
– Chapter 12 includes a survey on ML-based security in cloud database. The chapter starts with a discussion of the various ML techniques used to provide security in a cloud database. Then a study is presented which mainly consists of three parts: first, supervised learning methods, such as support vector machine (SVM), artificial neural network, etc., are given; second, unsupervised learning methods, such as K-means clustering, fuzzy C-means clustering, etc., are given; third, hybrid learning techniques, such as hybrid intrusion detection approach (HIDCC) in cloud computing, clustering-based hybrid model in deep learning framework, etc., are given. Comparative analyses are also given at the end.
– Chapter 13 provides a survey on ML-based adversarial attacks on cloud environment. The chapter starts with the concepts of adversarial learning followed by the taxonomy of adversarial attacks. Various algorithms found in the literature for ML-based adversarial attacks on cloud environment are also presented. Then, various studies on adversarial attacks on cloud-based platforms and their comparative studies are discussed.
– Chapter 14 provides a detailed study of the protocols used for cloud security. The chapter starts by discussing the system and adversarial models, and then the protocols for data protection in secure cloud computing are given followed by a discussion of the protocols for data protection in secure cloud storage. Finally, various protocols for secure cloud systems are discussed. The authors also attempt to give a futuristic view of the protocols that may be implemented for cloud security.
Part IV: Case Studies Focused on Cloud Security
– Chapter 15 is a detailed presentation of the Google cloud platform (GCP) and its security features. It begins by discussing GCP’s current market holdings and then describes the work distribution in GCP. Next, the chapter gradually moves towards a basic overview of security features in GCP and describes the GCP architecture along with its key security and application features. Then, an interesting part is presented that describes various computations used in GCP, followed by a discussion of the storage, network, data and ML policies used in GCP.
– Chapter 16 presents a case study of Microsoft Azure cloud and its security features. The beginning of the chapter covers Azure’s current market holdings and the Forrester Wave and Gartner Magic Quadrant reports. Then, the security infrastructure of Azure is given, which covers its security features and tools, Azure network security, data encryption used in Azure, asset and inventory management, and the Azure marketplace. Next, details of Azure cloud security architecture are presented along with its working and design principles, followed by the components and services of Azure architecture. The chapter ends with a discussion of its various features and why Azure is gaining popularity.
– Chapter 17 presents a case study on Nutanix hybrid cloud from a security perspective. Nutanix is a fast-growing hybrid cloud in the current scenario. The chapter begins with the growth of Nutanix and then presents introductory concepts about it. Next, Nutanix hybrid cloud architecture is discussed in relation to computation, storage and networking. Then, reinforcing AHV and controller VM are described, followed by disaster management and recovery used in Nutanix hybrid cloud. A detailed study on security and policy management in Nutanix hybrid cloud is then presented. The chapter concludes with a discussion of network security and log management in Nutanix hybrid cloud.
Part V: Policy Aspects
– Chapter 18 describes a data science approach based on user interactions to generate access control policies for large collections of documents in cloud environment. After a general introduction to network science theory, various approaches for spreading policies using network science are discussed. Then, evaluations and matrices to evaluate policies for cloud security are described. This chapter concludes with a presentation of all the simulation results.
– Chapter 19 discusses the policies of iSchools with artificial intelligence, machine learning, and robotics through analysis of programs, curriculum and potentialities towards intelligent societal systems on cloud platform. iSchools are a kind of consortium that develops with the collection of information and technology-related schools and academic units. In the last decade there has been a significant growth in the development of such academic bodies. This chapter provides a policy framework for iSchools, the methodology involved and a list of available iSchools. The chapter concludes with some policy suggestions and future work related to iSchools.
The Editors
October 2021
1
Hybrid Cloud: A New Paradigm in Cloud Computing
Moumita Deb* and Abantika Choudhury†
RCC Institute of Information Technology, Kolkata, West Bengal, India
Abstract
Hybrid cloud computing is basically a combination of cloud computing with on-premise resources to provide work portability, load distribution, and security. Hybrid cloud may include one public and one private cloud, or it may contain two or more private clouds or may have two or more public clouds depending on the requirement. Public clouds are generally provided by third party vendors like Amazon, Google, and Microsoft. These clouds traditionally ran off premise and provide services through internet. Whereas private clouds also offer computing services to selected user either over the internet or within a private internal network and conventionally ran on-premise. But