Machine Learning Techniques and Analytics for Cloud Security E-Book

Table of Contents

Cover

Title Page

Copyright

Preface

Part I CONCEPTUAL ASPECTS ON CLOUD AND APPLICATIONS OF MACHINE LEARNING

1 Hybrid Cloud: A New Paradigm in Cloud Computing

1.1 Introduction

1.2 Hybrid Cloud

1.3 Comparison Among Different Hybrid Cloud Providers

1.4 Hybrid Cloud in Education

1.5 Significance of Hybrid Cloud Post-Pandemic

1.6 Security in Hybrid Cloud

1.7 Use of AI in Hybrid Cloud

1.8 Future Research Direction

1.9 Conclusion

References

2 Recognition of Differentially Expressed Glycan Structure of H1N1 Virus Using Unsupervised Learning Framework

2.1 Introduction

2.2 Proposed Methodology

2.3 Result

2.4 Conclusions and Future Work

References

3 Selection of Certain Cancer Mediating Genes Using a Hybrid Model Logistic Regression Supported by Principal Component Analysis (PC-LR)

3.1 Introduction

3.2 Related Methods

3.3 Methodology

3.4 Result

3.5 Application in Cloud Domain

3.6 Conclusion

References

Part II CLOUD SECURITY SYSTEMS USING MACHINE LEARNING TECHNIQUES

4 Cost-Effective Voice-Controlled Real-Time Smart Informative Interface Design With Google Assistance Technology

4.1 Introduction

4.2 Home Automation System

4.3 Literature Review

4.4 Role of Sensors and Microcontrollers in Smart Home Design

4.5 Motivation of the Project

4.6 Smart Informative and Command Accepting Interface

4.7 Data Flow Diagram

4.8 Components of Informative Interface

4.9 Results

4.10 Conclusion

4.11 Future Scope

References

5 Symmetric Key and Artificial Neural Network With Mealy Machine: A Neoteric Model of Cryptosystem for Cloud Security

5.1 Introduction

5.2 Literature Review

5.3 The Problem

5.4 Objectives and Contributions

5.5 Methodology

5.6 Results and Discussions

5.7 Conclusions

References

6 An Efficient Intrusion Detection System on Various Datasets Using Machine Learning Techniques

6.1 Introduction

6.2 Motivation and Justification of the Proposed Work

6.3 Terminology Related to IDS

6.4 Intrusion Attacks on Cloud Environment

6.5 Comparative Studies

6.6 Proposed Methodology

6.7 Result

6.8 Conclusion and Future Scope

References

7 You Are Known by Your Mood: A Text-Based Sentiment Analysis for Cloud Security

7.1 Introduction

7.2 Literature Review

7.3 Essential Prerequisites

7.4 Proposed Model

7.5 Experimental Setup

7.6 Results and Discussions

7.7 Application in Cloud Security

7.8 Conclusion and Future Scope

References

8 The State-of-the-Art in Zero-Knowledge Authentication Proof for Cloud

8.1 Introduction

8.2 Attacks and Countermeasures

8.3 Zero-Knowledge Proof

8.4 Machine Learning for Cloud Computing

8.5 Zero-Knowledge Proof: Details

8.6 Conclusion

References

9 A Robust Approach for Effective Spam Detection Using Supervised Learning Techniques

9.1 Introduction

9.2 Literature Review

9.3 Motivation

9.4 System Overview

9.5 Data Description

9.6 Data Processing

9.7 Feature Extraction

9.8 Learning Techniques Used

9.9 Experimental Setup

9.10 Evaluation Metrics

9.11 Experimental Results

9.12 Application in Cloud Architecture

9.13 Conclusion

References

10 An Intelligent System for Securing Network From Intrusion Detection and Prevention of Phishing Attack Using Machine Learning Approaches

10.1 Introduction

10.2 Literature Review

10.3 Materials and Methods

10.4 Result Analysis

10.5 Conclusion

References

Part III CLOUD SECURITY ANALYSIS USING MACHINE LEARNING TECHNIQUES

11 Cloud Security Using Honeypot Network and Blockchain: A Review

11.1 Introduction

11.2 Cloud Computing Overview

11.3 Honeypot System

11.4 Blockchain

11.6 Comparative Analysis

11.7 Conclusion

References

12 Machine Learning–Based Security in Cloud Database—A Survey

12.1 Introduction

12.2 Security Threats and Attacks

12.3 Dataset Description

12.4 Machine Learning for Cloud Security

12.5 Comparative Analysis

12.6 Conclusion

References

13 Machine Learning Adversarial Attacks: A Survey Beyond

13.1 Introduction

13.2 Adversarial Learning

13.3 Taxonomy of Adversarial Attacks

13.4 Review of Adversarial Attack Methods

13.5 Adversarial Attacks on Cloud-Based Platforms

13.6 Conclusion

References

14 Protocols for Cloud Security

14.1 Introduction

14.2 System and Adversarial Model

14.3 Protocols for Data Protection in Secure Cloud Computing

14.4 Protocols for Data Protection in Secure Cloud Storage

14.5 Protocols for Secure Cloud Systems

14.6 Protocols for Cloud Security in the Future

14.7 Conclusion

References

Part IV CASE STUDIES FOCUSED ON CLOUD SECURITY

15 A Study on Google Cloud Platform (GCP) and Its Security

15.1 Introduction

15.2 Google Cloud Platform’s Security Features Basic Overview

15.3 Google Cloud Platform’s Architecture

15.4 Key Security Features

15.5 Key Application Features

15.6 Computation in Google Cloud Platform

15.7 Storage in Google Cloud Platform

15.8 Network in Google Cloud Platform

15.9 Data in Google Cloud Platform

15.10 Machine Learning in Google Cloud Platform

15.11 Conclusion

References

16 Case Study of Azure and Azure Security Practices

16.1 Introduction

16.2 Microsoft Azure—The Security Infrastructure

16.3 Data Encryption

16.4 Azure Cloud Security Architecture

16.5 Azure Architecture

16.6 Features of Azure

16.7 Common Azure Security Features

16.8 Conclusion

References

17 Nutanix Hybrid Cloud From Security Perspective

17.1 Introduction

17.2 Growth of Nutanix

17.3 Introductory Concepts

17.4 Nutanix Hybrid Cloud

17.5 Reinforcing AHV and Controller VM

17.6 Disaster Management and Recovery

17.7 Security and Policy Management on Nutanix Hybrid Cloud

17.8 Network Security and Log Management

17.9 Conclusion

References

Part V POLICY ASPECTS

18 A Data Science Approach Based on User Interactions to Generate Access Control Policies for Large Collections of Documents

18.1 Introduction

18.2 Related Work

18.3 Network Science Theory

18.4 Approach to Spread Policies Using Networks Science

18.5 Evaluation

18.6 Conclusions

References

19 AI, ML, & Robotics in

iSchools

: An Academic Analysis for an Intelligent Societal Systems

19.1 Introduction

19.2 Objective

19.3 Methodology

19.4 Artificial Intelligence, ML, and Robotics: An Overview

19.5 Artificial Intelligence, ML, and Robotics as an Academic Program: A Case on iSchools—North American Region

19.6 Suggestions

19.7 Motivation and Future Works

19.8 Conclusion

References

Index

End User License Agreement

List of Figures

Chapter 1

Figure 1.1 General architecture of hybrid cloud.

Figure 1.2 Market trend of hybrid cloud [14].

Chapter 2

Figure 2.1 Flowchart of the methodology.

Figure 2.2 K-means cluster analysis of Influenza A (H1N1) non-infected human.

Figure 2.3 K-means cluster analysis of Influenza A (H1N1) infected human.

Figure 2.4 K-means cluster analysis of Influenza A (H1N1) infected human.

Figure 2.5 K-means cluster analysis of Influenza A (H1N1) infected human.

Figure 2.6 Hierarchical cluster analysis of Influenza A (H1N1) infected human.

Figure 2.7 Hierarchical cluster analysis of Influenza A (H1N1) infected human.

Figure 2.8 Hierarchical cluster analysis of Influenza A (H1N1) infected human.

Figure 2.9 Fuzzy c-means cluster analysis of Influenza A (H1N1) infected human.

Figure 2.10 Fuzzy c-means clustering algorithm of Influenza A (H1N1) infected hu...

Figure 2.11 Fuzzy c-means clustering algorithm of Influenza A (H1N1) infected hu...

Figure 2.12 Concepts of type-I and type-II error in terms set.

Figure 2.13 Performance measurements of the F-score, balance accuracy, and Matth...

Figure 2.14 Block diagram of glycan cloud.

Chapter 3

Figure 3.1 Sigmoid curve.

Figure 3.2 Flowchart of PC-LR algorithm.

Figure 3.3 FN, TP, and FP values for colon.

Figure 3.4 FN, TP, and FP values for lung.

Figure 3.5 F-score for lung and colon using precision.

Figure 3.6 F-score for lung and colon dataset using recall.

Figure 3.7 F1 score for lung and colon dataset.

Figure 3.8 Storing and accessing the data values in Amazon S3.

Chapter 4

Figure 4.1 IoT-based smart home automation system.

Figure 4.2 Command accepting interface.

Figure 4.3 Dataflow diagram for the message, command, and data transfer.

Figure 4.4 Block diagram that exhibits the linkage between Uber server and IFTTT...

Figure 4.5 Block diagram for Spotify server connection.

Figure 4.6 Block diagram for fitness tracking using Google Fit.

Figure 4.7 Implementation of PIR sensor in our system.

Figure 4.8 Block diagram of the control unit.

Figure 4.9 Live streaming results of the LDR sensor.

Figure 4.10 API keys operational workbook.

Figure 4.11 API graphs from Google Cloud Console.

Figure 4.12 API data call counter log.

Figure 4.13 API data push and pull traffic data graph.

Chapter 5

Figure 5.1 Diagram of ANN [5].

Figure 5.2 State diagram of Mealy machine [26].

Figure 5.3 ANN structure [27].

Figure 5.4 Flow chart of our proposed technique.

Figure 5.5 Histogram analysis [27].

Figure 5.6 Graph of Table 5.3.

Figure 5.7 Graph of Table 5.4.

Chapter 6

Figure 6.1 Intrusion detection system in a nutshell.

Figure 6.2 (a) Basic architecture of intrusion detection system (IDS).

Figure 6.2 (b) Basic architecture of intrusion prevention system (IPS).

Figure 6.3 The flowchart of the proposed IDS used in this work.

Chapter 7

Figure 7.1 A block diagram of the proposed mood-based sentiment analysis and the...

Figure 7.2 Confusion matrices for Bayes, Gradient Descent with five neuron, and ...

Figure 7.3 Confusion matrices for ADAM Optimizer with 5 neuron, ADAM Optimizer w...

Figure 7.4 Performance of the proposed Naïve Bayes, Adam5, Adam10, GD5, GD10, an...

Figure 7.5 Performance of the proposed Naïve Bayes, ADAM5, ADAM10, GD5, GD10 and...

Figure 7.6 Performance of the proposed Naïve Bayes, ADAM5, ADAM10, GD5, GD10, an...

Figure 7.7 Performance of the proposed Naïve Bayes, ADAM5, ADAM10, GD5, GD10, an...

Chapter 8

Figure 8.1 Requirement of cloud security.

Figure 8.2 Fiat-Shamir protocol.

Figure 8.3 Diffie-Hellman key exchange algorithm.

Figure 8.4 ZKP version 1 [17].

Figure 8.5 ZKP Version 2 [17].

Figure 8.6 Cloud architecture.

Chapter 9

Figure 9.1 Components of a communication.

Figure 9.2 An example of malicious spam message.

Figure 9.3 Flowchart of spam filtered communication system.

Figure 9.4 Overview of the system.

Figure 9.5 A sample spam message in regional language typed in English.

Figure 9.6 A sample spam message in regional language typed in English.

Figure 9.7 Architecture of designed CNN classifier.

Figure 9.8 Illustrative example of the k-fold cross-validation technique.

Figure 9.9 Mean of mean accuracies of the different classification models.

Figure 9.10 Mean of mean F1 scores of the different classification models.

Figure 9.11 Statistical distribution of classifier performance in terms of mean ...

Figure 9.12 Statistical distribution of classifier performance in terms of mean ...

Figure 9.13 Illustration of the proposed CNN-based model in cloud architecture.

Chapter 10

Figure 10.1 Phishing websites in Q1 and Q2, 2020.

Figure 10.2 Feature extraction.

Figure 10.3 Workflow diagram of phishing detection.

Figure 10.4 Working of logistic regression.

Figure 10.5 Working of voting classification.

Figure 10.6 Phishing URL classification process.

Figure 10.7 Comparison of accuracy scores.

Figure 10.8 Comparison of precision scores.

Figure 10.9 Comparison of recall scores.

Figure 10.10 Comparison of F1 scores.

Chapter 11

Figure 11.1 Cloud computing architecture.

Figure 11.2 Entity responsible for the maintenance of cloud system resources.

Figure 11.3 Honeypot system diagram.

Figure 11.4 Blockchain architecture.

Figure 11.5 Yugala architecture.

Chapter 12

Figure 12.1 Block diagram.

Chapter 13

Figure 13.1 Blind spots in neural networks (source: Szegedy

et al

. [11]).

Figure 13.2 Representing a decision boundary with two classes separated by it.

Figure 13.3 Panda image with initial probabilities and final probabilities.

Figure 13.4 Example of adversarial effect on panda image (source: Goodfellow et ...

Figure 13.5 Example of adversarial effect on word (source: Zang

et al

. [20]).

Figure 13.6 Overview of FeatureFool framework [48]. (a) generate unlabeled datas...

Chapter 14

Figure 14.1 Homomorphic encryption in clouds.

Figure 14.2 Searchable encryption in clouds.

Figure 14.3 Ciphertext-policy attribute-based encryption in clouds.

Figure 14.4 Two-party encryption.

Figure 14.5 Wotrkflow of encryption checking.

Figure 14.6 Sever-side deduplication.

Figure 14.7 Workflow of integrity checking.

Figure 14.8 Client-side deduplication.

Figure 14.9 Workflow of replication checking.

Figure 14.10 Workflow of proofs of co-residence.

Figure 14.11 Geolocation of data in clouds.

Chapter 15

Figure 15.1 Current top 4 public cloud provider’s growth over one year span. (So...

Figure 15.2 How RPCs work. User requests to access Service 2 through Service 1.

Figure 15.3 Structure of an IAM policy.

Figure 15.4 Sub-account billing method.

Figure 15.5 The flow of IAP verification.

Figure 15.6 How event threat detection works.

Figure 15.7 Hot potato, used by other cloud providers like AWS and Azure.

Figure 15.8 Cold potato, available in the premium network tier of GCP.

Chapter 16

Figure 16.1 Data encryption at rest.

Figure 16.2 Data encryption at transit.

Figure 16.3 Implementation of encryption keys in Azure.

Figure 16.4 Working of Azure API.

Figure 16.5 Virtual Machine.

Figure 16.6 Working of Blob Storage.

Figure 16.7 Working of CDN.

Figure 16.8 Key features of CDN.

Figure 16.9 Defense in depth.

Figure 16.10 Working of conditional access.

Figure 16.11 Functions of Azure Sentinel.

Chapter 17

Figure 17.1 Consumer acquisition of Nutanix from 2017 to 2020 (Source: Blocks an...

Figure 17.2 Revenue trends of Nutanix (NTNX) over the period of 2014 to 2020. Th...

Figure 17.3 Nutanix Hybrid Cloud’s Hyperconverged Infrastructure (HCI).

Figure 17.4 Prism control plane segments.

Figure 17.5 Acropolis and associated segments.

Figure 17.6 Nutanix DR constructs’ hierarchy in distributed storage fabric.

Figure 17.7 Nutanix Cerebro Service functioning.

Figure 17.8 (a) Default unsegmented network. (b) Segmented network.

Chapter 18

Figure 18.1 Main methodology to generate APCs from an interaction network.

Figure 18.2 Example of a community partitioned into subcommunities and

k

-shells.

Figure 18.3 Bottom-up merger strategy. Keep one, keep the ones above the thresho...

Figure 18.4 Merge and simplification of two ACPs in DNF model.

Figure 18.5 Overview of WSC landscape for ACPs from 1 to 13 clauses and attribut...

Figure 18.6 An illustrative example of the confusion matrix for a binary model.

Figure 18.7 Distribution of the similarity values between pairs of nodes assigne...

Figure 18.8 Histogram of the average number of selected edges for 31 executions ...

Figure 18.9 Results of the accuracy metric using the two evaluation approaches a...

Figure 18.10 Average behavior of the

precision

,

recall

,

F1 score

, and

accuracy

m...

Chapter 19

Figure 19.1 Basic approaches in Artificial Intelligence.

Figure 19.2 Possible programs on AI, ML, and Robotics at iSchools.

Figure 19.3 Number of programs on AI, ML, and Robotics.

List of Table

Chapter 1

Table 1.1 Comparison between AWS Outpost, Microsoft Azure Stack, and Google Clou...

Table 1.2 Pros and cons between AWS Outpost, Microsoft Azure Stack, and Google C...

Table 1.3 Comparison between VMware Microsoft Amazon AWS.

Chapter 2

Table 2.1 Significant glycan list.

Table 2.2 The tabular format has been created from the above diagram.

Table 2.3 Performance of the method using various metrices.

Chapter 3

Table 3.1 Resultant genes (gene symbols) identified by PC-LR method.

Table 3.2 Resultant genes (gene symbols) identified by PC-LR method.

Chapter 5

Table 5.1 Mealy machine.

Table 5.2 Specifications of H/w and S/w used in the experiment.

Table 5.3 Serial test.

Table 5.4 Avalanche effect: change in session key.

Table 5.5 Input vector and initial weight vectors.

Table 5.6 Updated weight vectors.

Table 5.7 Comparison between coupled TPM and coupled feedforward ANN.

Table 5.8 Comparison table.

Chapter 6

Table 6.1 Comparative table of NIDS and HIDS.

Table 6.2 Comparative table of signature-based and anomaly-based IDS.

Table 6.3 Some of the works pertaining to IDS in recent years.

Table 6.4 (a) The accuracies yielded through various state-of-the-art classifier...

Table 6.4 (b) The accuracies yielded through various state-of-the-art classifier...

Table 6.4 (c) The accuracies yielded through various state-of-the-art classifier...

Table 6.5 The accuracies yielded through various state-of-the-art classifiers im...

Chapter 7

Table 7.1 Performance in different indexes.

Chapter 8

Table 8.1 Comparative study.

Chapter 9

Table 9.1 Mean of mean accuracies of different classifiers in k-fold cross-valid...

Table 9.2 Mean of mean F1 scores of different classifiers in k-fold cross-valida...

Table 9.3 Performance comparison with contemporary works.

Chapter 10

Table 10.1 Model comparison.

Table 10.2 Dataset attributes and its description of phishing URLs.

Table 10.3 Dataset attributes and its description of URLs.

Table 10.4 Comparison of the parameter values for different models.

Table 10.5 Comparison of the various models for its metrics.

Table 10.6 Summary.

Table 10.7 ANOVA.

Table 10.8 Summary.

Table 10.9 ANOVA.

Table 10.10 Descriptive statistics.

Chapter 11

Table 11.1 List of recent studies on the improvement of honeypots in the cloud.

Table 11.2 List of recent studies application of blockchain for security in the ...

Table 11.3 Honeypots for cloud security analysis.

Table 11.4 Blockchain for cloud security analysis.

Chapter 12

Table 12.1 Threats faced in cloud computing.

Table 12.2 Attacks faced in cloud computing.

Table 12.3 Supervised learning techniques with the highest accuracy.

Table 12.4 Unsupervised learning techniques with the highest accuracy.

Table 12.5 Hybrid Learning Techniques with the highest accuracy.

Table 12.6 Supervised learning analysis.

Table 12.7 Unsupervised learning analysis.

Table 12.8 Hybrid learning analysis.

Chapter 13

Table 13.1 Types and examples of five bugs generated methods [26].

Table 13.2 Instances of original and adversarial sentences [27].

Table 13.3 Different transformer functions with results [29].

Table 13.4 Nearest neighbor words based on cosine similarity when hotflip is app...

Table 13.5 Comparison of various attacks using TextAttack framework.

Table 13.6 Sample output from various text attacks during execution.

Chapter 14

Table 14.1 Performance comparison (

N

is exported data item).

Table 14.2 Benchmark of co-residence (two files) [26].

Chapter 15

Table 15.1 Responsibility division across SaaS, PaaS, and IaaS (source: BigComme...

Table 15.2 Basic permission levels.

Table 15.3 The core of Google Cloud Platform.

Table 15.4 Common terminology between Amazon Web Services, Microsoft Azure, and ...

Chapter 16

Table 16.1 Types of encryption keys.

Chapter 17

Table 17.1 Nutanix Hybrid Cloud Services.

Chapter 18

Table 18.1 Description of the neighborhood notation used in this work.

Table 18.2 Main information obtained from the user-user graph partitioning. The ...

Table 18.3 Main results obtained for three sets of random ACPs generated for the...

Table 18.4 Relevant results of the accuracy metric calculation in the graph

G

, w...

Chapter 19

Table 19.1 List of iSchools registered internationally under the iSchools Organi...

Table 19.2 List of

iSchools

of American regions offering AI, ML, and Robotics pr...

Table 19.3 List of

iSchools

of American regions offering AI, ML, and Robotics pr...

Table 19.4 Sample curricula of the PhD with ML, Robotics, etc.

Table 19.5 Sample courses of AI, ML, and Robotics programs at Master and Bachelo...

Guide

Cover

Table of Contents

Title Page

Copyright

Preface

Begin Reading

Index

End User License Agreement

Pages

v

ii

iii

iv

xix

xx

xxi

xxii

xxiii

1

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

357

358

359

360

361

362

363

364

365

366

367

368

369

370

371

372

373

374

375

376

377

379

381

382

383

384

385

386

387

388

389

390

391

392

393

394

395

396

397

398

399

400

401

402

403

404

405

406

407

408

409

410

411

412

413

414

415

417

418

419

420

421

422

423

424

425

426

427

428

429

430

431

432

433

434

435

436

437

438

439

440

441

442

443

444

Scrivener Publishing100 Cummings Center, Suite 541JBeverly, MA 01915-6106

Advances in Learning Analytics for Intelligent Cloud-IoT Systems

Series Editor: Dr. Souvik Pal and Dr. Dac-Nhuong Le

The role of adaptation, learning analytics, computational Intelligence, and data analytics in the field of cloud-IoT systems is becoming increasingly essential and intertwined. The capability of an intelligent system depends on various self-decision-making algorithms in IoT devices. IoT-based smart systems generate a large amount of data (big data) that cannot be processed by traditional data processing algorithms and applications. Hence, this book series involves different computational methods incorporated within the system with the help of analytics reasoning and sense-making in big data, which is centered in the cloud and IoT-enabled environments. The series publishes volumes that are empirical studies, theoretical and numerical analysis, and novel research findings.

Submission to the series:

Please send proposals to Dr. Souvik Pal, Department of Computer Science and Engineering, Global Institute of Management and Technology, Krishna Nagar, West Bengal, India.

E-mail: [email protected]

Publishers at Scrivener

Martin Scrivener ([email protected])

Phillip Carmical ([email protected])

Machine Learning Techniques and Analytics for Cloud Security

Edited by

and

This edition first published 2022 by John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, USA and Scrivener Publishing LLC, 100 Cummings Center, Suite 541J, Beverly, MA 01915, USA

© 2022 Scrivener Publishing LLC

For more information about Scrivener publications please visit www.scrivenerpublishing.com.

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, except as permitted by law. Advice on how to obtain permission to reuse material from this title is available at http://www.wiley.com/go/permissions.

Wiley Global Headquarters

111 River Street, Hoboken, NJ 07030, USA

For details of our global editorial offices, customer services, and more information about Wiley products visit us at www.wiley.com.

Limit of Liability/Disclaimer of Warranty

While the publisher and authors have used their best efforts in preparing this work, they make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation any implied warranties of merchant-ability or fitness for a particular purpose. No warranty may be created or extended by sales representatives, written sales materials, or promotional statements for this work. The fact that an organization, website, or product is referred to in this work as a citation and/or potential source of further information does not mean that the publisher and authors endorse the information or services the organization, website, or product may provide or recommendations it may make. This work is sold with the understanding that the publisher is not engaged in rendering professional services. The advice and strategies contained herein may not be suitable for your situation. You should consult with a specialist where appropriate. Neither the publisher nor authors shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages. Further, readers should be aware that websites listed in this work may have changed or disappeared between when this work was written and when it is read.

Library of Congress Cataloging-in-Publication Data

ISBN 978-1-119-76225-6

Cover images: Pixabay.Com

Cover design by Russell Richardson

Set in size of 11pt and Minion Pro by Manila Typesetting Company, Makati, Philippines

Printed in the USA

10 9 8 7 6 5 4 3 2 1

Preface

Our objective in writing this book was to provide the reader with an in-depth knowledge of how to integrate machine learning (ML) approaches to meet various analytical issues in cloud security deemed necessary due to the advancement of IoT networks. Although one of the ways to achieve cloud security is by using ML, the technique has long-standing challenges that require methodological and theoretical approaches. Therefore, because the conventional cryptographic approach is less frequently applied in resource-constrained devices, the ML approach may be effectively used in providing security in the constantly growing cloud environment. Machine learning algorithms can also be used to meet various cloud security issues for effective intrusion detection and zero-knowledge authentication systems. Moreover, these algorithms can also be used in applications and for much more, including measuring passive attacks and designing protocols and privacy systems. This book contains case studies/projects for implementing some security features based on ML algorithms and analytics. It will provide learning paradigms for the field of artificial intelligence and the deep learning community, with related datasets to help delve deeper into ML for cloud security.

This book is organized into five parts. As the entire book is based on ML techniques, the three chapters contained in “Part I: Conceptual Aspects of Cloud and Applications of Machine Learning,” describe cloud environments and ML methods and techniques. The seven chapters in “Part II: Cloud Security Systems Using Machine Learning Techniques,” describe ML algorithms and techniques which are hard coded and implemented for providing various security aspects of cloud environments. The four chapters of “Part III: Cloud Security Analysis Using Machine Learning Techniques,” present some of the recent studies and surveys of ML techniques and analytics for providing cloud security. The next three chapters in “Part IV: Case Studies Focused on Cloud Security,” are unique to this book as they contain three case studies of three cloud products from a security perspective. These three products are mainly in the domains of public cloud, private cloud and hybrid cloud. Finally, the two chapters in “Part V: Policy Aspects,” pertain to policy aspects related to the cloud environment and cloud security using ML techniques and analytics. Each of the chapters mentioned above are individually highlighted chapter by chapter below.

Part I: Conceptual Aspects of Cloud and Applications of Machine Learning

–

Chapter 1

begins with an introduction to various parameters of cloud such as scalability, cost, speed, reliability, performance and security. Next, hybrid cloud is discussed in detail along with cloud architecture and how it functions. A brief comparison of various cloud providers is given next. After the use of cloud in education, finance, etc., is described, the chapter concludes with a discussion of security aspects of a cloud environment.

–

Chapter 2

discusses how to recognize differentially expressed glycan structure of H1N1 virus using unsupervised learning framework. This chapter gives the reader a better understanding of machine learning (ML) and analytics. Next, the detailed workings of an ML methodology are presented along with a flowchart. The result part of this chapter contains the analytics for the ML technique.

–

Chapter 3

presents a hybrid model of logistic regression supported by PC-LR to select cancer mediating genes. This is another good chapter to help better understand ML techniques and analytics. It provides the details of an ML learning methodology and algorithms with results and analysis using datasets.

Part II: Cloud Security Systems Using Machine Learning Techniques

–

Chapter 4

shows the implementation of a voice-controlled real-time smart informative interface design with Google assistance technology that is more cost-effective than the existing products on the market. This system can be used for various cloud-based applications such as home automation. It uses microcontrollers and sensors in smart home design which can be connected through cloud database. Security concerns are also discussed in this chapter.

–

Chapter 5

discusses a neoteric model of a cryptosystem for cloud security by using symmetric key and artificial neural network with Mealy machine. A cryptosystem is used to provide data or information confidentiality and a state-based cryptosystem is implemented using Mealy machine. This chapter gives a detailed algorithm with results generated using Lenovo G80 with processor Intel

®

Pentium

®

CPU B950@210GHz and RAM 2GB and programming language Turbo C, DebC++ and disc drive SA 9500326AS ATA and Windows 7 Ultimate (32 Bits) OS.

–

Chapter 6

describes the implementation of an effective intrusion detection system using ML techniques through various datasets. The chapter begins with a description of an intrusion detection system and how it is beneficial for cloud environment. Next, various intrusion attacks on cloud environment are described along with a comparative study. Finally, a proposed methodology of IDS in cloud environment is given along with implementation results.

–

Chapter 7

beautifully describes text-based sentiment analysis for cloud security that extracts the mood of users in a cloud environment, which is an evolving topic in ML. A proposed model for text-based sentiment analysis is presented along with an experimental setup with implementation results. Since text-based sentiment analysis potentially identifies malicious users in a cloud environment, the chapter concludes with applications of this method and implementation for cloud security.

–

Chapter 8

discusses zero-knowledge proof (ZKP) for cloud, which is a method for identifying legitimate users without revealing their identity. The ZKP consist of three parts: the first is ticket generator, the second is user, and the third is verifier. For example, to see a movie in a theater we purchase ticket. So, the theater counter is the ticket generator; and while purchasing a ticket here we generally don’t reveal our identifying information such as name, address or social security number. We are allowed to enter the theater when this ticket is verified at the gate, so, this is the verifier algorithm. This chapter also discusses ZKP for cloud security.

–

Chapter 9

discusses an effective spam detection system for cloud security using supervised ML techniques. Spam, which is an unwanted message that contains malicious links, viral attachments, unwelcome images and misinformation, is a major security concern for any digital system and requires an effective spam detection system. Therefore, this chapter begins by discussing the requirements for such a system. Then, it gradually moves towards a supervised ML-technique-based spam detection system, mainly using a support vector machine (SVM) and convolutional neural network (CNN). Implementation results are also given with application in cloud environment.

–

Chapter 10

describes an intelligent system for securing network from intrusion detection and phishing attacks using ML approaches, with a focus on phishing attacks on the cloud environment. It begins by describing different fishing attacks on cloud environment and then proposes a method for detecting these attacks using ML. Next, analysis of different parameters for ML models, predictive outcome analysis in phishing URLs dataset, analysis of performance metrics and statistical analysis of results are presented.

Part III: Cloud Security Analysis Using Machine Learning Techniques

–

Chapter 11

discusses cloud security using honeypot network and blockchain. It begins with an overview of cloud computing and then describes cloud computing deployment models and security concerns in cloud computing. Then the honeypot network and its system design are discussed, followed by the use of blockchain-based honeypot network. A good comparative analysis is given at the end of the chapter.

–

Chapter 12

includes a survey on ML-based security in cloud database. The chapter starts with a discussion of the various ML techniques used to provide security in a cloud database. Then a study is presented which mainly consists of three parts: first, supervised learning methods, such as support vector machine (SVM), artificial neural network, etc., are given; second, unsupervised learning methods, such as K-means clustering, fuzzy C-means clustering, etc., are given; third, hybrid learning techniques, such as hybrid intrusion detection approach (HIDCC) in cloud computing, clustering-based hybrid model in deep learning framework, etc., are given. Comparative analyses are also given at the end.

–

Chapter 13

provides a survey on ML-based adversarial attacks on cloud environment. The chapter starts with the concepts of adversarial learning followed by the taxonomy of adversarial attacks. Various algorithms found in the literature for ML-based adversarial attacks on cloud environment are also presented. Then, various studies on adversarial attacks on cloud-based platforms and their comparative studies are discussed.

–

Chapter 14

provides a detailed study of the protocols used for cloud security. The chapter starts by discussing the system and adversarial models, and then the protocols for data protection in secure cloud computing are given followed by a discussion of the protocols for data protection in secure cloud storage. Finally, various protocols for secure cloud systems are discussed. The authors also attempt to give a futuristic view of the protocols that may be implemented for cloud security.

Part IV: Case Studies Focused on Cloud Security

–

Chapter 15

is a detailed presentation of the Google cloud platform (GCP) and its security features. It begins by discussing GCP’s current market holdings and then describes the work distribution in GCP. Next, the chapter gradually moves towards a basic overview of security features in GCP and describes the GCP architecture along with its key security and application features. Then, an interesting part is presented that describes various computations used in GCP, followed by a discussion of the storage, network, data and ML policies used in GCP.

–

Chapter 16

presents a case study of Microsoft Azure cloud and its security features. The beginning of the chapter covers Azure’s current market holdings and the Forrester Wave and Gartner Magic Quadrant reports. Then, the security infrastructure of Azure is given, which covers its security features and tools, Azure network security, data encryption used in Azure, asset and inventory management, and the Azure marketplace. Next, details of Azure cloud security architecture are presented along with its working and design principles, followed by the components and services of Azure architecture. The chapter ends with a discussion of its various features and why Azure is gaining popularity.

–

Chapter 17

presents a case study on Nutanix hybrid cloud from a security perspective. Nutanix is a fast-growing hybrid cloud in the current scenario. The chapter begins with the growth of Nutanix and then presents introductory concepts about it. Next, Nutanix hybrid cloud architecture is discussed in relation to computation, storage and networking. Then, reinforcing AHV and controller VM are described, followed by disaster management and recovery used in Nutanix hybrid cloud. A detailed study on security and policy management in Nutanix hybrid cloud is then presented. The chapter concludes with a discussion of network security and log management in Nutanix hybrid cloud.

Part V: Policy Aspects

–

Chapter 18

describes a data science approach based on user interactions to generate access control policies for large collections of documents in cloud environment. After a general introduction to network science theory, various approaches for spreading policies using network science are discussed. Then, evaluations and matrices to evaluate policies for cloud security are described. This chapter concludes with a presentation of all the simulation results.

–

Chapter 19

discusses the policies of iSchools with artificial intelligence, machine learning, and robotics through analysis of programs, curriculum and potentialities towards intelligent societal systems on cloud platform. iSchools are a kind of consortium that develops with the collection of information and technology-related schools and academic units. In the last decade there has been a significant growth in the development of such academic bodies. This chapter provides a policy framework for iSchools, the methodology involved and a list of available iSchools. The chapter concludes with some policy suggestions and future work related to iSchools.

The Editors

October 2021

Part ICONCEPTUAL ASPECTS ON CLOUD AND APPLICATIONS OF MACHINE LEARNING

1Hybrid Cloud: A New Paradigm in Cloud Computing

Moumita Deb* and Abantika Choudhury†

RCC Institute of Information Technology, Kolkata, West Bengal, India

Abstract

Hybrid cloud computing is basically a combination of cloud computing with on-premise resources to provide work portability, load distribution, and security. Hybrid cloud may include one public and one private cloud, or it may contain two or more private clouds or may have two or more public clouds depending on the requirement. Public clouds are generally provided by third party vendors like Amazon, Google, and Microsoft. These clouds traditionally ran off premise and provide services through internet. Whereas private clouds also offer computing services to selected user either over the internet or within a private internal network and conventionally ran on-premise. But this scenario is changing nowadays. Earlier distinction between private and public clouds can be done on the location and ownership information, but currently, public clouds are running in on-premise data centers of customer and private clouds are constructed on off premise rented, vendor-owned data centers as well. So, the architecture is becoming complex. Hybrid cloud reduces the potential exposure of sensitive or crucial data from the public while keeping non-sensitive data into the cloud. Thus, secure access to data while enjoying attractive services of the public cloud is the key factor in hybrid cloud. Here, we have done a survey on hybrid cloud as it is one of the most promising areas in cloud computing, discuss all insight details. Security issues and measures in hybrid cloud are also discussed along with the use of artificial intelligence. We do not intend to propose any new findings rather we will figure out some of future research directions.

Keywords: PaaS, SaaS, IaaS, SLA, agility, encryption, middleware, AI

1.1 Introduction

Cloud computing is catering computing services such as storage, networking, servers, analytics, intelligence, and software though the internet on demand basis. We typically have to pay for only for the services we use. IT is a growing industry and catering its service requirement is challenging. On-premise resources are not sufficient always, so leveraging attractive facilities provided by cloud service providers is often required. Typical services provided by cloud computing are Platform as a service (PaaS), Software as a service (SaaS), and Infrastructure as a service (IaaS). But all the clouds are not same and no one particular cloud can satisfy all the customer. As a result, various types of services are emerging to cater the need of any organization. The following are the facilities cater by cloud computing.

Scalability:

IT services are not restricted to offline resources anymore, online cloud services can do a wonder. Any business can be extended based on the market need through the use of cloud computing services. A client needs almost nothing but a computer with internet connection, rest of the services can be borrowed from cloud vendors. Business can grow according to the requirement. Scalability is the key factor in adoption of any new paradigm. An organization meant for 100 people can be easily scaled up to 1,000 (ideally any number) people with the help of the cloud computing services.

Cost:

Since cloud provides services pay as you use basis, cost of setting up a business has reduced manifolds. Capital expense in buying server, software, and experts for managing infrastructure is not mandatory anymore; vendors can provide all these services. Cost saving is one of the most lucrative features of cloud computing. Any startup company can afford the cost of the setup price required for the orchestration of public cloud; thus, they can engage their selves exclusively for the development of their business.

Speed:

Cloud computing helps to speed up the overall functioning of any organization. Several lucrative easy-to-use options are just one click away, so designers and programmers can freely think about their innovations, and as a result, the speed and performance can be enhanced. Moreover, since most of the background hazards are handled by the cloud service providers as a result implementation of any advanced thinking can be made possible quickly and effortlessly.

Reliability:

Reliability is a key factor where huge data need to handle all the time. Periodic data backup and use of disaster recovery methods helps to increase the data reliability in cloud computing. Also, since space is not a constraint anymore, clients can keep mirrored data. A reliable system often leads to a secure system. Any organizations need to handle huge user centric sensitive data as well as business related data. Maintaining the reliability in the data need several rules and regulations to be enforced.

Performance:

Improved operation, better customer support, and flexible workplace aid companies to perform better than conventional on-premise system. Amazon helps Car company Toyota to build cloud-based data centers. The company is going to use the behavioral data of the user of the car, and based on that, they will send service and insurance related data [1]. User can also use Facebook or Twitter in their car dashboard. This is only an example; there is lot more. Adaptation of advanced technology excels the performance of existing system as cloud plays a crucial role here.

Security:

Cloud service providers use many security mechanisms like encryption, authentication of user, authorization, and use of some Artificial Intelligence (AI)–based method to secure their app, data, and infrastructure from possible threats.

A combination of secure open source technologies along with integrated network may be used for secure hybrid cloud deployment like it does in HCDM [16]. But, before deployment, the customer need to determine what type of cloud computing architecture is best suitable. There are three different ways to organize cloud: private, public, and hybrid. Here, we will discuss about hybrid cloud, its benefits, and security aspects.

Thus, motivation of this review is to provide a broad details of hybrid cloud computing, why it is gaining popularity, how business is going to be affected through the use of cloud adaption in near future, what security aspects need to dealt by vendors, and how AI can help in this regard. The following sections deal with all this topics.

1.2 Hybrid Cloud

If we go by the definition of National Institute of Standards and Technology [3], hybrid cloud is a “composition of two or more different types of cloud infrastructure that are bind together with the help of proprietary and standardized technology for the purpose of data and application portability. So, Simple amalgamation of cloud and on-premise data should not misinterpret as hybrid cloud. It should also provide the following facilities [2]:

Workload distribution by portability.

Networking between system and devices, by the use of LAN, WAN, or VPN.

Use of a comprehensive unified automation tool.

A complex powerful middleware for abstracting the background details.

Incorporating availability and scalability of resources.

Integrating disaster management and recovery strategies.

Thus, it enables the customer to extend their business by leveraging the attractive services provided by public cloud as well as securing the delicate data through the use of private cloud. When the demand of a business fluctuates that may be sudden peak in the business come or sudden fall down, in those scenarios, hybrid cloud is the best possible option as it has that flexibility [8]. Organizations can seamlessly use public cloud amenities without directly giving access to their data centers which are part of their on-premise servers. So, business critical data and applications can be kept safe behind, while computing power of the public cloud can be used for doing complex tasks. Organizations will only have to pay for the services it is using without considering the capital expenditure involve in purchasing, programming and maintaining new resources which can be used for a short span of time and may remain idle for long. Private cloud on the other hand is more like public cloud, but generally installed on clients datacenter and mainly focus on self-servicing, scalable structure. Single tone service nature, service-level agreement (SLA), and similar association make the relationship between client and cloud stronger and less demanding [33, 34].

1.2.1 Architecture

There may be any combination of cloud services when to deploy a hybrid cloud. It may the client has its own on-premise private cloud as IaaS and leverage public cloud as SaaS. Private cloud may be on premise or sometimes off premise on a dedicated server [10]. There is no fixed fits for all architecture. Private clouds can be made individually, whereas public cloud can be hired from vendors like Amazon, Microsoft, Alibaba, Google, and IBM. Next, a middleware is required to combine public and private cloud mostly provided by the cloud vendors as a part of their package. Figure 1.1 gives general diagram of a hybrid cloud.

In case of hybrid cloud architecture, the following is a list of properties that must to be kept in mind [4]:

a. Multiple devices need to be connected via LAN, WAN, or VPN with a common middleware that provides an API for user services. Rather than using a vast network of API, a single operating system must be used throughout the network and APIs can be built on top of that.

b. Resources are made available to all the connected devices via virtualization and it can be scaled up to any limit.

c. The middleware does all the coordination between devices and resources are made available on demand basis with proper authentication.

1.2.2 Why Hybrid Cloud is Required?

Hybrid cloud means different service to different people [5]. Need of an organization depends on diverse aspects of IT. As the perspective of application designer, business developer, and infrastructure support personnel is different from one another, their expectation from the system also varies.

Figure 1.1 General architecture of hybrid cloud.

Application programmer always requires support for edge technologies

.

Availability of high-end resources and cutting edge technology support is the primary concern of a developer. Off premise support for such is essential. Flexibility in deployment of changing technology services, speedy availability of the new resources required by the solution, peak support for on-premise system, and seamless and continuous integration of system services are key issues need to be dealt in hybrid cloud. Disaster management is also an integral part of it.

On the contrary, infrastructure support personnel always look for a steady build in support for smooth execution of overall activities of the organization

.

Off premise support for virtualized computing resources is often necessary in IT. In this scenario, the role of infrastructure support team is very crucial. Visibility of all the resources wherever it is, monitoring them in federated way following SLA, management of deployed setup for auditing and security management, accessibility of all resources, and control provisioning are key consideration in case of hybrid cloud.

Business developer, on the other hand, focuses on consumer marketing in cost-effective manner

[6]. The need of IT business has manifolds. Support for newly growing technology like mobile or web-based application requires agile and easy to extend network, and at the same time, consistent system and stable process management services cannot be replaced. So, business developers have to look into all these aspects, and at the same time, they have to focus on the cost. The maintenance and management cost should not exceed the overall financial budget. Looking at the SLAs and software license exposure, they need to design financial plans that can fulfill the whole organization’s prerequisites.

No matter how well we plan the future, it still remains uncertain and hybrid cloud provides the facility to use cloud services as and when it is required. It is also quite unlikely that workload of an organization remains same throughout the whole year. Suppose an organization is working on big data analytics, it can take help of public cloud computing resources for high complex computations but that too is not needed for long run, may be require for few months. Here, public cloud resources can be borrowed for few months only. In the same way, startup companies can start with some trivial private resources and take cloud services for rest of the processing. Then, based on the performance, they can plan to expand the business with the help of public cloud. All these are possible only in case of hybrid cloud as it has agility, scalability, data reliability, speedy recovery, and improved connectivity and security.

1.2.3 Business and Hybrid Cloud

According to Hybrid Cloud Market report, in 2018, hybrid cloud market was USD 44.6 billion and expected to grow to USD 97.6 billion by the end of 2023 with Compound Annual Growth Rate (CAGR) of 17.0% [9]. IaaS is expected to hold a large market in the forecast period as it facilitates to migrate workload from on premise to off premise in high peak hours. Hybrid web hosting also hold a big market as it provides management of all hosting services in just single point of contact. North America was the most promising hybrid cloud market place in 2018 and Asia Pacific areas shows the highest CAGR. So, hybrid cloud is a promising area in business. Major sectors using hybrid cloud computing are healthcare, retail, government, or public sectors, banking, entertainment media, insurance, finance, communication media, etc. [14]. According to a report published by Mordor Intelligence, North America, Middle East, Africa, Europe, and Asia Pacific are top growing regions worldwide. Figure 1.2 shows the hybrid cloud market. Green portions represent highly growing market. Hybrid cloud management software solution is the main reason of this popularity. Starting from deployment to quota management, customization of service library, costing, performance management, and governance, everything is taken care of, like the software management tool. Mostly, the services provided by public providers are restricted to some architecture or technology and vendor specific. But the management tool provided by hybrid providers helps to amalgamate different services provided by various vendors. Amazon and Microsoft, the giants in this field, are working hard in the up gradation of their management software by including advanced infrastructure templates, libraries, API, and apps. In India, IBM is also approaching toward hybrid cloud and AI [15]. IBM invested $1 billion into a cloud ecosystem project in the month of August. They are expected to invest more in the coming time. In India, 17% of organizations are planning to spend investment from 42% to 49% on hybrid cloud by 2023 according to a study by IBM IBV. Since India is heading toward a digital transformation and self-reliant camping, so the opportunity of new technology adaptation also increasing.

Figure 1.2 Market trend of hybrid cloud [14].

1.2.4 Things to Remember When Deploying Hybrid Cloud

Having an understanding what hybrid cloud is and how it facilitates the activities of any organization, now, we need to understand some factors that have to be considered before the deployment of hybrid cloud.

Selection of best suitable platform for cloud:

As discussed, the need of every organization is not same. Before deployment of the hybrid cloud, organizations need to have a plan for the services; it will borrow from the public cloud. If it is going to use only SaaS, then it is not a problem but it is going to use IaaS or PaaS and then it is very important to take the correct decision from the commencement of the service as building a hybrid structure that would not be able to handle additional workload generates severe problem.

Whether to use unified OS or not:

In true hybrid cloud, a unified OS is installed in the middleware that basically governs the overall functionalities. But in some cases, on-premise system may be operated by its own OS then just with the help of internet they can connect to public cloud. The performance of this architecture will be vast different from unified OS. OpenStack, VMWare cloud, Nutanix, and Kubernetes are some example of cloud OS framework. These frameworks are sufficient building the middleware and it provides OS and all supporting application for the smooth execution of all activities in hybrid cloud.

How to manage different activity:

Huge amount of data need to be handled in case of hybrid cloud. A hybrid system should look into smooth accessibility of data, and at the same time, security of data needs to be guaranteed. Anyone cannot host any data onto the public cloud. Proper personnel with adequate experience need to be engaged for the management of dedicated applications.

How security of data will be guaranteed:

Since data is moving in between public and private cloud, it needs to be secured. Through security mechanisms of public cloud, it has developed much from its early date but still it is not 100% secure. There are always threats of data breach. Migration of sensitive need special care as sight alteration in business sensitive data might cause severe problem in the business.

How to integrate public cloud with existing on-premise system:

Amalgamation of public cloud onto an existing on-premise system often needs several alterations in the working of the existing on-premise system. Overall performance of the system should always improve with the addition of the public cloud, and it should not degrade.

How to manage common backup and disaster recovery:

Data need to be backed up to ensure reliability and availability. Backing up of all the data both in private and public cloud need to be done. At the same time, the system should be able to handle catastrophic failure or disaster. How to maintain a common routine for all the operational data to accommodate those situations is key to the success of hybrid cloud deployment.

Building a hybrid cloud is a complex procedure but successful implementation will provide scalability, flexibility, security, and cost saving. More and more organizations approaching toward hybrid cloud for the current benefit and future growth.

1.3 Comparison Among Different Hybrid Cloud Providers

The major famous leading cloud computing vendors are Google Cloud, AWS, and Microsoft Azure. They have their some advantages and disadvantages. These three leading cloud providers have important role in the PaaS and IaaS markets. Synergy Research Group reported that the growth of Amazon is very significantly high in overall growth of market. It possesses a share of 33% of cloud market throughout the world. In second position, there is Microsoft. Microsoft is very fast growing and in the last four quarters, and its share has been increased by 3% and it reaches at 18%. Nowadays, cloud computing is become much matured. It is becoming hybrid cloud, and it also becomes more enhanced as market share. New trends have come to improve cloud computing system in 2020 than that of 2017, 2018, and 2019 [17].

Hybrid cloud [17] provides strategy for enterprises that involve operational part of varieties of job in varieties infrastructure, whether on private cloud and public cloud with a proprietary different layers at the top level. Multi-cloud concept is similar kind of but not to involve any private cloud. Hybrid cloud is the most popular strategy among enterprises; 58% of respondents stated that it is their choice able approach while 10% for a single public cloud provider and 17% for multiple public clouds.

Microsoft Azure Stack:

Microsoft is a popular vendor that provides hybrid cloud. Because it has huge on-premises legacy. The services of MS Azure are developed on Windows Server. The .Net framework and the Visual Studio provide better features of on apps for their smoother services [17].

AWS Outposts:

Amazon’s Amazon Web Services (AWS) is a one of the best product. It is one of the most popular in market and its share is next to the Microsoft leading competitor. This company has variety of services and largest data center that continues to provide facilities to billions of customers. AWS is very well-known public cloud that offers many services to connect for installations to the cloud. It also serves everything like disaster recovery and burst capacity [17].