Bücher
Service
Rajdeep Chakraborty obtained his PhD in CSE from the University of Kalyani. He is currently an assistant professor in the Department of Computer Science and Engineering, Netaji Subhash Engineering College, Garia, Kolkata, India. He has several publications in reputed international journals and conferences and has authored a book on hardware cryptography. His field of interest is mainly in cryptography and computer security.
Anupam Ghosh obtained his PhD in Engineering from Jadavpur University. He is currently a professor in the Department of Computer Science and Engineering, Netaji Subhash Engineering College, Kolkata. He has published more than 80 papers in reputed international journals and conferences. His field of interest is mainly in AI, machine learning, deep learning, image processing, soft computing, bioinformatics, IoT, data mining.
Jyotsna Kumar Mandal obtained his PhD in CSE from Jadavpur University He has more than 450 publications in reputed international journals and conferences. His field of interest is mainly in coding theory, data and network security, remote sensing & GIS-based applications, data compression error corrections, information security, watermarking, steganography and document authentication, image processing, visual cryptography, MANET, wireless and mobile computing/security, unify computing, chaos theory, and applications.
MACHINE LEARNING TECHNIQUES AND ANALYTICS FOR CLOUD SECURITY
This book covers new methods, surveys, case studies, and policy with almost all machine learning techniques and analytics for cloud security solutions
The aim of Machine Learning Techniques and Analytics for Cloud Security is to integrate machine learning approaches to meet various analytical issues in cloud security. Cloud security with ML has long-standing challenges that require methodological and theoretical handling. The conventional cryptography approach is less applied in resource-constrained devices. To solve these issues, the machine learning approach may be effectively used in providing security to the vast growing cloud environment. Machine learning algorithms can also be used to meet various cloud security issues, such as effective intrusion detection systems, zero-knowledge authentication systems, measures for passive attacks, protocols design, privacy system designs, applications, and many more. The book also contains case studies/projects outlining how to implement various security features using machine learning algorithms and analytics on existing cloud-based products in public, private and hybrid cloud respectively.
Audience
Research scholars and industry engineers in computer sciences, electrical and electronics engineering, machine learning, computer security, information technology, and cryptography.
Preface xix
Part I: Conceptual Aspects on Cloud and Applications of Machine Learning 1
1 Hybrid Cloud: A New Paradigm in Cloud Computing 3
Moumita Deb and Abantika Choudhury
1.1 Introduction 3
1.2 Hybrid Cloud 5
1.2.1 Architecture 6
1.2.2 Why Hybrid Cloud is Required? 6
1.2.3 Business and Hybrid Cloud 7
1.2.4 Things to Remember When Deploying Hybrid Cloud 8
1.3 Comparison Among Different Hybrid Cloud Providers 9
1.3.1 Cloud Storage and Backup Benefits 11
1.3.2 Pros and Cons of Different Service Providers 11
1.3.2.1 AWS Outpost 12
1.3.2.2 Microsoft Azure Stack 12
1.3.2.3 Google Cloud Anthos 12
1.3.3 Review on Storage of the Providers 13
1.3.3.1 AWS Outpost Storage 13
1.3.3.2 Google Cloud Anthos Storage 13
1.3.4 Pricing 15
1.4 Hybrid Cloud in Education 15
1.5 Significance of Hybrid Cloud Post-Pandemic 15
1.6 Security in Hybrid Cloud 16
1.6.1 Role of Human Error in Cloud Security 18
1.6.2 Handling Security Challenges 18
1.7 Use of AI in Hybrid Cloud 19
1.8 Future Research Direction 21
1.9 Conclusion 22
References 22
2 Recognition of Differentially Expressed Glycan Structure of H1N1 Virus Using Unsupervised Learning Framework 25
Shillpi Mishrra
2.1 Introduction 25
2.2 Proposed Methodology 27
2.3 Result 28
2.3.1 Description of Datasets 29
2.3.2 Analysis of Result 29
2.3.3 Validation of Results 31
2.3.3.1 T-Test (Statistical Validation) 31
2.3.3.2 Statistical Validation 33
2.3.4 Glycan Cloud 37
2.4 Conclusions and Future Work 38
References 39
3 Selection of Certain Cancer Mediating Genes Using a Hybrid Model Logistic Regression Supported by Principal Component Analysis (PC-LR) 41
Subir Hazra, Alia Nikhat Khurshid and Akriti
3.1 Introduction 41
3.2 Related Methods 44
3.3 Methodology 46
3.3.1 Description 47
3.3.2 Flowchart 49
3.3.3 Algorithm 49
3.3.4 Interpretation of the Algorithm 50
3.3.5 Illustration 50
3.4 Result 51
3.4.1 Description of the Dataset 51
3.4.2 Result Analysis 51
3.4.3 Result Set Validation 52
3.5 Application in Cloud Domain 56
3.6 Conclusion 58
References 59
Part II: Cloud Security Systems Using Machine Learning Techniques 61
4 Cost-Effective Voice-Controlled Real-Time Smart Informative Interface Design With Google Assistance Technology 63
Soumen Santra, Partha Mukherjee and Arpan Deyasi
4.1 Introduction 64
4.2 Home Automation System 65
4.2.1 Sensors 65
4.2.2 Protocols 66
4.2.3 Technologies 66
4.2.4 Advantages 67
4.2.5 Disadvantages 67
4.3 Literature Review 67
4.4 Role of Sensors and Microcontrollers in Smart Home Design 68
4.5 Motivation of the Project 70
4.6 Smart Informative and Command Accepting Interface 70
4.7 Data Flow Diagram 71
4.8 Components of Informative Interface 72
4.9 Results 73
4.9.1 Circuit Design 73
4.9.2 LDR Data 76
4.9.3 API Data 76
4.10 Conclusion 78
4.11 Future Scope 78
References 78
5 Symmetric Key and Artificial Neural Network With Mealy Machine: A Neoteric Model of Cryptosystem for Cloud Security 81
Anirban Bhowmik, Sunil Karforma and Joydeep Dey
5.1 Introduction 81
5.2 Literature Review 85
5.3 The Problem 86
5.4 Objectives and Contributions 86
5.5 Methodology 87
5.6 Results and Discussions 91
5.6.1 Statistical Analysis 93
5.6.2 Randomness Test of Key 94
5.6.3 Key Sensitivity Analysis 95
5.6.4 Security Analysis 96
5.6.5 Dataset Used on ANN 96
5.6.6 Comparisons 98
5.7 Conclusions 99
References 99
6 An Efficient Intrusion Detection System on Various Datasets Using Machine Learning Techniques 103
Debraj Chatterjee
6.1 Introduction 103
6.2 Motivation and Justification of the Proposed Work 104
6.3 Terminology Related to IDS 105
6.3.1 Network 105
6.3.2 Network Traffic 105
6.3.3 Intrusion 106
6.3.4 Intrusion Detection System 106
6.3.4.1 Various Types of IDS 108
6.3.4.2 Working Methodology of IDS 108
6.3.4.3 Characteristics of IDS 109
6.3.4.4 Advantages of IDS 110
6.3.4.5 Disadvantages of IDS 111
6.3.5 Intrusion Prevention System (IPS) 111
6.3.5.1 Network-Based Intrusion Prevention System (NIPS) 111
6.3.5.2 Wireless Intrusion Prevention System (WIPS) 112
6.3.5.3 Network Behavior Analysis (NBA) 112
6.3.5.4 Host-Based Intrusion Prevention System (HIPS) 112
6.3.6 Comparison of IPS With IDS/Relation Between IDS and IPS 112
6.3.7 Different Methods of Evasion in Networks 113
6.4 Intrusion Attacks on Cloud Environment 114
6.5 Comparative Studies 116
6.6 Proposed Methodology 121
6.7 Result 122
6.8 Conclusion and Future Scope 125
References 126
7 You Are Known by Your Mood: A Text-Based Sentiment Analysis for Cloud Security 129
Abhijit Roy and Parthajit Roy
7.1 Introduction 129
7.2 Literature Review 131
7.3 Essential Prerequisites 133
7.3.1 Security Aspects 133
7.3.2 Machine Learning Tools 135
7.3.2.1 Naïve Bayes Classifier 135
7.3.2.2 Artificial Neural Network 136
7.4 Proposed Model 136
7.5 Experimental Setup 138
7.6 Results and Discussions 139
7.7 Application in Cloud Security 142
7.7.1 Ask an Intelligent Security Question 142
7.7.2 Homomorphic Data Storage 142
7.7.3 Information Diffusion 144
7.8 Conclusion and Future Scope 144
References 145
8 The State-of-the-Art in Zero-Knowledge Authentication Proof for Cloud 149
Priyanka Ghosh
8.1 Introduction 149
8.2 Attacks and Countermeasures 153
8.2.1 Malware and Ransomware Breaches 154
8.2.2 Prevention of Distributing Denial of Service 154
8.2.3 Threat Detection 154
8.3 Zero-Knowledge Proof 154
8.4 Machine Learning for Cloud Computing 156
8.4.1 Types of Learning Algorithms 156
8.4.1.1 Supervised Learning 156
8.4.1.2 Supervised Learning Approach 156
8.4.1.3 Unsupervised Learning 157
8.4.2 Application on Machine Learning for Cloud Computing 157
8.4.2.1 Image Recognition 157
8.4.2.2 Speech Recognition 157
8.4.2.3 Medical Diagnosis 158
8.4.2.4 Learning Associations 158
8.4.2.5 Classification 158
8.4.2.6 Prediction 158
8.4.2.7 Extraction 158
8.4.2.8 Regression 158
8.4.2.9 Financial Services 159
8.5 Zero-Knowledge Proof: Details 159
8.5.1 Comparative Study 159
8.5.1.1 Fiat-Shamir ZKP Protocol 159
8.5.2 Diffie-Hellman Key Exchange Algorithm 161
8.5.2.1 Discrete Logarithm Attack 161
8.5.2.2 Man-in-the-Middle Attack 162
8.5.3 ZKP Version 1 162
8.5.4 ZKP Version 2 162
8.5.5 Analysis 164
8.5.6 Cloud Security Architecture 166
8.5.7 Existing Cloud Computing Architectures 167
8.5.8 Issues With Current Clouds 167
8.6 Conclusion 168
References 169
9 A Robust Approach for Effective Spam Detection Using Supervised Learning Techniques 171
Amartya Chakraborty, Suvendu Chattaraj, Sangita Karmakar and Shillpi Mishrra
9.1 Introduction 171
9.2 Literature Review 173
9.3 Motivation 174
9.4 System Overview 175
9.5 Data Description 1769.6 Data Processing 176
9.7 Feature Extraction 178
9.8 Learning Techniques Used 179
9.8.1 Support Vector Machine 179
9.8.2 k-Nearest Neighbors 180
9.8.3 Decision Tree 180
9.8.4 Convolutional Neural Network 180
9.9 Experimental Setup 182
9.10 Evaluation Metrics 183
9.11 Experimental Results 185
9.11.1 Observations in Comparison With State-of-the-Art 187
9.12 Application in Cloud Architecture 188
9.13 Conclusion 189
References 190
10 An Intelligent System for Securing Network From Intrusion Detection and Prevention of Phishing Attack Using Machine Learning Approaches 193
Sumit Banik, Sagar Banik and Anupam Mukherjee
10.1 Introduction 193
10.1.1 Types of Phishing 195
10.1.1.1 Spear Phishing 195
10.1.1.2 Whaling 195
10.1.1.3 Catphishing and Catfishing 195
10.1.1.4 Clone Phishing 196
10.1.1.5 Voice Phishing 196
10.1.2 Techniques of Phishing 196
10.1.2.1 Link Manipulation 196
10.1.2.2 Filter Evasion 196
10.1.2.3 Website Forgery 196
10.1.2.4 Covert Redirect 197
10.2 Literature Review 197
10.3 Materials and Methods 199
10.3.1 Dataset and Attributes 199
10.3.2 Proposed Methodology 199
10.3.2.1 Logistic Regression 202
10.3.2.2 Naïve Bayes 202
10.3.2.3 Support Vector Machine 203
10.3.2.4 Voting Classification 203
10.4 Result Analysis 204
10.4.1 Analysis of Different Parameters for ML Models 204
10.4.2 Predictive Outcome Analysis in Phishing URLs Dataset 205
10.4.3 Analysis of Performance Metrics 206
10.4.4 Statistical Analysis of Results 210
10.4.4.1 ANOVA: Two-Factor Without Replication 210
10.4.4.2 ANOVA: Single Factor 210
10.5 Conclusion 210
References 211
Part III: Cloud Security Analysis Using Machine Learning Techniques 213
11 Cloud Security Using Honeypot Network and Blockchain: A Review 215
Smarta Sangui* and Swarup Kr Ghosh
11.1 Introduction 215
11.2 Cloud Computing Overview 216
11.2.1 Types of Cloud Computing Services 216
11.2.1.1 Software as a Service 216
11.2.1.2 Infrastructure as a Service 218
11.2.1.3 Platform as a Service 218
11.2.2 Deployment Models of Cloud Computing 218
11.2.2.1 Public Cloud 218
11.2.2.2 Private Cloud 218
11.2.2.3 Community Cloud 219
11.2.2.4 Hybrid Cloud 219
11.2.3 Security Concerns in Cloud Computing 219
11.2.3.1 Data Breaches 219
11.2.3.2 Insufficient Change Control and Misconfiguration 219
11.2.3.3 Lack of Strategy and Security Architecture 220
11.2.3.4 Insufficient Identity, Credential, Access, and Key Management 220
11.2.3.5 Account Hijacking 220
11.2.3.6 Insider Threat 220
11.2.3.7 Insecure Interfaces and APIs 220
11.2.3.8 Weak Control Plane 221
11.3 Honeypot System 221
11.3.1 VM (Virtual Machine) as Honeypot in the Cloud 221
11.3.2 Attack Sensing and Analyzing Framework 222
11.3.3 A Fuzzy Technique Against Fingerprinting Attacks 223
11.3.4 Detecting and Classifying Malicious Access 224
11.3.5 A Bayesian Defense Model for Deceptive Attack 224
11.3.6 Strategic Game Model for DDoS Attacks in Smart Grid 226
11.4 Blockchain 227
11.4.1 Blockchain-Based Encrypted Cloud Storage 228
11.4.2 Cloud-Assisted EHR Sharing via Consortium Blockchain 229
11.4.3 Blockchain-Secured Cloud Storage 230
11.4.4 Blockchain and Edge Computing-Based Security Architecture 230
11.4.5 Data Provenance Architecture in Cloud Ecosystem Using Blockchain 231
11.6 Comparative Analysis 233
11.7 Conclusion 233
References 234
12 Machine Learning-Based Security in Cloud Database--A Survey 239
Utsav Vora, Jayleena Mahato, Hrishav Dasgupta, Anand Kumar and Swarup Kr Ghosh
12.1 Introduction 239
12.2 Security Threats and Attacks 241
12.3 Dataset Description 244
12.3.1 NSL-KDD Dataset 244
12.3.2 UNSW-NB15 Dataset 244
12.4 Machine Learning for Cloud Security 245
12.4.1 Supervised Learning Techniques 245
12.4.1.1 Support Vector Machine 245
12.4.1.2 Artificial Neural Network 247
12.4.1.3 Deep Learning 249
12.4.1.4 Random Forest 250
12.4.2 Unsupervised Learning Techniques 251
12.4.2.1 K-Means Clustering 252
12.4.2.2 Fuzzy C-Means Clustering 253
12.4.2.3 Expectation-Maximization Clustering 253
12.4.2.4 Cuckoo Search With Particle Swarm Optimization (PSO) 254
12.4.3 Hybrid Learning Techniques 256
12.4.3.1 HIDCC: Hybrid Intrusion Detection Approach in Cloud Computing 256
12.4.3.2 Clustering-Based Hybrid Model in Deep Learning ramework 257
12.4.3.3 K-Nearest Neighbor-Based Fuzzy C-Means Mechanism 258
12.4.3.4 K-Means Clustering Using Support Vector Machine 260
12.4.3.5 K-Nearest Neighbor-Based Artificial Neural Network Mechanism 260
12.4.3.6 Artificial Neural Network Fused With Support Vector Machine 261
12.4.3.7 Particle Swarm Optimization-Based Probabilistic Neural Network 261
12.5 Comparative Analysis 262
12.6 Conclusion 264
References 267
13 Machine Learning Adversarial Attacks: A Survey Beyond 271
Chandni Magoo and Puneet Garg
13.1 Introduction 271
13.2 Adversarial Learning 272
13.2.1 Concept 272
13.3 Taxonomy of Adversarial Attacks 273
13.3.1 Attacks Based on Knowledge 273
13.3.1.1 Black Box Attack (Transferable Attack) 273
13.3.1.2 White Box Attack 274
13.3.2 Attacks Based on Goals 275
13.3.2.1 Target Attacks 275
13.3.2.2 Non-Target Attacks 275
13.3.3 Attacks Based on Strategies 275
13.3.3.1 Poisoning Attacks 275
13.3.3.2 Evasion Attacks 276
13.3.4 Textual-Based Attacks (NLP) 276
13.3.4.1 Character Level Attacks 276
13.3.4.2 Word-Level Attacks 276
13.3.4.3 Sentence-Level Attacks 276
13.4 Review of Adversarial Attack Methods 276
13.4.1 L-BFGS 277
13.4.2 Feedforward Derivation Attack (Jacobian Attack) 277
13.4.3 Fast Gradient Sign Method 278
13.4.4 Methods of Different Text-Based Adversarial Attacks 278
13.4.5 Adversarial Attacks Methods Based on Language Models 284
13.4.6 Adversarial Attacks on Recommender Systems 284
13.4.6.1 Random Attack 284
13.4.6.2 Average Attack 286
13.4.6.3 Bandwagon Attack 286
13.4.6.4 Reverse Bandwagon Attack 286
13.5 Adversarial Attacks on Cloud-Based Platforms 287
13.6 Conclusion 288
References 288
14 Protocols for Cloud Security 293
Weijing You and Bo Chen
14.1 Introduction 293
14.2 System and Adversarial Model 295
14.2.1 System Model 295
14.2.2 Adversarial Model 295
14.3 Protocols for Data Protection in Secure Cloud Computing 296
14.3.1 Homomorphic Encryption 297
14.3.2 Searchable Encryption 298
14.3.3 Attribute-Based Encryption 299
14.3.4 Secure Multi-Party Computation 300
14.4 Protocols for Data Protection in Secure Cloud Storage 301
14.4.1 Proofs of Encryption 301
14.4.2 Secure Message-Locked Encryption 303
14.4.3 Proofs of Storage 303
14.4.4 Proofs of Ownership 305
14.4.5 Proofs of Reliability 306
14.5 Protocols for Secure Cloud Systems 309
14.6 Protocols for Cloud Security in the Future 309
14.7 Conclusion 310
References 311
Part IV: Case Studies Focused on Cloud Security 313
15 A Study on Google Cloud Platform (GCP) and Its Security 315
Agniswar Roy, Abhik Banerjee and Navneet Bhardwaj
15.1 Introduction 315
15.1.1 Google Cloud Platform Current Market Holding 316
15.1.1.1 The Forrester Wave 317
15.1.1.2 Gartner Magic Quadrant 317
15.1.2 Google Cloud Platform Work Distribution 317
15.1.2.1 SaaS 318
15.1.2.2 PaaS 318
15.1.2.3 IaaS 318
15.1.2.4 On-Premise 318
15.2 Google Cloud Platform's Security Features Basic Overview 318
15.2.1 Physical Premises Security 319
15.2.2 Hardware Security 319
15.2.3 Inter-Service Security 319
15.2.4 Data Security 320
15.2.5 Internet Security 320
15.2.6 In-Software Security 320
15.2.7 End User Access Security 321
15.3 Google Cloud Platform's Architecture 321
15.3.1 Geographic Zone 321
15.3.2 Resource Management 322
15.3.2.1 IAM 322
15.3.2.2 Roles 323
15.3.2.3 Billing 323
15.4 Key Security Features 324
15.4.1 IAP 324
15.4.2 Compliance 325
15.4.3 Policy Analyzer 326
15.4.4 Security Command Center 326
15.4.4.1 Standard Tier 326
15.4.4.2 Premium Tier 326
15.4.5 Data Loss Protection 329
15.4.6 Key Management 329
15.4.7 Secret Manager 330
15.4.8 Monitoring 330
15.5 Key Application Features 330
15.5.1 Stackdriver (Currently Operations) 330
15.5.1.1 Profiler 330
15.5.1.2 Cloud Debugger 330
15.5.1.3 Trace 331
15.5.2 Network 331
15.5.3 Virtual Machine Specifications 332
15.5.4 Preemptible VMs 332
15.6 Computation in Google Cloud Platform 332
15.6.1 Compute Engine 332
15.6.2 App Engine 333
15.6.3 Container Engine 333
15.6.4 Cloud Functions 333
15.7 Storage in Google Cloud Platform 333
15.8 Network in Google Cloud Platform 334
15.9 Data in Google Cloud Platform 334
15.10 Machine Learning in Google Cloud Platform 335
15.11 Conclusion 335
References 337
16 Case Study of Azure and Azure Security Practices 339
Navneet Bhardwaj, Abhik Banerjee and Agniswar Roy
16.1 Introduction 339
16.1.1 Azure Current Market Holding 340
16.1.2 The Forrester Wave 340
16.1.3 Gartner Magic Quadrant 340
16.2 Microsoft Azure--The Security Infrastructure 341
16.2.1 Azure Security Features and Tools 341
16.2.2 Network Security 342
16.3 Data Encryption 342
16.3.1 Data Encryption at Rest 342
16.3.2 Data Encryption at Transit 342
16.3.3 Asset and Inventory Management 343
16.3.4 Azure Marketplace 343
16.4 Azure Cloud Security Architecture 344
16.4.1 Working 344
16.4.2 Design Principles 344
16.4.2.1 Alignment of Security Policies 344
16.4.2.2 Building a Comprehensive Strategy 345
16.4.2.3 Simplicity Driven 345
16.4.2.4 Leveraging Native Controls 345
16.4.2.5 Identification-Based Authentication 345
16.4.2.6 Accountability 345
16.4.2.7 Embracing Automation 345
16.4.2.8 Stress on Information Protection 345
16.4.2.9 Continuous Evaluation 346
16.4.2.10 Skilled Workforce 346
16.5 Azure Architecture 346
16.5.1 Components 346
16.5.1.1 Azure Api Gateway 346
16.5.1.2 Azure Functions 346
16.5.2 Services 347
16.5.2.1 Azure Virtual Machine 347
16.5.2.2 Blob Storage 347
16.5.2.3 Azure Virtual Network 348
16.5.2.4 Content Delivery Network 348
16.5.2.5 Azure SQL Database 349
16.6 Features of Azure 350
16.6.1 Key Features 350
16.6.1.1 Data Resiliency 350
16.6.1.2 Data Security 350
16.6.1.3 BCDR Integration 350
16.6.1.4 Storage Management 351
16.6.1.5 Single Pane View 351
16.7 Common Azure Security Features 351
16.7.1 Security Center 351
16.7.2 Key Vault 351
16.7.3 Azure Active Directory 352
16.7.3.1 Application Management 352
16.7.3.2 Conditional Access 352
16.7.3.3 Device Identity Management 352
16.7.3.4 Identity Protection 353
16.7.3.5 Azure Sentinel 353
16.7.3.6 Privileged Identity Management 354
16.7.3.7 Multifactor Authentication 354
16.7.3.8 Single Sign On 354
16.8 Conclusion 355
References 355
17 Nutanix Hybrid Cloud From Security Perspective 357
Abhik Banerjee, Agniswar Roy, Amar Kalvikatte and Navneet Bhardwaj
17.1 Introduction 357
17.2 Growth of Nutanix 358
17.2.1 Gartner Magic Quadrant 358
17.2.2 The Forrester Wave 358
17.2.3 Consumer Acquisition 359
17.2.4 Revenue 359
17.3 Introductory Concepts 361
17.3.1 Plane Concepts 361
17.3.1.1 Control Plane 361
17.3.1.2 Data Plane 361
17.3.2 Security Technical Implementation Guides 362
17.3.3 SaltStack and SCMA 362
17.4 Nutanix Hybrid Cloud 362
17.4.1 Prism 362
17.4.1.1 Prism Element 363
17.4.1.2 Prism Central 364
17.4.2 Acropolis 365
17.4.2.1 Distributed Storage Fabric 365
17.4.2.2 AHV 367
17.5 Reinforcing AHV and Controller VM 367
17.6 Disaster Management and Recovery 368
17.6.1 Protection Domains and Consistent Groups 368
17.6.2 Nutanix DSF Replication of OpLog 369
17.6.3 DSF Snapshots and VmQueisced Snapshot Service 370
17.6.4 Nutanix Cerebro 370
17.7 Security and Policy Management on Nutanix Hybrid Cloud 371
17.7.1 Authentication on Nutanix 372
17.7.2 Nutanix Data Encryption 372
17.7.3 Security Policy Management 373
17.7.3.1 Enforcing a Policy 374
17.7.3.2 Priority of a Policy 374
17.7.3.3 Automated Enforcement 374
17.8 Network Security and Log Management 374
17.8.1 Segmented and Unsegmented Network 375
17.9 Conclusion 376
References 376
Part V: Policy Aspects 379
18 A Data Science Approach Based on User Interactions to Generate Access Control Policies for Large Collections of Documents 381
Jedidiah Yanez-Sierra, Arturo Diaz-Perez and Victor Sosa-Sosa
18.1 Introduction 381
18.2 Related Work 383
18.3 Network Science Theory 384
18.4 Approach to Spread Policies Using Networks Science 387
18.4.1 Finding the Most Relevant Spreaders 388
18.4.1.1 Weighting Users 389
18.4.1.2 Selecting the Top Spreaders 390
18.4.2 Assign and Spread the Access Control Policies 390
18.4.2.1 Access Control Policies 391
18.4.2.2 Horizontal Spreading 391
18.4.2.3 Vertical Spreading (Bottom-Up) 392
18.4.2.4 Policies Refinement 395
18.4.3 Structural Complexity Analysis of CP-ABE Policies 395
18.4.3.1 Assessing the WSC for ABE Policies 396
18.4.3.2 Assessing the Policies Generated in the Spreading Process 397
18.4.4 Effectiveness Analysis 398
18.4.4.1 Evaluation Metrics 399
18.4.4.2 Adjusting the Interaction Graph to Assess Policy Effectiveness 400
18.4.4.3 Method to Complement the User Interactions (Synthetic Edges Generation) 400
18.4.5 Measuring Policy Effectiveness in the User Interaction Graph 403
18.4.5.1 Simple Node-Based Strategy 403
18.4.5.2 Weighted Node-Based Strategy 404
18.5 Evaluation 405
18.5.1 Dataset Description 405
18.5.2 Results of the Complexity Evaluation 406
18.5.3 Effectiveness Results From the Real Edges 407
18.5.4 Effectiveness Results Using Real and Synthetic Edges 408
18.5.4.1 Results of the Effectiveness Metrics for the Enhanced G+ Graph 410
18.6 Conclusions 413
References 414
19 AI, ML, & Robotics in iSchools: An Academic Analysis for an Intelligent Societal Systems 417
P. K. Paul
19.1 Introduction 417
19.2 Objective 419
19.3 Methodology 420
19.3.1 iSchools, Technologies, and Artificial Intelligence, ML, and Robotics 420
19.4 Artificial Intelligence, ML, and Robotics: An Overview 427
19.5 Artificial Intelligence, ML, and Robotics as an Academic Program: A Case on iSchools--North American Region 428
19.6 Suggestions 431
19.7 Motivation and Future Works 435
19.8 Conclusion 435
References 436
Index 439
