Skip to main content
SpringerLink
Log in

A Practicable Machine Learning Solution for Security-Cognizant Data Placement on Cloud Platforms

  • Chapter
  • First Online:
Book cover Handbook of Computer Networks and Cyber Security

Abstract

While designing data placement strategies for cloud storage platforms, data security and data retrieval time are two equally important parameters that determine the quality of data placement. As these two parameters are generally mutually conflicting, it is imperative that we need to strike a balance between data security and retrieval time to assure the quality-of-service promised by the network/cloud service provider. To guarantee the data integrity of data stored on the network storage nodes in case of any threats or cyberattacks, the placement strategy should be adaptable to incorporate the threat characteristics. This is achieved by integrating machine intelligence to the network prone to attacks to identify the most vulnerable threat type for each node. This objective forms an imperative addendum to the attack resilient and retrieval time trade-off strategy (ARRT) strategy proposed in the literature to deploy as a practicable solution for a service provider. A set of Pareto-optimal solutions which strikes a balance between retrieval time and security based on inherent network properties by ARRT will be our initial condition for our machine learning model in this work. We take a radically different approach in which we attempt to identify the most vulnerable threat type for each node in the recommended Pareto-optimal solutions to minimize data loss through appropriate refinement of the existing data placement. This is achieved by supplementing the evolutionary algorithm with a machine learning model and we refer to this integrated and complete approach as security-cognizant data placement (SDP) strategy. In this study, based on the relevant performance metric that includes data integrity which is a measure of robustness, we evaluate and quantify our performance through rigorous discrete event simulations on arbitrary cloud topologies and demonstrate the impact of a neural network in delivering a superior performance.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 299.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Awan, M. S. K., Burnap, P., & Rana, O. (2016). Identifying cyber risk hotspots: A framework for measuring temporal variance in computer network risk. Computers & Security, 57, 31–46.

    Article  Google Scholar 

  2. Boru, D., Kliazovich, D., Granelli, F., Bouvry, P., & Zomaya, A. Y. (2015). Energy-efficient data replication in cloud computing datacenters. Cluster Computing, 18(1), 385–402.

    Article  Google Scholar 

  3. Buczak, A. L., & Guven, E. (2016). A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys & Tutorials, 18(2), 1153–1176.

    Article  Google Scholar 

  4. da Silva, G. H. G., Holanda, M., & Araujo, A. (2016). Data replication policy in a cloud computing environment. In 11th Iberian Conference on Information Systems and Technologies (CISTI), 2016 (pp. 1–6). Piscataway: IEEE.

    Google Scholar 

  5. di Vimercati, S. D. C., Foresti, S., Jajodia, S., Livraga, G., Paraboschi, S., & Samarati, P. (2014). Fragmentation in presence of data dependencies. IEEE Transactions on Dependable and Secure Computing, 11(6), 510–523.

    Article  Google Scholar 

  6. Hodo, E., Bellekens, X., Hamilton, A., Dubouilh, P. L., Iorkyase, E., Tachtatzis, C., et al. (2016). Threat analysis of IoT networks using artificial neural network intrusion detection system. In International Symposium on Networks, Computers and Communications (ISNCC), 2016 (pp. 1–6). Piscataway: IEEE.

    Google Scholar 

  7. Hoque, N., Bhuyan, M. H., Baishya, R. C., Bhattacharyya, D. K., & Kalita, J. K. (2014). Network attacks: Taxonomy, tools and systems. Journal of Network and Computer Applications, 40, 307–324.

    Article  Google Scholar 

  8. Hsu, C. J., Freeh, V. W., & Villanustre, F. (2017). Trilogy: Data placement to improve performance and robustness of cloud computing. In 2017 IEEE International Conference on Big Data (pp. 2442–2451). Piscataway: IEEE.

    Chapter  Google Scholar 

  9. Hudic, A., Islam, S., Kieseberg, P., Rennert, S., & Weippl, E. R. (2013) Data confidentiality using fragmentation in cloud computing. International Journal of Pervasive Computing and Communications, 9(1), 37–51.

    Article  Google Scholar 

  10. Ikken, S., Renault, É., Barkat, A., Tari, A., & Kechad, T. (2017). Cost-efficient big intermediate data placement in a collaborative cloud storage environment. In IEEE 19th International Conference on High Performance Computing and Communications; IEEE 15th International Conference on Smart City; IEEE 3rd International Conference on Data Science and Systems (HPCC/SmartCity/DSS), 2017 (pp. 514–521). Piscataway: IEEE.

    Google Scholar 

  11. Kale, R.V., Veeravalli, B., & Wang, X. (2017). Design and performance characterization of practically realizable graph-based security aware algorithms for hierarchical and non-hierarchical cloud architectures. In International Conference on Frontier Computing (pp. 392–402). Singapore: Springer,

    Google Scholar 

  12. Kapusta, K., & Memmi, G. (2015). Data protection by means of fragmentation in distributed storage systems. In International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS), 2015 (pp. 1–8). Piscataway: IEEE.

    Google Scholar 

  13. Khalajzadeh, H., Yuan, D., Grundy, J., & Yang, Y. (2017). Cost-effective social network data placement and replication using graph-partitioning. In IEEE International Conference on Cognitive Computing (ICCC), 2017 (pp. 64–71). Piscataway: IEEE.

    Chapter  Google Scholar 

  14. Lentini, S., Grosso, E., & Masala, G. L. (2018). A comparison of data fragmentation techniques in cloud servers. In International Conference on Emerging Internetworking, Data & Web Technologies (pp. 560–571). Cham: Springer.

    Google Scholar 

  15. Li, Y., Dai, W., Ming, Z., & Qiu, M. (2016). Privacy protection for preventing data over-collection in smart city. IEEE Transactions on Computers, 65(5), 1339–1350.

    Article  MathSciNet  Google Scholar 

  16. Lin, J. W., Chen, C. H., & Chang, J. M. (2013). QoS-aware data replication for data-intensive applications in cloud computing systems. IEEE Transactions on Cloud Computing, 1(1), 101–115.

    Article  Google Scholar 

  17. Liu, W., Peng, S., Du, W., Wang, W., & Zeng, G. S. (2014). Security-aware intermediate data placement strategy in scientific cloud workflows. Knowledge and Information Systems, 41(2), 423–447.

    Article  Google Scholar 

  18. Mansouri, N. (2016). QDR: A QoS-aware data replication algorithm for data grids considering security factors. Cluster Computing, 19(3), 1071–1087.

    Article  Google Scholar 

  19. Mansouri, Y., Toosi, A. N., & Buyya, R. (2017). Data storage management in cloud environments: Taxonomy, survey, and future directions. ACM Computing Surveys (CSUR), 50(6), 91.

    Article  Google Scholar 

  20. Matt, J., Waibel, P., & Schulte, S. (2017). Cost-and latency-efficient redundant data storage in the cloud. In IEEE 10th International Conference on Service-Oriented Computing and Applications (SOCA), 2017 (pp. 164–172). Piscataway: IEEE.

    Chapter  Google Scholar 

  21. Oh, K., Chandra, A., & Weissman, J. (2017). Trips: Automated multi-tiered data placement in a geo-distributed cloud environment. In Proceedings of the 10th ACM International Systems and Storage Conference (p. 12). New York: ACM.

    Google Scholar 

  22. Saied, A., Overill, R. E., & Radzik, T. (2016). Detection of known and unknown DDoS attacks using artificial neural networks. Neurocomputing, 172, 385–393.

    Article  Google Scholar 

  23. Seada, H., & Deb, K. (2016). A unified evolutionary optimization procedure for single, multiple, and many objectives. IEEE Transactions on Evolutionary Computation, 20(3), 358–369.

    Article  Google Scholar 

  24. Sen, A., & Madria, S. (2016). Risk assessment in a sensor cloud framework using attack graphs. IEEE Transactions on Services Computing, 10, 942–955.

    Article  Google Scholar 

  25. Wang, X., Vishwanath, K. R., & Veeravalli, B. (2017). Simultaneous optimization of user-centric security-conscious data storage on cloud platforms. In IEEE 42nd Local Computer Networks (LCN) (pp. 223–226).

    Google Scholar 

  26. Zhang, K., Ni, J., Yang, K., Liang, X., Ren, J., & Shen, X. S. (2017). Security and privacy in smart city applications: Challenges and solutions. IEEE Communications Magazine, 55(1), 122–129.

    Article  Google Scholar 

  27. Zhang, Q., & Li, H. (2007). Moea/d: A multiobjective evolutionary algorithm based on decomposition. IEEE Transactions on Evolutionary Computation, 11(6), 712–731.

    Article  Google Scholar 

Download references

Acknowledgements

The NUS authors would like to thank the funding support by MOE Tier-1 grant no. R-263-000-C14-112 in carrying out this project. The third author would like to thank the funding support by NNSF, China (No.61402350, No.61472297, and No.61572391) and CSC, China.

Author information

Authors and Affiliations

  1. Department of Electrical and Computer Engineering, National University of Singapore, Singapore, Singapore

    Rahul Vishwanath Kale & Bharadwaj Veeravalli

  2. School of Computer Science and Technology, Xidian University, Xi’an, China

    Xiaoli Wang

Authors
  1. Rahul Vishwanath Kale
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bharadwaj Veeravalli
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xiaoli Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rahul Vishwanath Kale .

Editor information

Editors and Affiliations

  1. Department of Computer Engineering, National Institute of Technology Kurukshetra, Kurukshetra, India

    Brij B. Gupta

  2. Department of Computer Science, University of Murcia, Catedrático de Universidad, Murcia, Spain

    Gregorio Martinez Perez

  3. Department of Electrical Engineering and Computer Science, University of Cincinnati, Cincinnati, USA

    Dharma P. Agrawal

  4. LoginRadius Inc., Vancouver, BC, Canada

    Deepak Gupta

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Kale, R.V., Veeravalli, B., Wang, X. (2020). A Practicable Machine Learning Solution for Security-Cognizant Data Placement on Cloud Platforms. In: Gupta, B., Perez, G., Agrawal, D., Gupta, D. (eds) Handbook of Computer Networks and Cyber Security. Springer, Cham. https://doi.org/10.1007/978-3-030-22277-2_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-22277-2_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-22276-5

  • Online ISBN: 978-3-030-22277-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation