2,975 research outputs found
Enabling Auditing and Intrusion Detection of Proprietary Controller Area Networks
The goal of this dissertation is to provide automated methods for security researchers to overcome ‘security through obscurity’ used by manufacturers of proprietary Industrial Control Systems (ICS). `White hat\u27 security analysts waste significant time reverse engineering these systems\u27 opaque network configurations instead of performing meaningful security auditing tasks. Automating the process of documenting proprietary protocol configurations is intended to improve independent security auditing of ICS networks. The major contributions of this dissertation are a novel approach for unsupervised lexical analysis of binary network data flows and analysis of the time series data extracted as a result. We demonstrate the utility of these methods using Controller Area Network (CAN) data sampled from passenger vehicles
Digital early warning scores in cardiac care settings: Mixed-methods research
The broad adoption of the National Early Warning Score (NEWS2) was formally endorsed for prediction of early deterioration across all settings. With current digitalisation of the Early Warning Score (EWS) through electronic health records (EHR) and automated patient monitoring, there is an excellent opportunity for facilitating and evaluating NEWS2 implementation. However, no evidence yet shows the success of such standardisation or digitalisation of EWS in cardiac care settings. Individuals with cardiovascular disease (CVD) have a significant risk of developing critical events, and CVD-related morbidity is a critical burden for health and social care. However, there is a gap in research evaluating the performance and implementation of EWS in cardiac settings and the role of digital solutions in the implementation and performance of EWS and clinicians' practice.
This PhD aims to provide high-quality evidence on the effectiveness of NEWS2 in predicting worsening events in patients with CVD, the implementation of the digital NEWS2 in two healthcare settings, the experience of escalation of care during the COVID-19 pandemic, and the evaluation of EHR-integrated dashboard for auditing NEWS2 and clinicians' performance
eXplainable AI for trustworthy healthcare applications
Acknowledging that AI will inevitably become a central element of clinical practice,
this thesis investigates the role of eXplainable AI (XAI) techniques in developing
trustworthy AI applications in healthcare. The first part of this thesis focuses on the
societal, ethical, and legal aspects of the use of AI in healthcare. It first compares
the different approaches to AI ethics worldwide and then focuses on the practical
implications of the European ethical and legal guidelines for AI applications in
healthcare. The second part of the thesis explores how XAI techniques can help meet
three key requirements identified in the initial analysis: transparency, auditability,
and human oversight. The technical transparency requirement is tackled by enabling
explanatory techniques to deal with common healthcare data characteristics
and tailor them to the medical field. In this regard, this thesis presents two novel
XAI techniques that incrementally reach this goal by first focusing on multi-label
predictive algorithms and then tackling sequential data and incorporating domainspecific
knowledge in the explanation process. This thesis then analyzes the ability
to leverage the developed XAI technique to audit a fictional commercial black-box
clinical decision support system (DSS). Finally, the thesis studies AI explanation’s
ability to effectively enable human oversight by studying the impact of explanations
on the decision-making process of healthcare professionals
Integrating artificial intelligence into an ophthalmologist’s workflow: obstacles and opportunities
Introduction: Demand in clinical services within the field of ophthalmology is predicted to rise over the future years. Artificial intelligence, in particular, machine learning-based systems, have demonstrated significant potential in optimizing medical diagnostics, predictive analysis, and management of clinical conditions. Ophthalmology has been at the forefront of this digital revolution, setting precedents for integration of these systems into clinical workflows. Areas covered: This review discusses integration of machine learning tools within ophthalmology clinical practices. We discuss key issues around ethical consideration, regulation, and clinical governance. We also highlight challenges associated with clinical adoption, sustainability, and discuss the importance of interoperability. Expert opinion: Clinical integration is considered one of the most challenging stages within the implementation process. Successful integration necessitates a collaborative approach from multiple stakeholders around a structured governance framework, with emphasis on standardization across healthcare providers and equipment and software developers
Foundations, Properties, and Security Applications of Puzzles: A Survey
Cryptographic algorithms have been used not only to create robust ciphertexts
but also to generate cryptograms that, contrary to the classic goal of
cryptography, are meant to be broken. These cryptograms, generally called
puzzles, require the use of a certain amount of resources to be solved, hence
introducing a cost that is often regarded as a time delay---though it could
involve other metrics as well, such as bandwidth. These powerful features have
made puzzles the core of many security protocols, acquiring increasing
importance in the IT security landscape. The concept of a puzzle has
subsequently been extended to other types of schemes that do not use
cryptographic functions, such as CAPTCHAs, which are used to discriminate
humans from machines. Overall, puzzles have experienced a renewed interest with
the advent of Bitcoin, which uses a CPU-intensive puzzle as proof of work. In
this paper, we provide a comprehensive study of the most important puzzle
construction schemes available in the literature, categorizing them according
to several attributes, such as resource type, verification type, and
applications. We have redefined the term puzzle by collecting and integrating
the scattered notions used in different works, to cover all the existing
applications. Moreover, we provide an overview of the possible applications,
identifying key requirements and different design approaches. Finally, we
highlight the features and limitations of each approach, providing a useful
guide for the future development of new puzzle schemes.Comment: This article has been accepted for publication in ACM Computing
Survey
Ethics-based auditing of automated decision-making systems: nature, scope, and limitations
Important decisions that impact human lives, livelihoods, and the natural
environment are increasingly being automated. Delegating tasks to so-called
automated decision-making systems (ADMS) can improve efficiency and enable new
solutions. However, these benefits are coupled with ethical challenges. For
example, ADMS may produce discriminatory outcomes, violate individual privacy,
and undermine human self-determination. New governance mechanisms are thus
needed that help organisations design and deploy ADMS in ways that are ethical,
while enabling society to reap the full economic and social benefits of
automation. In this article, we consider the feasibility and efficacy of
ethics-based auditing (EBA) as a governance mechanism that allows organisations
to validate claims made about their ADMS. Building on previous work, we define
EBA as a structured process whereby an entity's present or past behaviour is
assessed for consistency with relevant principles or norms. We then offer three
contributions to the existing literature. First, we provide a theoretical
explanation of how EBA can contribute to good governance by promoting
procedural regularity and transparency. Second, we propose seven criteria for
how to design and implement EBA procedures successfully. Third, we identify and
discuss the conceptual, technical, social, economic, organisational, and
institutional constraints associated with EBA. We conclude that EBA should be
considered an integral component of multifaced approaches to managing the
ethical risks posed by ADMS.Comment: Artificial Intelligence, Auditing, Automated Decision-Making, Ethics,
Governanc
Intelligent multi-agent system for intrusion detection and countermeasures
Intelligent mobile agent systems offer a new approach to implementing intrusion detection systems (IDS). The prototype intrusion detection system, MAIDS, demonstrates the benefits of an agent-based IDS, including distributing the computational effort, reducing the amount of information sent over the network, platform independence, asynchronous operation, and modularity offering ease of updates. Anomaly detection agents use machine learning techniques to detect intrusions; one such agent processes streams of system calls from privileged processes. Misuse detection agents match known problems and correlate events to detect intrusions. Agents report intrusions to other agents and to the system administrator through the graphical user interface (GUI);A sound basis has been created for the intrusion detection system. Intrusions have been modeled using the Software Fault Tree Analysis (SFTA) technique; when augmented with constraint nodes describing trust, contextual, and temporal relationships, the SFTA forms a basis for stating the requirements of the intrusion detection system. Colored Petri Nets (CPN) have been created to model the design of the Intrusion Detection System. Algorithmic transformations are used to create CPN templates from augmented SFT and to create implementation templates from CPNs. The implementation maintains the CPN semantics in the distributed agent-based intrusion detection system
Advanced Digital Auditing
This open access book discusses the most modern approach to auditing complex digital systems and technologies. It combines proven auditing approaches, advanced programming techniques and complex application areas, and covers the latest findings on theory and practice in this rapidly developing field. Especially for those who want to learn more about novel approaches to testing complex information systems and related technologies, such as blockchain and self-learning systems, the book will be a valuable resource. It is aimed at students and practitioners who are interested in contemporary technology and managerial implications
- …