Through the Looking-Glass: Transparency Implications and Challenges in Enterprise AI Knowledge Systems

Knowledge can't be disentangled from people. As AI knowledge systems mine vast volumes of work-related data, the knowledge that's being extracted and surfaced is intrinsically linked to the people who create and use it. When these systems get embedded in organizational settings, the information that is brought to the foreground and the information that's pushed to the periphery can influence how individuals see each other and how they see themselves at work. In this paper, we present the looking-glass metaphor and use it to conceptualize AI knowledge systems as systems that reflect and distort, expanding our view on transparency requirements, implications and challenges. We formulate transparency as a key mediator in shaping different ways of seeing, including seeing into the system, which unveils its capabilities, limitations and behavior, and seeing through the system, which shapes workers' perceptions of their own contributions and others within the organization. Recognizing the sociotechnical nature of these systems, we identify three transparency dimensions necessary to realize the value of AI knowledge systems, namely system transparency, procedural transparency and transparency of outcomes. We discuss key challenges hindering the implementation of these forms of transparency, bringing to light the wider sociotechnical gap and highlighting directions for future Computer-supported Cooperative Work (CSCW) research

Court-System Transparency

This article applies systems analysis to two ends. First, it identifies simple changes that would make the court system transparent. Second, it projects transparency\u27s consequences. Transparency means that both the patterns across, and details of, case files are revealed to policymakers, litigants, and the public in easily understood forms. Government must make two changes to achieve court system transparency. The first is to remove the existing restrictions on the electronic release of court documents, including the requirements for registration, separate requests for each document, and monetary payment. The second - already being implemented in the federal courts - is to require the use of data-enabled forms. Once these changes are in place, institutions and private parties will process the available data at the parties\u27 own expense. That processing will generate millions of real-time views of court system operation using automatically-updated regression analyses and both textual and graphical data displays. The effect would be a renaissance. Corruption, incompetence, inefficiency, prejudice and favoritism would be exposed and wither. Litigation would be cheap and easy because parties could see all court files in the system and copy the work of others. Policy makers could see the human consequences of the laws they enact and adjust accordingly. Lawyers could predict the outcomes of their cases, making litigation less necessary. Citizens would for the first time be able to derive and see the real rules by which they are governed. Transparency would have a minimal effect on privacy. The data processed are already public record and adequate privacy protections are already provided through sealing orders and redaction requirements. Transparency would generate pressures on judges and court administrators, but the effects of those pressures would be generally positive. Limitations on the public enforcement of private arbitration awards might be necessary to prevent parties from opting out of the transparent system

Mimicking anti-viruses with machine learning and entropy profiles

The quality of anti-virus software relies on simple patterns extracted from binary files. Although these patterns have proven to work on detecting the specifics of software, they are extremely sensitive to concealment strategies, such as polymorphism or metamorphism. These limitations also make anti-virus software predictable, creating a security breach. Any black hat with enough information about the anti-virus behaviour can make its own copy of the software, without any access to the original implementation or database. In this work, we show how this is indeed possible by combining entropy patterns with classification algorithms. Our results, applied to 57 different anti-virus engines, show that we can mimic their behaviour with an accuracy close to 98% in the best case and 75% in the worst, applied on Windows’ disk resident malware

Mimicking anti-viruses with machine learning and entropy profiles

The quality of anti-virus software relies on simple patterns extracted from binary files. Although these patterns have proven to work on detecting the specifics of software, they are extremely sensitive to concealment strategies, such as polymorphism or metamorphism. These limitations also make anti-virus software predictable, creating a security breach. Any black hat with enough information about the anti-virus behaviour can make its own copy of the software, without any access to the original implementation or database. In this work, we show how this is indeed possible by combining entropy patterns with classification algorithms. Our results, applied to 57 different anti-virus engines, show that we can mimic their behaviour with an accuracy close to 98% in the best case and 75% in the worst, applied on Windows’ disk resident malware

Application of Blockchain Technology for Assuring Transparency and Authenticity of Nuclear Safety Information

학위논문 (석사)-- 서울대학교 대학원 : 공과대학 에너지시스템공학부, 2019. 2. Oda, Takuji.본 논문에서는 우리나라 원자력계에 주민 참여 기구와 국회의 감시를 도입하여 보다 투명한 시스템을 갖추는 것을 제안한다. 여기서 소통 수단은 블록체인 플랫폼으로, 모든 문서가 기록 및 추적이 용이하다는 장점이 있다. 본 시스템을 사용하면 문서의 진본성을 확립하여, 원자력계의 안전 이슈를 투명하게 처리할 수 있다. 보고서 추적, 재료 추적 등을 통해 현 원자력계에 내재되어있던 문제의 근본원인 중, 추적이 불가피하여 생겼던 근본원인 종류를 막을 수 있다는 의의가 있다. 추적을 통해 사건의 재발을 막고, 기관의 책임성을 강화시킬 수 있다. 본 논문이 원자력계의 안전 분야에 기여를 할 수 있기를 바란다.The transparency of nuclear safety information will provide NGO, experts and local community, opportunities to function as independent safety watchdogs. However, both data security and authenticity present critical challenge to the transparency policy of Nuclear Safety Security Committee. In this thesis, it is shown that blockchain methodology can be applied to overcome the challenges by a case study. In addition, institutional oversight of transparency and authenticity is proposed to involve the National Assembly and public stakeholders, based on lessons learned from U.S. and French experiences. With this unique combination of technology, policy and institutional system, it has been shown that the safety information confidentiality, transparency and authenticity can be instrumental to preventing recurrence of similar incident though the eliminate of root cause and hence to improving national confidence in safety and security of nuclear reports. This system is expected to help prevent the recurrence of similar incidents, and counterfeit, fraudulent, and suspect items(CFSI) through a root cause elimination.Chapter 1 Introduction 1.1 Public-confidence in Korean Nuclear Safety Regulations 1.2 Methodology 1.3 Incident Recurrence 1.4 Cause of Events Chapter 2 Safety Transparency Assurance for Root Cause Elimination 2.1 Nuclear Safety Act 2.2 France Case Study 2.3 America Case Study 2.4 Korea Status 2.5 Proposal of Local Safety Secure Committee in Korea Chapter 3 Safety Transparency with Confidentiality Using Blockchain 3.1 Blockchain Introduction 3.2 Closed Network Formation 3.3 Institutional Structure for Transparency 3.4 Current nuclear document management system in Korea and other blockchain applications Chapter 4 Impact of Block Chain Applications on Root Cause Analysis 4.1 Blockchain Merits 4.2 Future Work Chapter 5 ConlclusionMaste

Looking towards the future: the changing nature of intrusive surveillance and technical attacks against high-profile targets

In this thesis a novel Bayesian model is developed that is capable of predicting the probability of a range of eavesdropping techniques deployed, given an attacker's capability, opportunity and intent. Whilst limited attention by academia has focused on the cold war activities of Soviet bloc and Western allies' bugging of embassies, even less attention has been paid to the changing nature of the technology used for these eavesdropping events. This thesis makes four contributions: through the analysis of technical eavesdropping events over the last century, technological innovation is shown to have enriched the eavesdropping opportunities for a range of capabilities. The entry barrier for effective eavesdropping is lowered, while for the well resourced eavesdropper, the requirement for close access has been replaced by remote access opportunities. A new way to consider eavesdropping methods is presented through the expert elicitation of capability and opportunity requirements for a range of present-day eavesdropping techniques. Eavesdropping technology is shown to have life-cycle stages with the technology exploited by different capabilities at different times. Three case studies illustrate that yesterday’s secretive government method becomes today’s commodity. The significance of the egress transmission path is considered too. Finally, by using the expert elicitation information derived for capability, opportunity and life-cycle position, for a range of eavesdropping techniques, it is shown that it is possible to predict the probability of particular eavesdropping techniques being deployed. This novel Bayesian inferencing model enables scenarios with incomplete, uncertain or missing detail to be considered. The model is validated against the previously collated historic eavesdropping events. The development of this concept may be scaled with additional eavesdropping techniques to form the basis of a tool for security professionals or risk managers wishing to define eavesdropping threat advice or create eavesdropping policies based on the rigour of this technological study.Open Acces

Artificial Intelligence, Copyright, and Copyright Infringement

None