Federated Learning and Applications in Cybersecurity

Machine learning is a subfield of artificial intelligence that focuses on making predictions about some outcome based on information from a dataset. In cybersecurity, machine learning is often used to improve intrusion detection systems and identify trends in data that could indicate an oncoming cyber attack. Data privacy is an extremely important aspect of cybersecurity, and there are many industries that have more demanding laws to ensure the security of user data. Due to these regulations, machine learning algorithms can not be widely utilized in these industries to improve outcomes and accuracy of predictions. However, federated learning is a recent development in the field of machine learning that allows for the training of a model using decentralized data. Federated learning is a practical solution in cases where a machine learning model needs to be trained with data from different servers, devices, or organizations and the data from one party can not be shared with the other parties. Federated learning is also a form of cybersecurity in itself, as it improves the security of machine learning models in terms of data privacy. This paper explains the concept of federated learning and its specific applications to cybersecurity, with a focus on federated learning’s impact on the healthcare industry. Cyber threats to machine learning models as well as recent improvements in federated learning algorithms and their implications in the field of cybersecurity are also discussed

A New Theory of Communication: Privacy Surrender for Security Theory

This thesis seeks to analyze the viability of a newly proposed theory of communication, Privacy Surrender for Security Theory (PSST), by analyzing a quantitative survey administered by the researcher. Proposed in 2018 by a team of undergraduate students, Privacy Surrender for Security Theory seeks to explain why American citizens are willing to surrender their personal privacy rights for the sake of national security. The original team of researchers prepared a survey to further their study, and the researcher chose to administer a revised version of that survey through Facebook and a group message. Most participants surveyed said knowing that the National Security Administration has surveillance programs in place made them feel safer, yet when asked if knowing that the National Security Administration could access their personal information made them feel violated, many agreed. The survey data reveals that American citizens generally agree that the nation is vulnerable to acts of terror, yet the data also reveals that Americans are divided on their feelings on surrendering their personal privacy rights for the sake of increasing national security. An analysis of the data reveals evidence that supports the third axiom of the proposed theory, and further research is suggested to continue analyzing the first two axioms of PSST

Addressing the cyber safety challenge: from risk to resilience

Addressing the cyber safety challenge: from risk to resilience describes the cyber safety issues emerging from a range of technology trends, how different populations are using technologies and the risks they face, and how we can effectively respond to each group’s unique cyber safety needs. Written by the University of Western Sydney for Telstra Corporation Ltd, the report advocates for continuing to move cyber safety from a ‘risk and protection’ framework to one that focuses on building digital resilience, as well as fostering trust and confidence in the online environment. To do this we need to: Address the needs of populations often neglected by current policies and programs – including adults, seniors, parents, and small to medium enterprises Continue to build the digital literacy skills of all populations, because digital literacy strongly influences users’ ability to engage safely online – this is best achieved by a hands-on learning approach Keep risk in perspective – the risks and benefits of digital participation go hand in hand Broaden the focus from awareness-raising to long-term behaviour change. As digital technologies become further integrated into the everyday lives of Australians, users are potentially exposed to greater risks. However, the risks and benefits of digital participation go hand in hand. The challenge, therefore, is to support users to minimise the risks without limiting their digital participation and their capacity to derive the full benefits of connectivity. If Australians are to benefit as either consumers or providers of online services and products in the e-commerce environment, consumer safety and trust need to be improved. Cyber safety needs to be considered against a transforming backdrop of technology trends, products and practices. While the rise of social media has tended to dominate recent debate and developments in cyber safety, particularly in relation to young people, a range of other trends is also shaping how users engage online, the risks they potentially face in the new media landscape, and the strategies used to address them. These trends include the rise of user generated content and content sharing platforms; the uptake of mobile technologies and, in particular, the adoption of smartphones; cloud computing; platform integration and single sign-on mechanisms; and the rise of GPS and location based services

Are 21st-century citizens grieving for their loss of privacy?

Although much research exists that examines cognitive events leading up to information disclosure, such as risk-benefit analysis and state-based and trait-based attributes, minimal research exists that examines user responses after a direct or indirect breach of privacy. The present study examines 1,004 consumer responses to two different high-profile privacy breaches using sentiment analysis. Our findings indicate that individuals who experience an actual or surrogate privacy breach exhibit similar emotional responses, and that the pattern of responses resembles well-known reactions to other losses. Specifically, we present evidence that users contemplating evidence of a privacy invasion experience and communicate very similar responses as individuals who have lost loved ones, gone through a divorce or who face impending death because of a terminal illness. These responses parallel behavior associated with the Kübler-Ross’s five stages of grief

ACCOUNTING AND FINANCIAL STATEMENTS AUTO ANALYSIS SYSTEM

This project was motivated by the need to revolutionize the generation of financial statements and financial analysis process thus speeding up business decision making. The research questions were: 1) How can machine learning increase the speed of financial statement preparation and automate financial statements analysis? 2) How can businesses balance the benefits of automating financial analysis with potential concerns around privacy, data security, and bias? 3) Can the Java J2EE framework provide a reliable running environment for machine learning? The findings were: 1) Machine learning can significantly increase the accuracy and speed of financial analysis. Using machine learning algorithms, financial data can be processed and analyzed in real-time, allowing for quicker and more precise financial analysis. Machine learning models can identify patterns and trends in financial data that may not be easily detectable by humans, leading to more accurate financial statements and analysis. Additionally, machine learning can automate repetitive tasks in the financial analysis process, saving time and resources for businesses. 2) Businesses need to carefully balance the benefits of automating financial analysis with potential concerns around privacy, data security, and bias. While machine learning can offer significant advantages in terms of accuracy and speed, it also requires handling sensitive financial data. Therefore, it is crucial for businesses to implement robust data security measures to protect against potential data breaches and ensure compliance with privacy regulations. Additionally, businesses need to be mindful of potential biases in machine learning algorithms, as biased algorithms can result in biased financial analysis. Regular audits and monitoring of machine learning models should be conducted to address and mitigate any potential biases. 3) The Java J2EE framework can provide a reliable running environment for machine learning. Java J2EE (Java 2 Platform, Enterprise Edition) is a widely used and mature framework for developing enterprise applications, including machine learning applications. It offers scalability, reliability, and security features that are essential for running machine learning algorithms in a production environment. Java J2EE provides robust support for distributed computing, allowing for efficient processing of large financial datasets. Furthermore, it offers a wide range of libraries and tools for implementing machine learning algorithms, making it a viable choice for running machine learning applications in the financial industry. The conclusions were: 1) Machine learning has the potential to significantly increase the accuracy and speed of financial analysis, thereby revolutionizing the generation of financial statements and the financial analysis process. Various machine learning algorithms, such as decision trees, random forests, and deep learning algorithms, can be utilized to identify patterns, trends, and hidden risks in financial data, leading to more informed and efficient business decision making. 2) Businesses need to carefully balance the benefits of automating financial analysis with potential concerns around privacy, data security, and bias. While machine learning can offer significant advantages in terms of accuracy and speed, there are ethical considerations that need to be addressed, such as ensuring data privacy, implementing effective data security measures, and mitigating biases in machine learning algorithms used in financial analysis. Businesses should adopt a responsible approach to machine learning implementation, considering the potential risks and benefits. 3) The Java J2EE framework can provide a reliable running environment for machine learning applications, but further research is needed to evaluate the performance and scalability of machine learning models in this framework. Identifying potential optimizations for running machine learning applications at scale in the Java J2EE framework can lead to more efficient and effective implementation of machine learning in financial analysis and decision-making processes. Further research in this area can contribute to the development of robust and scalable machine learning applications for financial analysis in the business domain. Areas for further study include: 1) Exploring different machine learning algorithms and techniques to further improve the accuracy and speed of financial analysis. 2) Conducting research on the impact of machine learning on financial decision making and business performance. 3) Investigating methods for addressing and mitigating biases in machine learning algorithms used in financial analysis. 4) Evaluating the effectiveness of different data security measures in protecting sensitive financial data in machine learning applications. 5) Studying the performance and scalability of machine learning models in the Java J2EE framework and identifying potential optimizations for running machine learning applications at scale

User's Privacy in Recommendation Systems Applying Online Social Network Data, A Survey and Taxonomy

Recommender systems have become an integral part of many social networks and extract knowledge from a user's personal and sensitive data both explicitly, with the user's knowledge, and implicitly. This trend has created major privacy concerns as users are mostly unaware of what data and how much data is being used and how securely it is used. In this context, several works have been done to address privacy concerns for usage in online social network data and by recommender systems. This paper surveys the main privacy concerns, measurements and privacy-preserving techniques used in large-scale online social networks and recommender systems. It is based on historical works on security, privacy-preserving, statistical modeling, and datasets to provide an overview of the technical difficulties and problems associated with privacy preserving in online social networks.Comment: 26 pages, IET book chapter on big data recommender system

Security, Privacy and Safety Risk Assessment for Virtual Reality Learning Environment Applications

Social Virtual Reality based Learning Environments (VRLEs) such as vSocial render instructional content in a three-dimensional immersive computer experience for training youth with learning impediments. There are limited prior works that explored attack vulnerability in VR technology, and hence there is a need for systematic frameworks to quantify risks corresponding to security, privacy, and safety (SPS) threats. The SPS threats can adversely impact the educational user experience and hinder delivery of VRLE content. In this paper, we propose a novel risk assessment framework that utilizes attack trees to calculate a risk score for varied VRLE threats with rate and duration of threats as inputs. We compare the impact of a well-constructed attack tree with an adhoc attack tree to study the trade-offs between overheads in managing attack trees, and the cost of risk mitigation when vulnerabilities are identified. We use a vSocial VRLE testbed in a case study to showcase the effectiveness of our framework and demonstrate how a suitable attack tree formalism can result in a more safer, privacy-preserving and secure VRLE system.Comment: Tp appear in the CCNC 2019 Conferenc

Cyber insurance of information systems: Security and privacy cyber insurance contracts for ICT and helathcare organizations

Nowadays, more-and-more aspects of our daily activities are digitalized. Data and assets in the cyber-space, both for individuals and organizations, must be safeguarded. Thus, the insurance sector must face the challenge of digital transformation in the 5G era with the right set of tools. In this paper, we present CyberSure-an insurance framework for information systems. CyberSure investigates the interplay between certification, risk management, and insurance of cyber processes. It promotes continuous monitoring as the new building block for cyber insurance in order to overcome the current obstacles of identifying in real-time contractual violations by the insured party and receiving early warning notifications prior the violation. Lightweight monitoring modules capture the status of the operating components and send data to the CyberSure backend system which performs the core decision making. Therefore, an insured system is certified dynamically, with the risk and insurance perspectives being evaluated at runtime as the system operation evolves. As new data become available, the risk management and the insurance policies are adjusted and fine-tuned. When an incident occurs, the insurance company possesses adequate information to assess the situation fast, estimate accurately the level of a potential loss, and decrease the required period for compensating the insured customer. The framework is applied in the ICT and healthcare domains, assessing the system of medium-size organizations. GDPR implications are also considered with the overall setting being effective and scalable