Analysis of label noise in graph-based semi-supervised learning

In machine learning, one must acquire labels to help supervise a model that will be able to generalize to unseen data. However, the labeling process can be tedious, long, costly, and error-prone. It is often the case that most of our data is unlabeled. Semi-supervised learning (SSL) alleviates that by making strong assumptions about the relation between the labels and the input data distribution. This paradigm has been successful in practice, but most SSL algorithms end up fully trusting the few available labels. In real life, both humans and automated systems are prone to mistakes; it is essential that our algorithms are able to work with labels that are both few and also unreliable. Our work aims to perform an extensive empirical evaluation of existing graph-based semi-supervised algorithms, like Gaussian Fields and Harmonic Functions, Local and Global Consistency, Laplacian Eigenmaps, Graph Transduction Through Alternating Minimization. To do that, we compare the accuracy of classifiers while varying the amount of labeled data and label noise for many different samples. Our results show that, if the dataset is consistent with SSL assumptions, we are able to detect the noisiest instances, although this gets harder when the number of available labels decreases. Also, the Laplacian Eigenmaps algorithm performed better than label propagation when the data came from high-dimensional clusters

Danger is My Middle Name: Experimenting with SSL Vulnerabilities in Android Apps

This paper presents a measurement study of information leakage and SSL vulnerabilities in popular Android apps. We perform static and dynamic analysis on 100 apps, downloaded at least 10M times, that request full network access. Our experiments show that, although prior work has drawn a lot of attention to SSL implementations on mobile platforms, several popular apps (32/100) accept all certificates and all hostnames, and four actually transmit sensitive data unencrypted. We set up an experimental testbed simulating man-in-the-middle attacks and find that many apps (up to 91% when the adversary has a certificate installed on the victim's device) are vulnerable, allowing the attacker to access sensitive information, including credentials, files, personal details, and credit card numbers. Finally, we provide a few recommendations to app developers and highlight several open research problems.Comment: A preliminary version of this paper appears in the Proceedings of ACM WiSec 2015. This is the full versio

The Value of User-Visible Internet Cryptography

Cryptographic mechanisms are used in a wide range of applications, including email clients, web browsers, document and asset management systems, where typical users are not cryptography experts. A number of empirical studies have demonstrated that explicit, user-visible cryptographic mechanisms are not widely used by non-expert users, and as a result arguments have been made that cryptographic mechanisms need to be better hidden or embedded in end-user processes and tools. Other mechanisms, such as HTTPS, have cryptography built-in and only become visible to the user when a dialogue appears due to a (potential) problem. This paper surveys deployed and potential technologies in use, examines the social and legal context of broad classes of users, and from there, assesses the value and issues for those users

Information Security Synthesis in Online Universities

Information assurance is at the core of every initiative that an organization executes. For online universities, a common and complex initiative is maintaining user lifecycle and providing seamless access using one identity in a large virtual infrastructure. To achieve information assurance the management of user privileges affected by events in the user's identity lifecycle needs to be the determining factor for access control. While the implementation of identity and access management systems makes this initiative feasible, it is the construction and maintenance of the infrastructure that makes it complex and challenging. The objective of this paper1 is to describe the complexities, propose a practical approach to building a foundation for consistent user experience and realizing security synthesis in online universities.Comment: 20 page

Understanding performance measurement from a social systems perspective

This thesis was previously held under moratorium from 3 December 2019 to 3 December 2021.Performance measurement (PM) systems fail to predict organisational outcomes reliably because organisations face futures so inherently unknowable that it is impossible to comprehend the full range of potential outcomes open to them. Organisations are complex, adaptive, social systems whose distinctive activity is decision-making. They are heterogeneous entities whose capabilities, behaviours, and circumstances are unique, emerging from their histories and previous decisions. Organisational reality is a social construct delivered through practice. This thesis investigates whether considering PM from a social systems perspective improves PM’s effectiveness. The argument made is organisations connect through social systems and operate through practice with people, processes, and their interactions fundamental to how they perform. A middle-range management theory is presented aimed at making organisations the best they can be with the resources available to them and in the economic circumstances they find themselves. It does this by understanding and reconfiguring the organisation’s social system using a structured approach to optimise business processes and performance measures based on a combination of emergent behaviour and practice. Given the reality of radical uncertainty the focus is not on predicting outcomes but on uncovering the explanatory mechanisms behind events caused by specific managed improvement interventions. Understanding the behaviour of dynamically interacting components is done using realist evaluation based on social interactions, emergent powers and social intervention mechanisms. This approach changed behaviours and performance outcomes in case study organisations. The use of an ‘inside-out’ social systems perspective, coupled to critical realism with its focus on explanation, enabled the causal relationships of importance to be identified and the performance ‘black box’ to be opened up. This research contributes to closing the PMM theory-practice gap by proposing the performance focus needs to be on the social system rather than the measures, that is, on the ‘means’ rather than the ‘ends’. It also offers a competing theoretical framework to organisational control theory for PMM, one grounded in social systems and practice theory. The social systems perspective is not considered specific to PM and potentially can be applied to all other business processesPerformance measurement (PM) systems fail to predict organisational outcomes reliably because organisations face futures so inherently unknowable that it is impossible to comprehend the full range of potential outcomes open to them. Organisations are complex, adaptive, social systems whose distinctive activity is decision-making. They are heterogeneous entities whose capabilities, behaviours, and circumstances are unique, emerging from their histories and previous decisions. Organisational reality is a social construct delivered through practice. This thesis investigates whether considering PM from a social systems perspective improves PM’s effectiveness. The argument made is organisations connect through social systems and operate through practice with people, processes, and their interactions fundamental to how they perform. A middle-range management theory is presented aimed at making organisations the best they can be with the resources available to them and in the economic circumstances they find themselves. It does this by understanding and reconfiguring the organisation’s social system using a structured approach to optimise business processes and performance measures based on a combination of emergent behaviour and practice. Given the reality of radical uncertainty the focus is not on predicting outcomes but on uncovering the explanatory mechanisms behind events caused by specific managed improvement interventions. Understanding the behaviour of dynamically interacting components is done using realist evaluation based on social interactions, emergent powers and social intervention mechanisms. This approach changed behaviours and performance outcomes in case study organisations. The use of an ‘inside-out’ social systems perspective, coupled to critical realism with its focus on explanation, enabled the causal relationships of importance to be identified and the performance ‘black box’ to be opened up. This research contributes to closing the PMM theory-practice gap by proposing the performance focus needs to be on the social system rather than the measures, that is, on the ‘means’ rather than the ‘ends’. It also offers a competing theoretical framework to organisational control theory for PMM, one grounded in social systems and practice theory. The social systems perspective is not considered specific to PM and potentially can be applied to all other business processe