Explainable Data Poison Attacks on Human Emotion Evaluation Systems based on EEG Signals

The major aim of this paper is to explain the data poisoning attacks using label-flipping during the training stage of the electroencephalogram (EEG) signal-based human emotion evaluation systems deploying Machine Learning models from the attackers' perspective. Human emotion evaluation using EEG signals has consistently attracted a lot of research attention. The identification of human emotional states based on EEG signals is effective to detect potential internal threats caused by insider individuals. Nevertheless, EEG signal-based human emotion evaluation systems have shown several vulnerabilities to data poison attacks. The findings of the experiments demonstrate that the suggested data poison assaults are model-independently successful, although various models exhibit varying levels of resilience to the attacks. In addition, the data poison attacks on the EEG signal-based human emotion evaluation systems are explained with several Explainable Artificial Intelligence (XAI) methods, including Shapley Additive Explanation (SHAP) values, Local Interpretable Model-agnostic Explanations (LIME), and Generated Decision Trees. And the codes of this paper are publicly available on GitHub

Managing Privacy in LBAC Systems

One of the main challenges for privacy-aware locationbased systems is to strike a balance between privacy preferences set by users and location accuracy needed by Location-Based Services (LBSs). To this end, two key requirements must be satisfied: the availability of techniques providing for different degrees of user location privacy and the possibility of quantifying such privacy degrees. To address the first requirement, we describe two obfuscation techniques. For the second requirement, we introduce the notion of relevance as the estimator for the degree of location obfuscation. This way, location obfuscation can be adjusted to comply with both user preferences and LBS accuracy requirements

Big data analytics as-a-service: Issues and challenges

Big Data domain is one of the most promising ICT sectors with substantial expectations both on the side of market growing and design shift in the area of data storage managment and analytics. However, today, the level of complexity achieved and the lack of standardisation of Big Data management architectures represent a huge barrier towards the adoption and execution of analytics especially for those organizations and SMEs not including a sufficient amount of competences and knowledge. The full potential of Big Data Analytics (BDA) can be unleashed only through the definition of approaches that accomplish Big Data users' expectations and requirements, also when the latter are fuzzy and ambiguous. Under these premises, we propose Big Data Analytics-as-a-Service (BDAaaS) as the next-generation Big Data Analytics paradigm and we discuss issues and challenges from the BDAaaS design and development perspective

Open source systems security certification

Open Source Advances in Computer Applications book series provides timely technological and business information for: Enabling Open Source Systems (OSS) to become an integral part of systems and devices produced by technology companies; Inserting OSS in the critical path of complex network development and embedded products, including methodologies and tools for domain-specific OSS testing (lab code available), plus certification of security, dependability and safety properties for complex systems; Ensuring integrated systems, including OSS, meet performance and security requirements as well as achieving the necessary certifications, according to the overall strategy of OSS usage on the part of the adopte

On the Move to Meaningful Internet Systems: OTM 2019 Conferences: CoopIS, ODBASE, C&TC 2019, Proceedings

International audienceThis volume LNCS 11877 constitutes the refereed proceedings of the Confederated International Conferences: Cooperative Information Systems, CoopIS 2019, Ontologies, Databases, and Applications of Semantics, ODBASE 2019, and Cloud and Trusted Computing, C&TC, held as part of OTM 2019 in October 2019 in Rhodes, Greece. The 38 full papers presented together with 8 short papers were carefully reviewed and selected from 156 submissions. The OTM program every year covers data and Web semantics, distributed objects, Web services, databases, information systems, enterprise workflow and collaboration, ubiquity, interoperability, mobility, grid and high-performance computing

Location-based metadata and negotiation protocols for LBAC in a one-to-many scenario

Location-based Access Control (LBAC) techniques allow the definition of users ’ access rights based on location predicates that exploit the users ’ physical location. However, evaluating the physical location of a user is a specialized activity that is unlikely to be performed by the same entity (e.g., organization or system) in charge of the access control decision. For this reason, location evaluation is usually assumed to be provided by specific Location Services (LSs) possibly coexisting in a same area and competing one with the others. In this paper, we address the issues related to the communication and negotiation between an Access Control Engine (ACE) enforcing access rules that include location-based predicates and multiple, functionally equivalent, LSs. We introduce metadata for the exchange of service level agreement attributes between the ACE and the LSs. Based on such metadata we develop different negotiation protocols, from a basic negotiation protocol that shows the core aspects of our proposal to an enhanced protocol that enriches the interaction by taking into account a cost/benefit analysis and some service requirements. Finally, we present an extension to the enhanced protocol to consider possible time validity constraints on access control decisions