Active cyber defense mechanisms are necessary to perform automated, and even autonomous operations using intelligent agents that defend against modern/sophisticated AI-inspired cyber threats (e.g., ransomware, cryptojacking, deep-fakes). These intelligent agents need to rely on deep learning using mature knowledge and should have the ability to apply this knowledge in a situational and timely manner for a given AI-inspired cyber threat. In this paper, we describe a ‘domain-agnostic knowledge graph-as-a-service’ infrastructure that can support the ability to create/store domain-specific knowledge graphs for intelligent agent Apps to deploy active cyber defense solutions defending real-world applications impacted by AI-inspired cyber threats. Specifically, we present a reference architecture, describe graph infrastructure tools, and intuitive user interfaces required to construct and maintain large-scale knowledge graphs for the use in knowledge curation, inference, and interaction, across multiple domains (e.g., healthcare, power grids, manufacturing). Moreover, we present a case study to demonstrate how to configure custom sets of knowledge curation pipelines using custom data importers and semantic extract, transform, and load scripts for active cyber defense in a power grid system. Additionally, we show fast querying methods to reach decisions regarding cyberattack detection to deploy pertinent defense to outsmart adversaries.

The exponential growth of web documents has resulted in traditional search engines producing results with high recall but low precision when queried by users. In the contemporary internet landscape, resources are made available via hyperlinks which may or may not meet the expectations of the user. To mitigate this issue and enhance the level of pertinence, it is imperative to examine the challenges associated with querying the semantic web and progress towards the advancement of semantic search engines. These search engines generate outcomes by prioritizing the semantic significance of the context over the structural composition of the content. This paper outlines a proposed architecture for a semantic search engine that utilizes the concept of semantics to refine web search results. The resulting output would consist of ontologically based and contextually relevant outcomes pertaining to the user s query.

This paper introduces a novel AI-driven ontology-based framework for disease diagnosis and prediction, leveraging the advancements in machine learning and data mining. We have constructed a comprehensive ontology that maps the complex relationships between a multitude of diseases and their manifested symptoms. Utilizing Semantic Web Rule Language (SWRL), we have engineered a set of robust rules that facilitate the intelligent prediction of diseases, embodying the principles of NLP for enhanced interpretability. The developed system operates in two fundamental stages. Initially, we define a sophisticated class hierarchy within our ontology, detailing the intricate object and data properties with precision—a process that showcases our application of computer vision techniques to interpret and categorize medical imagery. The second stage focuses on the application of AI-powered rules, which are executed to systematically extract and present detailed disease information, including symptomatology, adhering to established medical protocols. The efficacy of our ontology is validated through extensive evaluations, demonstrating its capability to not only accurately diagnose but also predict diseases, with a particular emphasis on the AI methodologies employed. Furthermore, the system calculates a final risk score for the user, derived from a meticulous analysis of the results. This score is a testament to the seamless integration of AI and ML in developing a user-centric diagnostic tool, promising a significant impact on future research in AI, ML, NLP, and robotics within the medical domain.

In this paper, we design and develop a new multimedia distribution platform that mainly utilizes containerization and microservice architecture technologies. Using our approach, the multimedia service source code located in a repository such as Git can be built into a container image for distribution and management, and the process of delivering it to the target edge device can be performed through a pipeline. In addition, distributed edge devices can be built into clusters with various connection profiles and utilized for services. Real-time monitoring functions are provided to ensure stable service operation even after the service is deployed. To implement this complex service platform, we follow the microservice architecture method. Stable operation was confirmed even during an operational test period of over a year. This technology is expected to help deploy multimedia services conveniently and quickly and manage them stably and efficiently.

Right to education is a basic need of every child and every society across the globe. Ever since the internet revolution and technological upgradation takes place, education system starts evolving from traditional way to smarter way. Covid-19 and industrial revolution has made smart education a global business that is now even penetrating to rural footprints of remote locations. Use of smart devices, IoT based communications and AI techniques have increased the cyberattack surface over the smart education system. Moreover, lack of cyber awareness and absence of essential cyber sanity checks has exposed the vulnerability in smart education system. A study of technology evolution of education to smart education and its penetration across the globe, details of smart education ecosystem, role of various stakeholders are discussed in this paper. It also covers most trending cyber-attacks, history of reported cyber-attacks in smart education sector. Further, in order to make smart educational cyber space more secure, proactive preventive measures and cyber sanity actions to mitigate such attacks are also discussed.

The Internet of Things (IoT) has changed the way we gather medical data in real time. But, it also brings worries about keeping this data safe and private. Ensuring a secure system for IoT is crucial. At the same time, a new technology is emerging that can help the IoT industry a lot. It s called Blockchain technology. It keeps data secure, transparent, and unchangeable. It s like a ledger for tracking lots of connected devices and making them work together. To make IoT even safer, we can use facial recognition with Convolutional Neural Networks (CNN). This paper introduces a healthcare system that combines Blockchain and artificial intelligence in IoT. An implementation of Raspberry Pi E-Health system is presented and evaluated in terms of function s cost. Our system present low cost functions.

The rapid advancement of cloud technology has resulted in the emergence of many cloud service providers. Microsoft Azure is one among them to provide a flexible cloud computing platform that can scale business to exceptional heights. It offers extensive cloud services and is compatible with a wide range of developer tools, databases, and operating systems. In this paper, a detailed analysis of Microsoft Azure in the cloud computing era is performed. For this reason, the three significant Azure services, namely, the Azure AI (Artificial Intelligence) and Machine Learning (ML) Service, Azure Analytics Service and Internet of Things (IoT) are investigated. The paper briefs on the Azure Cognitive Search and Face Service under AI and ML service and explores this service s architecture and security measures. The proposed study also surveys the Data Lake and Data factory Services under Azure Analytics Service. Subsequently, an overview of Azure IoT service, mainly IoT Hub and IoT Central, is discussed. Along with Microsoft Azure, other providers in the market are Google Compute Engine and Amazon Web Service. The paper compares and contrasts each cloud service provider based on their computing capability.

Systems with artificial intelligence components, so-called AI-based systems, have gained considerable attention recently. However, many organizations have issues with achieving production readiness with such systems. As a means to improve certain software quality attributes and to address frequently occurring problems, design patterns represent proven solution blueprints. While new patterns for AI-based systems are emerging, existing patterns have also been adapted to this new context. The goal of this study is to provide an overview of design patterns for AI-based systems, both new and adapted ones. We want to collect and categorize patterns, and make them accessible for researchers and practitioners. To this end, we first performed a multivocal literature review (MLR) to collect design patterns used with AI-based systems. We then integrated the created pattern collection into a web-based pattern repository to make the patterns browsable and easy to find. As a result, we selected 51 resources (35 white and 16 gray ones), from which we extracted 70 unique patterns used for AI-based systems. Among these are 34 new patterns and 36 traditional ones that have been adapted to this context. Popular pattern categories include architecture (25 patterns), deployment (16), implementation (9), or security \& safety (9). While some patterns with four or more mentions already seem established, the majority of patterns have only been mentioned once or twice (51 patterns). Our results in this emerging field can be used by researchers as a foundation for follow-up studies and by practitioners to discover relevant patterns for informing the design of AI-based systems.

The advent of Generative AI has marked a significant milestone in artificial intelligence, demonstrating remarkable capabilities in generating realistic images, texts, and data patterns. However, these advancements come with heightened concerns over data privacy and copyright infringement, primarily due to the reliance on vast datasets for model training. Traditional approaches like differential privacy, machine unlearning, and data poisoning only offer fragmented solutions to these complex issues. Our paper delves into the multifaceted challenges of privacy and copyright protection within the data lifecycle. We advocate for integrated approaches that combines technical innovation with ethical foresight, holistically addressing these concerns by investigating and devising solutions that are informed by the lifecycle perspective. This work aims to catalyze a broader discussion and inspire concerted efforts towards data privacy and copyright integrity in Generative AI.CCS CONCEPTS• Software and its engineering Software architectures; • Information systems World Wide Web; • Security and privacy Privacy protections; • Social and professional topics Copyrights; • Computing methodologies Machine learning.

This work introduces an innovative security system prototype tailored explicitly for paying guest accommodations or hostels, blending Internet of Things (IoT), artificial intelligence (AI), machine learning algorithms, and web crawling technologies. The core emphasis revolves around facial recognition, precisely distinguishing between known and unknown individuals to manage entry effectively. The system, integrating camera technology, captures visitor images and employs advanced face recognition algorithms for precise face classification. In instances where faces remain unrecognized, the system leverages web crawling to retrieve potential intruder details. Immediate notifications, featuring captured images, are swiftly dispatched to users through email and smartphone alerts, enabling prompt responses. Operated within a wireless infrastructure governed by a Raspberry Pi, this system prioritizes cost-effectiveness and user-friendliness. Rigorously tested across diverse environments encompassing homes, paying guest accommodations, and office spaces, this research establishes a remarkable balance between cutting-edge technology and pragmatic security applications. This solution offers an affordable and efficient security option tailored explicitly for the unique needs of contemporary hostels and paying guest accommodations, ensuring heightened security without exorbitant expenses.

A decentralized and secure architecture made possible by blockchain technology is what Web 3.0 is known for. By offering a secure and trustworthy platform for transactions and data storage, this new paradigm shift in the digital world promises to transform the way we interact with the internet. Data is the new oil, thus protecting it is equally crucial. The foundation of the web 3.0 ecosystem, which provides a secure and open method of managing user data, is blockchain technology. With the launch of Web 3.0, demand for seamless communication across numerous platforms and technologies has increased. Blockchain offers a common framework that makes it possible for various systems to communicate with one another. The decentralized nature of blockchain technology almost precludes hacker access to the system, ushering in a highly secure Web 3.0. By preserving the integrity and validity of data and transactions, blockchain helps to build trust in online transactions. AI can be integrated with blockchain to enhance its capabilities and improve the overall user experience. We can build a safe and intelligent web that empowers users, gives them more privacy, and gives them more control over their online data by merging blockchain and AI. In this article, we emphasize the value of blockchain and AI technologies in achieving Web 3.0 s full potential for a secure internet and propose a Blockchain and AI empowered framework. The future of technology is now driven by the power of blockchain, AI, and web 3.0, providing a secure and efficient way to manage digital assets and data.

The HTTP protocol is the backbone for how traffic is communicated over the Internet and between web applications and users. Introduced in 1997 with HTTP 1.0 and 1.1, HTTP has gone through several developmental changes throughout the years. HTTP/1.1 suffers from several issues. Namely only allowing a one-to-one connection. HTTP/2 allowed for multiplexed connections. Additionally, HTTP/2 attempted to address the security issues that were faced by the prior version of HTTP by allowing administrators to enable HTTPS, as well as enable certificates to help ensure the encryption and protection of data between users and the web application. One of the major issues HTTP/2 faces is that it allows users to have multiplexed connections, but when there is an error and data needs to be retransmitted, this leads to head of line blocking. HTTP/3 is a new protocol that was proposed for formalization to the IETF in June of 2022. One of the first major changes is that unlike prior versions of HTTP that used the TCP/IP method of networking for data transmission, HTTP/3 uses UDP for data transmission. Prior research has focused on the protocol itself or investigating how certain types of attacks affect your web architecture that uses QUIC and HTTP/3. One area lacking research in this topic is how to secure web architecture in the cloud that uses this new protocol. To this end, we will be investigating how logging can be used to secure your web architecture and this protocol in the cloud.

The exponential growth of web documents has resulted in traditional search engines producing results with high recall but low precision when queried by users. In the contemporary internet landscape, resources are made available via hyperlinks which may or may not meet the expectations of the user. To mitigate this issue and enhance the level of pertinence, it is imperative to examine the challenges associated with querying the semantic web and progress towards the advancement of semantic search engines. These search engines generate outcomes by prioritizing the semantic significance of the context over the structural composition of the content. This paper outlines a proposed architecture for a semantic search engine that utilizes the concept of semantics to refine web search results. The resulting output would consist of ontologically based and contextually relevant outcomes pertaining to the user s query.

With the rapid growth in information technology and being called the Digital Era, it is very evident that no one can survive without internet or ICT advancements. The day-to-day life operations and activities are dependent on these technologies. The latest technology trends in the market and industry are computing power, Smart devices, artificial intelligence, Robotic process automation, metaverse, IOT (Internet of things), cloud computing, Edge computing, Block chain and much more in the coming years. When looking at all these aspect and advancements, one common thing is cloud computing and data which must be protected and safeguarded which brings in the need for cyber/cloud security. Hence cloud security challenges have become an omnipresent concern for organizations or industries of any size where it has gone from a small incident to threat landscape. When it comes to data and cyber/ cloud security there are lots of challenges seen to safeguard these data. Towards that it is necessary that everyone must be aware of the latest technological advancements, evolving cyber threats, data as a valuable asset, Human Factor, Regulatory compliance, Cyber resilience. To handle all these challenges, security and risk prediction framework is proposed in this paper. This framework PRCSAM (Predictive Risk and Complexity Score Assessment Model) will consider factors like impact and likelihood of the main risks, threats and attacks that is foreseen in cloud security and the recommendation of the Risk management framework with automatic risk assessment and scoring option catering to Information security and privacy risks. This framework will help management and organizations in making informed decisions on the cyber security strategy as this is a data driven, dynamic \& proactive approach to cyber security and its complexity calculation. This paper also discusses on the prediction techniques using Generative AI techniques.

Procurement is a critical step in the setup of systems, as reverting decisions made at this point is typically time-consuming and costly. Especially Artificial Intelligence (AI) based systems face many challenges, starting with unclear and unknown side parameters at design time of the systems, changing ecosystems and regulations, as well as problems of overselling capabilities of systems by vendors. Furthermore, the AI Act puts forth a great deal of additional requirements for operators of critical AI systems, like risk management and transparency measures, thus making procurement even more complex. In addition, the number of providers of AI systems is drastically increasing. In this paper we provide guidelines for the procurement of AI based systems that support the decision maker in identifying the key elements for the procurement of secure AI systems, depending on the respective technical and regulatory environment. Furthermore, we provide additional resources for utilizing these guidelines in practical procurement.

Over the years, mobile applications have brought about transformative changes in user interactions with digital services. Many of these apps however, are free and offer convenience at the cost of exchanging personal data. This convenience, however, comes with inherent risks to user privacy and security. This paper introduces a comprehensive methodology that evaluates the risks associated with sharing sensitive data through mobile applications. Building upon the Hierarchical Weighted Risk Scoring Model (HWRSM), this paper proposes an evaluation methodology for HWRSM, keeping in mind the implications of such risk scoring on real-world security scenarios. The methodology employs innovative risk scoring, considering various factors to assess potential security vulnerabilities related to sensitive terms. Practical assessments involving diverse set of Android applications, particularly in data-intensive categories, reveal insights into data privacy practices, vulnerabilities, and alignment with HWRSM scores. By offering insights into testing, validation, real-world findings, and model effectiveness, the paper aims to provide practical considerations to mobile application security discussions, facilitating informed approaches to address security and privacy concerns.

The use of artificial intelligence (AI) in cyber security [1] has proven to be very effective as it helps security professionals better understand, examine, and evaluate possible risks and mitigate them. It also provides guidelines to implement solutions to protect assets and safeguard the technology used. As cyber threats continue to evolve in complexity and scope, and as international standards continuously get updated, the need to generate new policies or update existing ones efficiently and easily has increased [1] [2].The use of (AI) in developing cybersecurity policies and procedures can be key in assuring the correctness and effectiveness of these policies as this is one of the needs for both private organizations and governmental agencies. This study sheds light on the power of AI-driven mechanisms in enhancing digital defense procedures by providing a deep implementation of how AI can aid in generating policies quickly and to the needed level.

Artificial intelligence (AI) has been successfully used in cyber security for enhancing comprehending, investigating, and evaluating cyber threats. It can effectively anticipate cyber risks in a more efficient way. AI also helps in putting in place strategies to safeguard assets and data. Due to their complexity and constant development, it has been difficult to comprehend cybersecurity controls and adopt the corresponding cyber training and security policies and plans.Given that both cyber academics and cyber practitioners need to have a deep comprehension of cybersecurity rules, artificial intelligence (AI) in cybersecurity can be a crucial tool in both education and awareness. By offering an in-depth demonstration of how AI may help in cybersecurity education and awareness and in creating policies fast and to the needed level, this study focuses on the efficiency of AI-driven mechanisms in strengthening the entire cyber security education life cycle.

Artificial Intelligence (AI) holds great potential for enhancing Risk Management (RM) through automated data integration and analysis. While the positive impact of AI in RM is acknowledged, concerns are rising about unintended consequences. This study explores factors like opacity, technology and security risks, revealing potential operational inefficiencies and inaccurate risk assessments. Through archival research and stakeholder interviews, including chief risk officers and credit managers, findings highlight the risks stemming from the absence of AI regulations, operational opacity, and information overload. These risks encompass cybersecurity threats, data manipulation uncertainties, monitoring challenges, and biases in algorithms. The study emphasizes the need for a responsible AI framework to address these emerging risks and enhance the effectiveness of RM processes. By advocating for such a framework, the authors provide practical insights for risk managers and identify avenues for future research in this evolving field.

Artificial intelligence (AI) has emerged as one of the most formative technologies of the century and further gains importance to solve the big societal challenges (e.g. achievement of the sustainable development goals) or as a means to stay competitive in today’s global markets. The role as a key enabler in many areas of our daily life leads to a growing dependence, which has to be managed accordingly to mitigate negative economic, societal or privacy impacts. Therefore, the European Union is working on an AI Act, which defines concrete governance, risk and compliance (GRC) requirements. One of the key demands of this regulation is the operation of a risk management system for High-Risk AI systems. In this paper, we therefore present a detailed analysis of relevant literature in this domain and introduce our proposed approach for an AI Risk Management System (AIRMan).

We propose a new security risk assessment approach for Machine Learning-based AI systems (ML systems). The assessment of security risks of ML systems requires expertise in ML security. So, ML system developers, who may not know much about ML security, cannot assess the security risks of their systems. By using our approach, a ML system developers can easily assess the security risks of the ML system. In performing the assessment, the ML system developer only has to answer the yes/no questions about the specification of the ML system. In our trial, we confirmed that our approach works correctly. CCS CONCEPTS • Security and privacy; • Computing methodologies → Artificial intelligence; Machine learning;

The effective use of artificial intelligence (AI) to enhance cyber security has been demonstrated in various areas, including cyber threat assessments, cyber security awareness, and compliance. AI also provides mechanisms to write cybersecurity training, plans, policies, and procedures. However, when it comes to cyber security risk assessment and cyber insurance, it is very complicated to manage and measure. Cybersecurity professionals need to have a thorough understanding of cybersecurity risk factors and assessment techniques. For this reason, artificial intelligence (AI) can be an effective tool for producing a more thorough and comprehensive analysis. This study focuses on the effectiveness of AI-driven mechanisms in enhancing the complete cyber security insurance life cycle by examining and implementing a demonstration of how AI can aid in cybersecurity resilience.

We propose a conceptual framework, named "AI Security Continuum," consisting of dimensions to deal with challenges of the breadth of the AI security risk sustainably and systematically under the emerging context of the computing continuum as well as continuous engineering. The dimensions identified are the continuum in the AI computing environment, the continuum in technical activities for AI, the continuum in layers in the overall architecture, including AI, the level of AI automation, and the level of AI security measures. We also prospect an engineering foundation that can efficiently and effectively raise each dimension.

Cloud computing has become increasingly popular in the modern world. While it has brought many positives to the innovative technological era society lives in today, cloud computing has also shown it has some drawbacks. These drawbacks are present in the security aspect of the cloud and its many services. Security practices differ in the realm of cloud computing as the role of securing information systems is passed onto a third party. While this reduces managerial strain on those who enlist cloud computing it also brings risk to their data and the services they may provide. Cloud services have become a large target for those with malicious intent due to the high density of valuable data stored in one relative location. By soliciting help from the use of honeynets, cloud service providers can effectively improve their intrusion detection systems as well as allow for the opportunity to study attack vectors used by malicious actors to further improve security controls. Implementing honeynets into cloud-based networks is an investment in cloud security that will provide ever-increasing returns in the hardening of information systems against cyber threats.

A fast expanding topic of study on automated AI is focused on the prediction and prevention of cyber-attacks using machine learning algorithms. In this study, we examined the research on applying machine learning algorithms to the problems of strategic cyber defense and attack forecasting. We also provided a technique for assessing and choosing the best machine learning models for anticipating cyber-attacks. Our findings show that machine learning methods, especially random forest and neural network models, are very accurate in predicting cyber-attacks. Additionally, we discovered a number of crucial characteristics, such as source IP, packet size, and malicious traffic that are strongly associated with the likelihood of cyber-attacks. Our results imply that automated AI research on cyber-attack prediction and security planning has tremendous promise for enhancing cyber-security and averting cyber-attacks.