Agreement Computing

[EN] In this paper we introduce the concept of Agreement Computing, motivate the central role that the concept of agreement plays in open software systems and discuss a number of research challenges that need to be addressed to make the agreement computing vision a reality.Research supported by the Agreement Technologies CONSOLIDER project under contract CSD2007-0022 and INGENIO 2010 and by the Agreement Technologies COST Action, IC0801.Sierra Garcia, C.; Botti Navarro, VJ.; Ossowski, DS. (2011). Agreement Computing. KI - Künstliche Intelligenz. 25(1):57-61. https://doi.org/10.1007/s13218-010-0070-yS5761251Arcos JL, Esteva M, Noriega P, Rodríguez JA, Sierra C (2005) Engineering open environments with electronic institutions. Eng Appl Artif Intell 18(2):191–204Boella G, Noriega P, Pigozzi G, Verhagen H (2009) In: Dagstuhl seminar proceedings 09121: normative multi-agent systems.Henrik G, Wright V (1963) Norm and action, a logical enquiry. Routledge and Kegan Paul, LondonHermenegildo M, Albert E, López-García P, Puebla G (2005) Abstraction carrying code and resource-awareness. In: Principle and practice of declarative programming. ACM Press, New YorkJennings N, Faratin P, Lomuscio A, Parsons S, Sierra C, Wooldridge M (2001) Automated negotiation: prospects methods and challenges. Group Decis Negot 10(2):199–215Jøsang A, Ismail R, Boyd C (2007) A survey of trust and reputation systems for online service provision. Decis Support Syst 43(2):618–644Kalfoglou Y, Schorlemmer M (2003) IF-Map: an ontology-mapping method based on information-flow theory. In: Spaccapietra S, March S, Aberer K (eds) Journal on data semantics I. Lecture notes in computer science, vol 2800. Springer, Heidelberg, pp 98–127Ko RKL, Lee SSG, Lee EW (2009) Business process management (bpm) standards: a survey. Bus Process Manag J 15(5):744–791Kraus S (1997) Negotiation and cooperation in multi-agent environments. Artif Intell 94(1–2):79–97March J (1996) A preface to understanding how decisions happen in organizations. In: Organizational decision-making, Cambridge University Press, CambridgeNecula GC, Lee P (1996) Proof-carrying code. Tech repRoss A (1968) Directives and norms. Humanities, Atlantic HighlandsSierra C, Debenham J (2006) Trust and honour in information-based agency. In: Proceedings of the 5th international conference on autonomous agents and multiagent systems. ACM Press, New York, pp 1225–1232Simon HA Administrative behavior. Free Press (1997)Vasirani M, Ossowski S (2009) A market-inspired approach to reservation-based urban road traffic management. In: Proceedings of the 8th international conference on autonomous agents and multiagent systems, IFAAMAS, pp. 617–62

Multi-messenger observations of a binary neutron star merger

On 2017 August 17 a binary neutron star coalescence candidate (later designated GW170817) with merger time 12:41:04 UTC was observed through gravitational waves by the Advanced LIGO and Advanced Virgo detectors. The Fermi Gamma-ray Burst Monitor independently detected a gamma-ray burst (GRB 170817A) with a time delay of ~1.7 s with respect to the merger time. From the gravitational-wave signal, the source was initially localized to a sky region of 31 deg2 at a luminosity distance of 40+8-8 Mpc and with component masses consistent with neutron stars. The component masses were later measured to be in the range 0.86 to 2.26 Mo. An extensive observing campaign was launched across the electromagnetic spectrum leading to the discovery of a bright optical transient (SSS17a, now with the IAU identification of AT 2017gfo) in NGC 4993 (at ~40 Mpc) less than 11 hours after the merger by the One- Meter, Two Hemisphere (1M2H) team using the 1 m Swope Telescope. The optical transient was independently detected by multiple teams within an hour. Subsequent observations targeted the object and its environment. Early ultraviolet observations revealed a blue transient that faded within 48 hours. Optical and infrared observations showed a redward evolution over ~10 days. Following early non-detections, X-ray and radio emission were discovered at the transient’s position ~9 and ~16 days, respectively, after the merger. Both the X-ray and radio emission likely arise from a physical process that is distinct from the one that generates the UV/optical/near-infrared emission. No ultra-high-energy gamma-rays and no neutrino candidates consistent with the source were found in follow-up searches. These observations support the hypothesis that GW170817 was produced by the merger of two neutron stars in NGC4993 followed by a short gamma-ray burst (GRB 170817A) and a kilonova/macronova powered by the radioactive decay of r-process nuclei synthesized in the ejecta

An ontology supported risk assessment approach for the intelligent configuration of supply networks

As progress towards globalisation continues, organisations seek ever better ways with which to configure and reconfigure their global production networks so as to better understand and be able to deal with risk. Such networks are complex arrangements of different organisations from potentially diverse and divergent domains and geographical locations. Moreover, greater focus is being put upon global production network systems and how these can be better coordinated, controlled and assessed for risk, so that they are flexible and competitive advantage can be gained from them within the market place. This paper puts forward a reference ontology to support risk assessment for product-service systems applied to the domain of global production networks. The aim behind this is to help accelerate the development of information systems by way of developing a common foundation to improve interoperability and the seamless exchange of information between systems and organisations. A formal common logic based approach has been used to develop the reference ontology, utilising end user information and knowledge from three separate industrial domains. Results are presented which illustrate the ability of the approach, together with areas for further work

Preserving the Privacy and Cybersecurity of Home Energy Data

The field of energy data presents many opportunities for applying the principles of privacy and cybersecurity. In this chapter, we focus on home electricity data and the possible use and misuse of this data for attacks and corresponding protection mechanisms. If an attacker can deduce sufficiently precise information about a house location and its occupancy at given times, this may present a physical security threat. We review previous literature in this area. We then obtain hourly solar generation data from over 2300 houses and develop an attack to identify the location of the houses using historical weather data. We discuss common use cases of home energy data and suggest defences against the proposed attack using privacy and cryptographic techniques.No Full Tex

Evasion Attack and Defense On Machine Learning Models in Cyber-Physical Systems: A Survey

Cyber-physical systems (CPS) are increasingly relying on machine learning (ML) techniques to reduce labor costs and improve efficiency. However, the adoption of ML also exposes CPS to potential adversarial ML attacks witnessed in the literature. Specifically, the increased Internet connectivity in CPS has resulted in a surge in the volume of data generation and communication frequency among devices, thereby expanding the attack surface and attack opportunities for ML adversaries. Among various adversarial ML attacks, evasion attacks are one of the most well-known ones. Therefore, this survey focuses on summarizing the latest research on evasion attack and defense techniques, to understand state-of-the-art ML model security in CPS. To assess the attack effectiveness, this survey proposes an attack taxonomy by introducing quantitative measures such as perturbation level and the number of modified features. Similarly, a defense taxonomy is introduced based on four perspectives demonstrating the defensive techniques from models’ inputs to their outputs. Furthermore, the survey identifies gaps and promising directions that researchers and practitioners can explore to address potential challenges and threats caused by evasion attacks and lays the groundwork for understanding and mitigating the attacks in CPS.Full Tex

An analytics framework for heuristic inference attacks against industrial control systems

Industrial control systems (ICS) of critical infrastructure are increasingly connected to the Internet for remote site management at scale. However, cyber attacks against ICS - especially at the communication channels between humanmachine interface (HMIs) and programmable logic controllers(PLCs) - are increasing at a rate which outstrips the rate of mitigation. In this paper, we introduce a vendor-agnostic analytics framework which allows security researchers to analyse attacks against ICS systems, even if the researchers have zero control automation domain knowledge or are faced with a myriad of heterogenous ICS systems. Unlike existing works that require expertise in domain knowledge and specialised tool usage, our analytics framework does not require prior knowledge about ICS communication protocols, PLCs, and expertise of any network penetration testing tool. Using 'digital twin' scenarios comprising industry-representative HMIs, PLCs and firewalls in our test lab, our framework's steps were demonstrated to successfully implement a stealthy deception attack based on false data injection attacks (FDIA). Furthermore, our framework also demonstrated the relative ease of attack dataset collection, and the ability to leverage well-known penetration testing tools. We also introduce the concept of 'heuristic inference attacks', a new family of attack types on ICS which is agnostic to PLC and HMI brands/models commonly deployed in ICS. Our experiments were also validated on a separate ICS dataset collected from a cyber-physical scenario of water utilities. Finally, we utilized time complexity theory to estimate the difficulty for the attacker to conduct the proposed packet analyses, and recommended countermeasures based on our findings.No Full Tex

Privacy-Preserving Gradient Descent for Distributed Genome-Wide Analysis

Genome-wide analysis, which provides perceptive insights into complex diseases, plays an important role in biomedical data analytics. It usually involves large-scale human genomic data, and thus may disclose sensitive information about individuals. While existing studies have been conducted against data exfiltration by external malicious actors, this work focuses on the emerging identity tracing attack that occurs when a dishonest insider attempts to re-identify obtained DNA samples. We propose a framework named υFRAG to facilitate privacy-preserving data sharing and computation in genome-wide analysis. υFRAG mitigates privacy risks by using vertical fragmentations to disrupt the genetic architecture on which the adversary relies for re-identification. The fragmentation significantly reduces the overall amount of information the adversary can obtain. Notably, it introduces no sacrifice to the capability of genome-wide analysis—we prove that it preserves the correctness of gradient descent, the most popular optimization approach for training machine learning models. We also explore the efficiency performance of υFRAG through experiments on a large-scale, real-world dataset. Our experiments demonstrate that υFRAG outperforms not only secure multiparty computation (MPC) and homomorphic encryption (HE) protocols with a speedup of more than 221x for training neural networks, but also noise-based differential privacy (DP) solutions and traditional non-private algorithms in most settings.Full Tex

Preserving Privacy for Distributed Genome-Wide Analysis Against Identity Tracing Attacks

Genome-wide analysis has demonstrated both health and social benefits. However, large scale sharing of such data may reveal sensitive information about individuals. One of the emerging challenges is identity tracing attack that exploits correlations among genomic data to reveal the identity of DNA samples. In this paper, we first demonstrate that the adversary can narrow down the sample’s identity by detecting his/her genetic relatives and quantify such privacy threat by employing a Shannon entropy-based measurement. For example, we exemplify that when the dataset size reaches 30% of the population, for any target from that population, the uncertainty of the target’s identity is reduced to merely 2.3 bits of entropy (i.e., the identity is pinned down within 5 people). Direct application of existing approaches such as differential privacy (DP), secure multiparty computation (MPC) and homomorphic encryption (HE) may not be applicable to this challenge in genome-wide analysis because of the compromise on utility (i.e., accuracy or efficiency). Towards addressing this challenge, this paper proposes a framework named υFrag to facilitate privacy-preserving data sharing and computation in genome-wide analysis. υFrag mitigates privacy risks by using a vertical fragmentation to disrupt the genetic architecture on which the adversary relies for identity tracing without sacrificing the capability of genome-wide analysis. We theoretically prove that it preserves the correctness of the primitive functionalities and algorithms ranging from basic summary statistics to advanced neural networks. Our experiments demonstrate that υFrag outperforms secure multiparty computation (MPC) and homomorphic encryption (HE) protocols, with a speedup of more than 221x for training neural networks, and also traditional non-private algorithms and a state-of-the-art noise-based differential privacy (DP) solution in most settings.Full Tex