CyberSec Research

Data sharing is the fuel of the galloping artificial intelligence economy, providing diverse datasets for training robust models. Trust between data providers and data consumers is widely considered one of the most important factors for enabling data sharing initiatives. Concerns about data sensitivity, privacy breaches, and misuse contribute to reluctance in sharing data across various domains. In recent years, there has been a rise in technological and algorithmic solutions to measure, capture and manage trust, trustworthiness, and reputation in what we collectively refer to as Trust and Reputation Management Systems (TRMSs). Such approaches have been developed and applied to different domains of computer science, such as autonomous vehicles, or IoT networks, but there have not been dedicated approaches to data sharing and its unique characteristics. In this survey, we examine TRMSs from a data-sharing perspective, analyzing how they assess the trustworthiness of both data and entities across different environments. We develop novel taxonomies for system designs, trust evaluation framework, and evaluation metrics for both data and entity, and we systematically analyze the applicability of existing TRMSs in data sharing. Finally, we identify open challenges and propose future research directions to enhance the explainability, comprehensiveness, and accuracy of TRMSs in large-scale data-sharing ecosystems.

As artificial intelligence (AI) systems become increasingly integral to organizational processes, they introduce new forms of fraud that are often subtle, systemic, and concealed within technical complexity. This paper introduces the AI-Fraud Diamond, an extension of the traditional Fraud Triangle that adds technical opacity as a fourth condition alongside pressure, opportunity, and rationalization. Unlike traditional fraud, AI-enabled deception may not involve clear human intent but can arise from system-level features such as opaque model behavior, flawed training data, or unregulated deployment practices. The paper develops a taxonomy of AI-fraud across five categories: input data manipulation, model exploitation, algorithmic decision manipulation, synthetic misinformation, and ethics-based fraud. To assess the relevance and applicability of the AI-Fraud Diamond, the study draws on expert interviews with auditors from two of the Big Four consulting firms. The findings underscore the challenges auditors face when addressing fraud in opaque and automated environments, including limited technical expertise, insufficient cross-disciplinary collaboration, and constrained access to internal system processes. These conditions hinder fraud detection and reduce accountability. The paper argues for a shift in audit methodology-from outcome-based checks to a more diagnostic approach focused on identifying systemic vulnerabilities. Ultimately, the work lays a foundation for future empirical research and audit innovation in a rapidly evolving AI governance landscape.

Online platforms like Reddit are increasingly becoming popular for individuals sharing personal experiences of leaving behind social, ideological, and political groups. Specifically, a series of "ex-" subreddits on Reddit allow users to recount their departures from commitments such as religious affiliations, manosphere communities, conspiracy theories or political beliefs, and lifestyle choices. Understanding the natural process through which users exit, especially from problematic groups such as conspiracy theory communities and the manosphere, can provide valuable insights for designing interventions targeting disengagement from harmful ideologies. This paper presents an in-depth exploration of 15K exit stories across 131 subreddits, focusing on five key areas: religion, manosphere, conspiracy theories, politics, and lifestyle. Using a transdisciplinary framework that incorporates theories from social psychology, organizational behavior, and violent extremism studies, this work identifies a range of factors contributing to disengagement. The results describe how disengagement from problematic groups, such as conspiracy theories and the manosphere, is a multi-faceted process that is qualitatively different than disengaging from more established social structures, such as religions or political ideologies. This research further highlights the need for moving beyond interventions that treat conspiracy theorizing solely as an information problem and contributes insights for future research focusing on offering mental health interventions and support in exit communities.

As AI systems become more capable, integrated, and widespread, understanding the associated risks becomes increasingly important. This paper maps the full spectrum of AI risks, from current harms affecting individual users to existential threats that could endanger humanity's survival. We organize these risks into three main causal categories. Misuse risks, which occur when people deliberately use AI for harmful purposes - creating bioweapons, launching cyberattacks, adversarial AI attacks or deploying lethal autonomous weapons. Misalignment risks happen when AI systems pursue outcomes that conflict with human values, irrespective of developer intentions. This includes risks arising through specification gaming (reward hacking), scheming and power-seeking tendencies in pursuit of long-term strategic goals. Systemic risks, which arise when AI integrates into complex social systems in ways that gradually undermine human agency - concentrating power, accelerating political and economic disempowerment, creating overdependence that leads to human enfeeblement, or irreversibly locking in current values curtailing future moral progress. Beyond these core categories, we identify risk amplifiers - competitive pressures, accidents, corporate indifference, and coordination failures - that make all risks more likely and severe. Throughout, we connect today's existing risks and empirically observable AI behaviors to plausible future outcomes, demonstrating how existing trends could escalate to catastrophic outcomes. Our goal is to help readers understand the complete landscape of AI risks. Good futures are possible, but they don't happen by default. Navigating these challenges will require unprecedented coordination, but an extraordinary future awaits if we do.

Consumer agency in the digital age is increasingly constrained by systemic barriers and algorithmic manipulation, raising concerns about the authenticity of consumption choices. Nowadays, financial decisions are shaped by external pressures like obligatory consumption, algorithmic persuasion, and unstable work schedules that erode financial autonomy. Obligatory consumption (like hidden fees) is intensified by digital ecosystems. Algorithmic tactics like personalized recommendations lead to impulsive purchases. Unstable work schedules also undermine financial planning. Thus, it is important to study how these factors impact consumption agency. To do so, we examine formal models grounded in discounted consumption with constraints that bound agency. We construct analytical scenarios in which consumers face obligatory payments, algorithm-influenced impulsive expenses, or unpredictable income due to temporal instability. Using this framework, we demonstrate that even rational, utility-maximizing agents can experience early financial ruin when agency is limited across structural, behavioral, or temporal dimensions and how diminished autonomy impacts long-term financial well-being. Our central argument is that consumer agency must be treated as a value (not a given) requiring active cultivation, especially in digital ecosystems. The connection between our formal modeling and this argument allows us to indicate that limitations on agency (whether structural, behavioral, or temporal) can be rigorously linked to measurable risks like financial instability. This connection is also a basis for normative claims about consumption as a value, by anchoring them in a formally grounded analysis of consumer behavior. As solutions, we study systemic interventions and consumer education to support value deliberation and informed choices. We formally demonstrate how these measures strengthen agency.

Social infrastructure plays a critical role in shaping neighborhood well-being by fostering social and cultural interaction, enabling service provision, and encouraging exposure to diverse environments. Despite the growing knowledge of its spatial accessibility, time use at social infrastructure places is underexplored due to the lack of a spatially resolved national dataset. We address this gap by developing scalable Social-Infrastructure Time Use measures (STU) that capture length and depth of engagement, activity diversity, and spatial inequality, supported by first-of-their-kind datasets spanning multiple geographic scales from census tracts to metropolitan areas. Our datasets leverage anonymized and aggregated foot traffic data collected between 2019 and 2024 across 49 continental U.S. states. The data description reveals variances in STU across time, space, and differing neighborhood sociodemographic characteristics. Validation demonstrates generally robust population representation, consistent with established national survey findings while revealing more nuanced patterns. Future analyses could link STU with public health outcomes and environmental factors to inform targeted interventions aimed at enhancing population well-being and guiding social infrastructure planning and usage.

Cardiovascular diseases (CVDs) remain the foremost cause of mortality worldwide, a burden worsened by a severe deficit of healthcare workers. Artificial intelligence (AI) agents have shown potential to alleviate this gap via automated early detection and proactive screening, yet their clinical application remains limited by: 1) prompt-based clinical role assignment that relies on intrinsic model capabilities without domain-specific tool support; or 2) rigid sequential workflows, whereas clinical care often requires adaptive reasoning that orders specific tests and, based on their results, guides personalised next steps; 3) general and static knowledge bases without continuous learning capability; and 4) fixed unimodal or bimodal inputs and lack of on-demand visual outputs when further clarification is needed. In response, a multimodal framework, CardAIc-Agents, was proposed to augment models with external tools and adaptively support diverse cardiac tasks. Specifically, a CardiacRAG agent generated general plans from updatable cardiac knowledge, while the chief agent integrated tools to autonomously execute these plans and deliver decisions. To enable adaptive and case-specific customization, a stepwise update strategy was proposed to dynamically refine plans based on preceding execution results, once the task was assessed as complex. In addition, a multidisciplinary discussion tool was introduced to interpret challenging cases, thereby supporting further adaptation. When clinicians raised concerns, visual review panels were provided to assist final validation. Experiments across three datasets showed the efficiency of CardAIc-Agents compared to mainstream Vision-Language Models (VLMs), state-of-the-art agentic systems, and fine-tuned VLMs.

Urban greenery is often linked to better health, yet findings from past research have been inconsistent. One reason is that official greenery metrics measure the amount or nearness of greenery but ignore how often people actually may potentially see or use it in daily life. To address this gap, we introduced a new classification that separates on-road greenery, which people see while walking through streets, from off-road greenery, which requires planned visits. We did so by combining aerial imagery of Greater London and greenery data from OpenStreetMap with quantified greenery from over 100,000 Google Street View images and accessibility estimates based on 160,000 road segments. We linked these measures to 7.45 billion medical prescriptions issued by the National Health Service and processed through our methodology. These prescriptions cover five conditions: diabetes, hypertension, asthma, depression, and anxiety, as well as opioid use. As hypothesized, we found that green on-road was more strongly linked to better health than four widely used official measures. For example, hypertension prescriptions dropped by 3.68% in wards with on-road greenery above the median citywide level compared to those below it. If all below-median wards reached the citywide median in on-road greenery, prescription costs could fall by up to {\pounds}3.15 million each year. These results suggest that greenery seen in daily life may be more relevant than public yet secluded greenery, and that official metrics commonly used in the literature have important limitations.

Public service systems in many African regions suffer from delayed emergency response and spatial inequity, causing avoidable suffering. This paper introduces OPTIC-ER, a reinforcement learning (RL) framework for real-time, adaptive, and equitable emergency response. OPTIC-ER uses an attention-guided actor-critic architecture to manage the complexity of dispatch environments. Its key innovations are a Context-Rich State Vector, encoding action sub-optimality, and a Precision Reward Function, which penalizes inefficiency. Training occurs in a high-fidelity simulation using real data from Rivers State, Nigeria, accelerated by a precomputed Travel Time Atlas. The system is built on the TALS framework (Thin computing, Adaptability, Low-cost, Scalability) for deployment in low-resource settings. In evaluations on 500 unseen incidents, OPTIC-ER achieved a 100.00% optimality rate with negligible inefficiency, confirming its robustness and generalization. Beyond dispatch, the system generates Infrastructure Deficiency Maps and Equity Monitoring Dashboards to guide proactive governance and data-informed development. This work presents a validated blueprint for AI-augmented public services, showing how context-aware RL can bridge the gap between algorithmic decision-making and measurable human impact.

While informal settlements lack focused development and are highly dynamic, the quality of spatial data for these places may be uncertain. This study evaluates the quality and biases of AI-generated Open Building Datasets (OBDs) generated by Google and Microsoft against OpenStreetMap (OSM) data, across diverse global cities including Accra, Nairobi, Caracas, Berlin, and Houston. The Intersection over Union (IoU), overlap analysis and a positional accuracy algorithm are used to analyse the similarity and alignment of the datasets. The paper also analyses the size distribution of the building polygon area, and completeness using predefined but regular spatial units. The results indicate significant variance in data quality, with Houston and Berlin demonstrating high alignment and completeness, reflecting their structured urban environments. There are gaps in the datasets analysed, and cities like Accra and Caracas may be under-represented. This could highlight difficulties in capturing complex or informal regions. The study also notes different building size distributions, which may be indicative of the global socio-economic divide. These findings may emphasise the need to consider the quality of global building datasets to avoid misrepresentation, which is an important element of planning and resource distribution.

This study investigates the use of Large Language Models (LLMs) for predicting human-perceived misery scores from natural language descriptions of real-world scenarios. The task is framed as a regression problem, where the model assigns a scalar value from 0 to 100 to each input statement. We evaluate multiple prompting strategies, including zero-shot, fixed-context few-shot, and retrieval-based prompting using BERT sentence embeddings. Few-shot approaches consistently outperform zero-shot baselines, underscoring the value of contextual examples in affective prediction. To move beyond static evaluation, we introduce the "Misery Game Show", a novel gamified framework inspired by a television format. It tests LLMs through structured rounds involving ordinal comparison, binary classification, scalar estimation, and feedback-driven reasoning. This setup enables us to assess not only predictive accuracy but also the model's ability to adapt based on corrective feedback. The gamified evaluation highlights the broader potential of LLMs in dynamic emotional reasoning tasks beyond standard regression. Code and data link: https://github.com/abhi1nandy2/Misery_Data_Exps_GitHub

Cognitive structure is a student's subjective organization of an objective knowledge system, reflected in the psychological construction of concepts and their relations. However, cognitive structure assessment remains a long-standing challenge in student modeling and psychometrics, persisting as a foundational yet largely unassessable concept in educational practice. This paper introduces a novel framework, Cognitive Structure Generation (CSG), in which we first pretrain a Cognitive Structure Diffusion Probabilistic Model (CSDPM) to generate students' cognitive structures from educational priors, and then further optimize its generative process as a policy with hierarchical reward signals via reinforcement learning to align with genuine cognitive development levels during students' learning processes. Experimental results on four popular real-world education datasets show that cognitive structures generated by CSG offer more comprehensive and effective representations for student modeling, substantially improving performance on KT and CD tasks while enhancing interpretability.

Brain-computer interfaces (BCIs) show enormous potential for advancing personalized medicine. However, BCIs also introduce new avenues for cyber-attacks or security compromises. In this article, we analyze the problem and make recommendations for device manufacturers to better secure devices and to help regulators understand where more guidance is needed to protect patient safety and data confidentiality. Device manufacturers should implement the prior suggestions in their BCI products. These recommendations help protect BCI users from undue risks, including compromised personal health and genetic information, unintended BCI-mediated movement, and many other cybersecurity breaches. Regulators should mandate non-surgical device update methods, strong authentication and authorization schemes for BCI software modifications, encryption of data moving to and from the brain, and minimize network connectivity where possible. We also design a hypothetical, average-case threat model that identifies possible cybersecurity threats to BCI patients and predicts the likeliness of risk for each category of threat. BCIs are at less risk of physical compromise or attack, but are vulnerable to remote attack; we focus on possible threats via network paths to BCIs and suggest technical controls to limit network connections.

The acceleration of artificial intelligence (AI) in science is recognized and many scholars have begun to explore its role in interdisciplinary collaboration. However, the mechanisms and extent of this impact are still unclear. This study, using AlphaFold's impact on structural biologists, examines how AI technologies influence interdisciplinary collaborative patterns. By analyzing 1,247 AlphaFold-related papers and 7,700 authors from Scopus, we employ bibliometric analysis and causal inference to compare interdisciplinary collaboration between AlphaFold adopters and non-adopters. Contrary to the widespread belief that AI facilitates interdisciplinary collaboration, our findings show that AlphaFold increased structural biology-computer science collaborations by just 0.48%, with no measurable effect on other disciplines. Specifically, AI creates interdisciplinary collaboration demands with specific disciplines due to its technical characteristics, but this demand is weakened by technological democratization and other factors. These findings demonstrate that artificial intelligence (AI) alone has limited efficacy in bridging disciplinary divides or fostering meaningful interdisciplinary collaboration.

The integration of Artificial Intelligence (AI) into healthcare systems in low-resource settings, such as Nepal and Ghana, presents transformative opportunities to improve personalized patient care, optimize resources, and address medical professional shortages. This paper presents a survey-based evaluation and insights from Nepal and Ghana, highlighting major obstacles such as data privacy, reliability, and trust issues. Quantitative and qualitative field studies reveal critical metrics, including 85% of respondents identifying ethical oversight as a key concern, and 72% emphasizing the need for localized governance structures. Building on these findings, we propose a draft Responsible AI (RAI) Framework tailored to resourceconstrained environments in these countries. Key elements of the framework include ethical guidelines, regulatory compliance mechanisms, and contextual validation approaches to mitigate bias and ensure equitable healthcare outcomes.

This paper studies an application of a recurrent neural network to clustering method for the S-P chart: a binary data set used widely in education. As the number of students increases, the S-P chart becomes hard to handle. In order to classify the large chart into smaller charts, we present a simple clustering method based on the network dynamics. In the method, the network has multiple fixed points and basins of attraction give clusters corresponding to small S-P charts. In order to evaluate the clustering performance, we present an important feature quantity: average caution index that characterizes singularity of students answer oatterns. Performing fundamental experiments, effectiveness of the method is confirmed.

Curriculum analytics (CA) studies curriculum structure and student data to ensure the quality of educational programs. An essential aspect is studying course properties, which involves assigning each course a representative difficulty value. This is critical for several aspects of CA, such as quality control (e.g., monitoring variations over time), course comparisons (e.g., articulation), and course recommendation (e.g., advising). Measuring course difficulty requires careful consideration of multiple factors: First, when difficulty measures are sensitive to the performance level of enrolled students, it can bias interpretations by overlooking student diversity. By assessing difficulty independently of enrolled students' performances, we can reduce the risk of bias and enable fair, representative assessments of difficulty. Second, from a measurement theoretic perspective, the measurement must be reliable and valid to provide a robust basis for subsequent analyses. Third, difficulty measures should account for covariates, such as the characteristics of individual students within a diverse populations (e.g., transfer status). In recent years, various notions of difficulty have been proposed. This paper provides the first comprehensive review and comparison of existing approaches for assessing course difficulty based on grade point averages and latent trait modeling. It further offers a hands-on tutorial on model selection, assumption checking, and practical CA applications. These applications include monitoring course difficulty over time and detecting courses with disparate outcomes between distinct groups of students (e.g., dropouts vs. graduates), ultimately aiming to promote high-quality, fair, and equitable learning experiences. To support further research and application, we provide an open-source software package and artificial datasets, facilitating reproducibility and adoption.

The increasing burden of responding to large volumes of patient messages has become a key factor contributing to physician burnout. Generative AI (GenAI) shows great promise to alleviate this burden by automatically drafting patient message replies. The ethical implications of this use have however not been fully explored. To address this knowledge gap, we conducted a semi-structured interview study with 21 physicians who participated in a GenAI pilot program. We found that notable ethical considerations expressed by the physician participants included human oversight as ethical safeguard, transparency and patient consent of AI use, patient misunderstanding of AI's role, and patient privacy and data security as prerequisites. Additionally, our findings suggest that the physicians believe the ethical responsibility of using GenAI in this context primarily lies with users, not with the technology. These findings may provide useful insights into guiding the future implementation of GenAI in clinical practice.