Document is current

Chapter History

First Online: 17 September 2023

Ethical Discussion

: In this paper we present RulEth, a Genetic Programming based solution to generate security rules with the ability to detect attacks based on the packet flow. During the design process, we followed the seven key requirements derived by the European ethics guidelines for trustworthy AI [], namely (1) human agency and oversight, (2) technical robustness and safety, (3) privacy and data governance, (4) transparency, (5) diversity, non-discrimination and fairness, (6) environmental and societal well-being and (7) accountability. In fact, one major research goal was to improve the current state of human agency, transparency, and accountability in intrusion detection systems.<i>Human Agency and Oversight.</i> Human Agency is coupled tightly with the developed architecture, as a human-in-the-loop can interact with each step of the rule generation process, and hold back, improve or generate self-written rules as measures of quality control for the generated model.<i>Technical Robustness and Safety.</i> In order to maintain the confidentiality and safety of the system, adherence to UN regulation R156 [] is required for uploading logs to the backend and provisioning new rules. The traffic logging module within the vehicle must be secured using trusted computing and authenticated with the backend. Furthermore, the backend must operate within a secure environment.<i>Privacy and Data Governance.</i> In order to ensure data governance, we envision the sharing of logs from a users vehicle to be optional, verifying informed consent. Additionally, the privacy of shared data is reached during the aggregation phase. Attacks should not depend on personal information like GPS coordinates, therefore the data can be anonymized.<i>Transparency.</i> The design focuses around transparency, as rules are explainable and easy to understand through the use of a Domain Specific Language. Alerts generated by the system contain the rule and packets responsible for the decision, ensuring traceability.<i>Diversity, Non-Discrimination and Fairness.</i> We try to mitigate unfair bias by using a blacklist approach, denying only communications that exactly match an anomaly pattern.<i>Environmental and Societal Well-Being.</i> The goal of the system is to detect anomalies in the packet flow, we do not see the risk of a negative impact on the society. The detection of anomalies using rules is lightweight, minimizing a negative environmental impact.<i>Accountability.</i> The proposed rule-generation mechanism together with the human approval of the rules facilitate the system’s auditability and traceability, as well as logging and documentation of the AI system’s processes and outcomes.

Conference Information

Conference Acronym: ECML PKDD

Conference Name: Joint European Conference on Machine Learning and Knowledge Discovery in Databases

Conference City: Turin

Conference Country: Italy

Conference Year: 2023

Conference Start Date: 18 September 2023

Conference End Date: 22 September 2023

Conference Number: 23

Conference ID: ecml2023

Conference URL: https://2023.ecmlpkdd.org/

Peer Review Information (provided by the conference organizers)

Type: Double-blind

Conference Management System: CMT

Number of Submissions Sent for Review: 829

Number of Full Papers Accepted: 196

Number of Short Papers Accepted: 0

Acceptance Rate of Full Papers: 24% - The value is computed by the equation "Number of Full Papers Accepted / Number of Submissions Sent for Review * 100" and then rounded to a whole number.

Average Number of Reviews per Paper: 3.63

Average Number of Papers per Reviewer: 4.5

External Reviewers Involved: Yes

Additional Info on Review Process: Applied Data Science Track: 239 submissions, 58 accepted papers; Demo Track: 31 submissions, 16 accepted papers.