Although most brain tumor diagnosis studies have focused on tumor segmentation and localization operations, few studies have focused on tumor detection as a time- and effort-saving process. This study introduces a new network structure for accurate glioma tumor detection and classification using two parallel deep convolutional neural networks (PDCNNs). The proposed structure is designed to identify the presence and absence of a brain tumor in MRI images and classify the type of tumor images as high-grade gliomas (HGGs, i.e., glioblastomas) or low-grade gliomas (LGGs). The introduced PDCNNs structure takes advantage of both global and local features extracted from the two parallel stages. The proposed structure is not only accurate but also efficient, as the convolutional layers are more accurate because they learn spatial features, and they are efficient in the testing phase since they reduce the number of weights, which reduces the memory usage and runtime. Simulation experiments were accomplished using an MRI dataset extracted from the BraTS 2017 database. The obtained results show that the proposed parallel network structure outperforms other detection and classification methods in the literature.

The utilization of different types of brain images has been expanding, which makes manually examining each image a labor-intensive task. This study introduces a brain tumor segmentation method that uses two parallel U-Net with an asymmetric residual-based deep convolutional neural network (TPUAR-Net). The proposed method is customized to segment high and low grade glioblastomas identified from magnetic resonance imaging (MRI) data. Varieties of these tumors can appear anywhere in the brain and may have practically any shape, contrast, or size. Thus, this study used deep learning techniques based on adaptive, high-efficiency neural networks in the proposed model structure. In this paper, several high-performance models based on convolutional neural networks (CNNs) have been examined. The proposed TPUAR-Net capitalizes on different levels of global and local features in the upper and lower paths of the proposed model structure. In addition, the proposed method is configured to use the skip connection between layers and residual units to accelerate the training and testing processes. The TPUAR-Net model provides promising segmentation accuracy using MRI images from the BRATS 2017 database, while its parallelized architecture considerably improves the execution speed. The results obtained in terms of Dice, sensitivity, and specificity metrics demonstrate that TPUAR-Net outperforms other methods and achieves the state-of-the-art performance for brain tumor segmentation.

In the past decade, cloud computing has become one of the essential techniques of many business areas, including social media, online shopping, music streaming, and many more. It is difficult for cloud providers to provision their systems in advance due to fluctuating changes in input workload and resultant resource demand. Therefore, there is a need for auto-scaling technology that can dynamically adjust resource allocation of cloud services based on incoming workload. In this paper, we present a predictive auto-scaler for Kubernetes environments to improve the quality of service. Being based on a proactive model, our proposed auto-scaling method serves as a foundation on which to build scalable and resource-efficient cloud systems.

We investigate five English NLP benchmark datasets (on the superGLUE leaderboard) and two Swedish datasets for bias, along multiple axes. The datasets are the following: Boolean Question (Boolq), CommitmentBank (CB), Winograd Schema Challenge (WSC), Winogender diagnostic (AXg), Recognising Textual Entailment (RTE), Swedish CB, and SWEDN. Bias can be harmful and it is known to be common in data, which ML models learn from. In order to mitigate bias in data, it is crucial to be able to estimate it objectively. We use bipol, a novel multi-axes bias metric with explainability, to estimate and explain how much bias exists in these datasets. Multilingual, multi-axes bias evaluation is not very common. Hence, we also contribute a new, large Swedish bias-labeled dataset (of 2 million samples), translated from the English version and train the SotA mT5 model on it. In addition, we contribute new multi-axes lexica for bias detection in Swedish. We make the codes, model, and new dataset publicly available.

The Internet beside providing many advantages has some disadvantages. The full unfamiliarity with cyberspace can bring harms and inconvenience to families. This study attempted to introduce the disadvantages and threats on the Internet and present some countermeasures to decrease such threats and harms. Social networks are currently so epidemic that even many companies and organizations formally supply the internal communication system among their members and employees through this social networks and the number of the users of such networks is increasing daily. The term “information security” covers a broad spectrum of activities in an organization. Information security means preventing the unauthorized access to information and products or apply some changes or delete such information using a series of processes. Such actions can be considered as a protection package against current resources in different situations (e.g., a hacker attacks which occurs a lot) by those in charge of information security. One of the most important issues which is considered as a security challenge in these networks is the security and retention of the data and information shared by users from unauthorized access and unwanted disclosure. In this article the Kuleshov effect from cinema has been deployed to explain and launch a behavioral analysis of online activities.

In recent years, mobile devices have become commonly used not only for voice communications but also to play a major role in our daily activities. Accordingly, the number of mobile users and the number of mobile applications (apps) have increased exponentially. With a wide user base exceeding 2 billion users, Android is the most popular operating system worldwide, which makes it a frequent target for malicious actors. Adware is a form of malware that downloads and displays unwanted advertisements, which are often offensive and always unsolicited. This paper presents a machine learning-based system (AdStop) that detects Android adware by examining the features in the flow of network traffic. The design goals of AdStop are high accuracy, high speed, and good generalizability beyond the training dataset. A feature reduction stage was implemented to increase the accuracy of Adware detection and reduce the time overhead. The number of relevant features used in training was reduced from 79 to 13 to improve the efficiency and simplify the deployment of AdStop. In experiments, the tool had an accuracy of 98.02% with a false positive rate of 2% and a false negative rate of 1.9%. The time overhead was 5.54 s for training and 9.36 µs for a single instance in the testing phase. In tests, AdStop outperformed other methods described in the literature. It is an accurate and lightweight tool for detecting mobile adware.

The Internet of Things (IoT) has become an enabler paradigm for different applications, such as healthcare, education, agriculture, smart homes, and recently, enterprise systems (E-IoTs). Significant advances in IoT networks have been hindered by security vulnerabilities and threats, which, if not addressed, can negatively impact the deployment and operation of IoT-enabled systems. This study addresses IoT security and presents an intelligent two-layer intrusion detection system for IoT. The system's intelligence is driven by machine learning techniques for intrusion detection, with the two-layer architecture handling flow-based and packet-based features. By selecting significant features, the time overhead is minimized without affecting detection accuracy. The uniqueness and novelty of the proposed system emerge from combining machine learning and selection modules for flow-based and packet-based features. The proposed intrusion detection works at the network layer, and hence, it is device and application transparent. In our experiments, the proposed system had an accuracy of 99.15% for packet-based features with a testing time of 0.357 μs. The flow-based classifier had an accuracy of 99.66% with a testing time of 0.410 μs. A comparison demonstrated that the proposed system outperformed other methods described in the literature. Thus, it is an accurate and lightweight tool for detecting intrusions in IoT systems.

With approximately 2 billion active devices, the Android operating system tops all other operating systems in terms of the number of devices using it. Android has gained wide popularity not only as a smartphone operating system, but also as an operating system for vehicles, tablets, smart appliances, and Internet of Things devices. Consequently, security challenges have arisen with the rapid adoption of the Android operating system. Thousands of malicious applications have been created and are being downloaded by unsuspecting users. This paper presents a lightweight Android malware detection system based on explainable machine learning. The proposed system uses the features extracted from applications to identify malicious and benign malware. The proposed system is tested, showing an accuracy exceeding 98% while maintaining its small footprint on the device. In addition, the classifier model is explained using Shapley Additive Explanation (SHAP) values.

Remote health monitoring is a trend for better health management which necessitates the need for secure monitoring and privacy-preservation of patient data. Moreover, accurate and continuous monitoring of personal health status may require expert validation in an active learning strategy. As a result, this paper proposes a Federated Interactive Learning IoT-based Health Monitoring Platform (FIL-IoT-HMP) which incorporates multi-expert feedback as ‘Human-in-the-loop’ in an active learning strategy in order to improve the clients’ Machine Learning (ML) models. The authors have proposed an architecture and conducted an experiment as a proof of concept. Federated learning approach has been preferred in this context given that it strengthens privacy by allowing the global model to be trained while sensitive data is retained at the local edge nodes. Also, each model’s accuracy is improved while privacy and security of data has been upheld. 

In this paper, we first describe various synchronous and asynchronous methods for enhancing student engagement in big online courses. We showcase the implementation of these methods in the “Introduction to Artificial Intelligence (AI)” course at Luleå University of Technology, which has attracted around 500 students in each of its iterations (twice yearly, since 2019). We also show that these methods can be applied efficiently, in terms of the teaching hours required. With the increase in digitization and student mobility, the demand for improved and personalized content delivery for distance education has also increased. This applies not only in the context of traditional undergraduate education, but also in the context of adult education and lifelong learning. This higher level of demand, however, introduces a challenge, especially as it is typically combined with a shortage of staff and needs for efficient education. This challenge is further amplified by the current pandemic situation, which led to an even bigger risk of student-dropout. To mitigate this risk, as well as to meet the increased demand, we applied various methods for creating engaging interaction in our pedagogy based on Moor’s framework: learner-to-learner, learner-to-instructor, and learner-to-content engagement strategies. The main methods of this pedagogy are as follows: short, and interactive videos, active discussions in topic-based forums, regular live sessions with group discussions, and the introduction of optional content at many points in the course, to address different target groups. In this paper, we show how we originally designed and continuously improved the course, without requiring more than 500 teaching hours per iteration (one hour per enrolled student), while we also managed to increase the successful completion rate of the participants by 10%, and improved student engagement and feedback for the course by 50%. We intend to share a set of best-practices applicable to many other e-learning courses in ICT.

The emergence of unmanned aerial vehicles (also referred to as drones) has transformed the digital landscape of surveillance and supply chain logistics, especially in terrains where such was previously deemed unattainable. Moreover, the adoption of drones has further led to the proliferation of diverse drone types and drone-related criminality, which has introduced a myriad of security and forensics-related concerns. As a step towards understanding the state-of-the-art research into these challenges and potential approaches to mitigation, this study provides a detailed review of existing digital forensic models using the Design Science Research method. The outcome of this study generated in-depth knowledge of the research challenges and opportunities through which an effective investigation can be carried out on drone-related incidents. Furthermore, a potential generic investigation model has been proposed. The findings presented in this study are essentially relevant to forensic researchers and practitioners towards a guided methodology for drone-related event investigation. Ultimately, it is important to mention that this study presents a background for the development of international standardization for drone forensics.

Using a face validity approach, this paper provides a validation of the Database Forensic Investigation Metamodel (DBFIM). The DBFIM was developed to solve interoperability, heterogeneity, complexity, and ambiguity in the database forensic investigation (DBFI) field, where several models were identified, collected, and reviewed to develop DBFIM. However, the developed DBFIM lacked the face validity-based approach that could ensure DBFIM’s applicability in the DBFI field. The completeness, usefulness, and logic of the developed DBFIM needed to be validated by experts. Therefore, the objective of this paper is to perform the validation of the developed DBFIM using the qualitative face validity approach. The face validity method is a common way of validating metamodels through subject expert inquiry on the domain application of the metamodel to assess whether the metamodel is reasonable and compatible based on the outcomes. For this purpose, six experts were nominated and selected to validate the developed DBFIM. From the expert review, the developed DBFIM was found to be complete, coherent, logical, scalable, interoperable, and useful for the DBFI field.

Purpose - The aim of this paper is to investigate corporate financial disclosure via Twitter among the top listed 350 companies in the UK as well as identify the determinants of the extent of social media usage to disclose financial information.

Design/methodology/approach – This study applies an unsupervised machine learning technique, namely, Latent Dirichlet Allocation (LDA) topic modeling to identify financial disclosure tweets. Panel, Logistic, and Generalized Linear Model Regressions are also run to identify the determinants of financial disclosure on Twitter focusing mainly on board characteristics.

Findings – Topic modeling results reveal that companies mainly tweet about 12 topics, including financial disclosure, which has a probability of occurrence of about 7 percent. Several board characteristics are found to be associated with the extent of Twitter usage as a financial disclosure platform, among which are board independence, gender diversity, and board tenure.

Originality/value – Extensive literature examines disclosure via traditional media and its determinants, yet this paper extends the literature by investigating the relatively new disclosure channel of social media. This study is among the first to utilize machine learning, instead of manual coding techniques, to automatically unveil the tweets’ topics and reveal financial disclosure tweets. It is also among the first to investigate the relationships between several board characteristics and financial disclosure on Twitter; providing a distinction between the roles of executive versus non-executive directors relating to disclosure decisions.

Purpose

This study aims to identify problems connected to information classification in theory and to put those problems into the context of experiences from practice.

Design/methodology/approach

Five themes describing problems are discussed in an empirical study, having informants represented from both a public and a private sector organization.

Findings

The reasons for problems to occur in information classification are exemplified by the informants’ experiences. The study concludes with directions for future research.

Originality/value

Information classification sustains the basics of security measures. The human–organizational challenges are evident in the activities but have received little attention in research.

Information security awareness (ISA) focuses on the user’s responsibility and understanding of risk, to ensure that acceptable working practices are adopted under these broad principles, thereby reducing the likelihood of legal, financial and reputational risk related to the organization and individual. However, the third sector organization is behind in the security awareness maturity level. This research aims to understand and evaluate the level of information security awareness (ISA) knowledge in third sector organizations. The study was conducted with mixed-method design, combining the qualitative and quantitative approaches. A semi-structured interview method was used to gather data, transcribe it, and analyse it with a thematic framework analysis. The quantitative approach uses a questionnaire survey method was used to investigate the knowledge of information security awareness. The main findings present a lack of security awareness in the third sector and gaps in good security behaviour. 

The vast amount of data generated by the Internet of Things (IoT) has made information and cyber security vital for not only personal privacy, but also for the sustainability of the IoT itself. Security and Privacy in the Internet of Things brings together high-quality research on IoT security models, architectures, techniques, and application domains. This concise yet comprehensive volume explores state-of-the-art mitigations in IoT security while addressing important security and privacy challenges across different IoT layers. The book provides timely coverage of IoT architecture, security technologies and mechanisms, and applications. The authors outline emerging trends in IoT security and privacy with a focus on areas such as smart environments and e-health. Topics include authentication and access control, attack detection and prevention, securing IoT through traffic modeling, human aspects in IoT security, and IoT hardware security. Presenting the current body of knowledge in a single volume, Security and Privacy in the Internet of Things:

• Discusses a broad range of IoT attacks and defense mechanisms • Examines IoT security and privacy protocols and approaches • Covers both the logical and physical security of IoT devices • Addresses IoT security through network traffic modeling • Describes privacy preserving techniques in smart cities • Explores current threat and vulnerability analyses

Security and Privacy in the Internet of Things: Architectures, Techniques, and Applications is essential reading for researchers, industry practitioners, and students involved in IoT security development and IoT systems deployment.

We are thrilled and delighted to present this special issue, which emphasises on the novel area of Enabling Technologies for Energy Cloud. This guest editorial provides an overview of all articles accepted for publication in this special issue.

Bookkeeping data free of fraud and errors is a cornerstone of legitimate business operations. Highly complex and laborious financial auditors’ work calls for finding new solutions and algorithms to ensure the correctness of financial statements. Both supervised and unsupervised machine learning (ML) techniques, nowadays, are being successfully applied to detect fraud and anomalies in data. In accounting, it is a long-established problem to detect financial misstatements deemed anomalies in General Ledger (GL) data. Currently, widely used techniques such as random sampling and manual assessment of bookkeeping rules become challenging and unreliable due to increasing data volumes and unknown fraudulent patterns. To address the sampling risk and financial audit inefficiency, we applied seven supervised ML techniques inclusive of Deep Learning and two unsupervised ML techniques such as Isolation Forest and Autoencoders. We trained and evaluated our models on a real-life GL dataset and used data vectorization to resolve journal entry size variability. The evaluation results showed that the best trained supervised and unsupervised models have high potential in detecting predefined anomaly types as well as in efficiently sampling data to discern higher-risk journal entries. Based on our findings, we discussed possible practical implications of the resulting solutions in the accounting context.

Purpose: This study aims to investigate the extent and characteristics of corporate internet disclosure via companies’ websites as well via social media and networks sites in the four leading English-speaking stock markets, namely, Australia, Canada, the UK and the USA.

Design/methodology/approach: A disclosure index comprising a set of items that encompasses two facets of online disclosure, namely, company websites and social media sites, is used. This paper adopts a data science approach to investigate corporate internet disclosure practices among top listed firms in Australia, Canada, the UK and the USA.

Findings: The results reveal the underlying relations between the determining factors of corporate disclosure, i.e. profitability, leverage, liquidity and firm size. Profitability in its own has no great effect on the degree of corporate internet disclosure whether via company websites or social media sites. Liquidity has an impact on the degree of disclosure. Firm size and leverage appear to be the most important factors driving better disclosure via social media. American companies tend to be on the cutting edge of technology when it comes to corporate disclosure.

Practical implications: This paper provides new insights into corporate internet disclosure that will benefit all stakeholders with an interest in corporate reporting. Social media is an influential means of communication that can enable corporate office to get instant feedback enhancing their decision-making process.

Originality/value: To the best of the authors’ knowledge, this study is amongst few studies of corporate disclosure via social media platforms. This study has adopted disclosure index incorporating social media as well as applying data science approach in disclosure in an attempt to unfold how accounting could benefit from data science techniques.

Since Advanced Persistent Threats (APTs) are the most sophisticated form of cyber weapon to date, previous research has indicated that further knowledge about the actors and their Modus Operandi (MO) is needed as the groups are highly organized, skilled and motivated when engaging in cyberoperations with different aims. This thesis poses the research question: how does the desired impact of an APT affect its MO? To answer the research question, a cross-case study is performed using a qualitative case study design. The method of structured focused comparison is employed where the cases of the Russian attributed APT the Sandworm Team and the North Korean-linked APT the Lazarus Group which have engaged in numerous cyberoperations with multiple impacts are compared against the Russian attributed APT Turla and the North Korean attributed APT Kimsuky which have performed numerous cyberoperations with a single impact. The findings, using the MITRE ATT&CK framework, show that there are similarities across the cases in terms of the techniques used but differences in terms of malwares used. The findings therefore indicate that the malware may be the key determinant of the impact of a cyberoperation by an APT.

Today, information is a key asset for many organisations. Reducing risks of information compromise is increasingly prioritised. However, there is an incomplete understanding of how organisations with limited security knowledge and experience manage information security risks in practice. Previous studies have suggested that security-novice employees faced with burdensome, complex, and ambiguous security requirements can experience security-related stress (SRS), and ultimately influence their security decisions. In this study, we further this research stream by suggesting that SRS can similarly be found with security-novice managers responsible for developing and practising information security risk management (ISRM). Two organisations were targeted in the study using a case study approach, to obtain data about their practices, using SRS as an analytical lens. The study found various examples where SRS influenced security-novice managers’ decisions, and identifies several stressors and stress inhibitors in the ISRM process and supporting ISRM tools, and discusses the implications for practitioners.

Purpose – The study aims to revisit six previously defined challenges in information security risk management to provide insights into new challenges based on current practices.

Design/methodology/approach – The study is based on an empirical study consisting of in-depth interviews with representatives from public sector organisations. The data were analysed by applying a practice-based view, i.e. the lens of knowing (or knowings). The results were validated by an expert panel.

Findings – Managerial and organisational concerns that go beyond a technical perspective have been . found, which affect the ongoing social build-up of knowledge in everyday information security work.

Research limitations/implications – The study has delimitation as it consists of data from four public sector organisations, i.e. statistical analyses have not been in focus, while implying a better understanding of what and why certain actions are practised in their security work.

Practical implications – The new challenges that have been identified offer a refined set of actionable advice to practitioners, which, for example, can support cost-efficient decisions and avoid unnecessary security trade-offs.

Originality/value – Information security is increasingly relevant for organisations, yet little is still known about how related risks are handled in practice. Recent studies have indicated a gap between the espoused and the actual actions. Insights from actual, situated enactment of practice can advise on process adaption and suggest more fit approaches.

Cyber security is a key enabler for safe Air Traffic Management (ATM). This paper presents results from an empirical study, in which we have investigated and evaluated the use of the Security Risk Assessment Methodology for SESAR (SecRAM) in European ATM research and development projects. The study was performed with the intention to find and document common issues and aspects that could be improved in the methodology. The results from the study reveal that while most of the practitioners had a positive perception of the methodology itself, they were less satisfied with the process of applying it in their projects. Based on the results, we provide a number of recommendations, which aim to improve the security risk assessment process in the ATM domain.

Digital twin (DT) emerges as a key concept of the Industry 4.0 paradigm and beyond. However, the current literature lacks focus on humans and human activities as a part of complex system DTs. Acknowledging human aspects in DTs can enhance work performance, well-being, motivation, and personal development of professionals. This study examines emerging requirements for human digital twins (HDTs) in three use cases of industry–academia collaboration on complex systems. The results draw together the overall design problem and four design objectives for HDTs. We propose to combine the machine and human-related aspects of DTs and highlight the need for virtual-to-virtual interoperability between HDTs and machines alike. Furthermore, we outline differences between humans and machines regarding digital twinning by addressing human activities and knowledge-based behavior on systems. Design of HDTs requires understanding of individual professional characteristics, such as skills and information preferences, together with twinning between the physical and digital machine entities and interactions between the human and machine DTs. As the field moves toward including humans as a part of the DT concept, incorporating HDTs in complex systems emerges as an increasingly significant issue.

People, organizations and society are become more and more dependent upon access to Information Systems. Most Information Systems are accessible via the Internet. It is becoming easier and easier to perform successful network attacks against these Information Systems, which causes the system to become unavailable for its intended users. It is also very inexpensive to launch a successful network DRDoS attack against an organization’s servers. One type of distributed denial of service (DDoS) network attack sends a very large volume of traffic towards the victim’s servers. The most common of these volumetric DDoS attacks are described as reflective DDoS service (DRDoS) attacks and the DRDoS defense is the main contribution of this thesis. For years, you have been able to even rent network attack services from criminal organizations, which are often in the form of DRDoS network attacks.

The Design Science Research (DSR) approach was used for my research. Included are the DSR cycles performed, including the artifact evaluations. The relationship between the DSR cycles and the published research papers is presented in the paper summary section. The first two papers formed the DSR problem definition. The next three papers used a variety of information hiding techniques to mitigate network attacks. The last paper proposed a different design principle, based on filtering traffic before it reached the public cloud providers. This proposed DRDoS defense approach is to have the public cloud provider request their IP neighbors to filter or drop certain traffic for a big IP block of IP addresses. Then the provider gives IP addresses to their customers, who want this protection, from the big IP block. This way the provider can provide DRDoS protection for hundreds of thousands of customers, with a few firewall rules and the filtering of malicious traffic occurs at the network edge. This solution prevents most of the DRDoS attack traffic from even reaching the public cloud provider. This last research is focused on protecting servers from DRDoS attacks, where the servers are accessible via the Internet and where the servers are or can be hosted via a public cloud provider. This public cloud provider hosting includes accessibility via cloud offerings, such as with Amazon’s Web Services (AWS), Google’s Compute Cloud (GCP), and Microsoft’s Azure. To simplify the discussion, this thesis will focus on Web servers, as the example.

The research has been generalized into the following two research design principal contributions. My thesis, including the design principles, contributes to the state of the art network DDoS defense in the following ways:

1. Divide and Search for Malicious Network Traffic. After the attack is detected, the IP, Web, and/or DNS address information is changed  This mitigates the attacks since the attacker will not be able to quickly learn the new DNS, Web, or IP connectivity information. This has the effect to reduce or mitigate the effect of the DDoS attacks.

2.  Ask IPX Neighbors to Pre-process Network Traffic. With this design principle, we have two types of features. One feature is to stop malicious traffic. This mitigates the attacks at the public cloud provider’s neighbors, so that most of the malicious traffic never even arrives to the cloud provider. This way, the cloud provider no longer needs to process the malicious traffic to filter it out. The other feature is to provide a different quality of service (QoS) for incoming traffic. This allows the public cloud provider’s neighbor to treat the traffic as higher or lower priority traffic.

In this thesis, the contributions are how to improve the state of the art DDoS defense solutions, concerning network attacks against Internet accessible servers. We believe that our DRDoS defense contribution is better, more efficient, and/or more effective than the current state of the art DDRoS solutions. Our contributions are focused on network layer attacks as opposed to application, presentation, or transport layer attacks.

This article is concerning distributed reflection denial of service (DRDoS) attacks.  These DRDoS attacks are more frequent and large scale, and are one of the biggest threats on the Internet. This paper discusses the best way to defend from these attacks using public cloud defenses, such as Amazon AWS, Google GCP, and Microsoft Azure, at a very low cost.  Our mitigation strategy takes advantage of the fact that the attacker does not have full control to change the source IP port to anything they want, when used in these reflective attacks.  We propose to have the customer host their Web servers and other types of supporting servers in the public cloud.  The cloud provider then reserves a /CIDR block of IP addresses, which will be protected.  The cloud providers customers who opt in, will be allocated an IP address from this block.  This block will be used as the source IP address deny portion of the firewall rule-sets.  Then the public cloud providers will use BGP4 Flow-Spec or some scripting solution, to have their IP service provider neighbors perform the actual filtering of the DRDoS attack traffic concerning attacks against these servers.

The National Space Data Lab is a collaboration project between Swedish National Space Agency, RISE Research Institutes of Sweden, Luleå University of Technology and AI Sweden. It will be a national knowledge and data hub for Swedish authorities’ work on earth observation data and for the development of AI-based analysis of data, generated in space systems. The platform is deployed on Kubernetes.

Purpose

• Increase the availability of space data for the benefit of developing society and industry

• Provide platform for accessing space data and analytical tools

In today’s ongoing urbanization and escalating climate change, there is an increasing demand on cities to be innovative and inclusive to handle these emerging issues. As an answer to these challenges, and in order to generate and adopt sustainable innovations and nature-based solutions in the urban areas, the concept of urban living labs has emerged. However, to date, there is confusion concerning the concept of the urban living lab and its key components. Some interpret the urban living lab as an approach, others as a single project, and some as a specific place – and some just do not know. In order to unravel this complexity and better understand this concept, we sought to identify the key components of an urban living lab by discussing the perspective of city representatives in the context of an urban living lab project. To achieve this goal, we reviewed previous literature on this topic and carried out two workshops with city representatives, followed by an open-ended questionnaire. In this article, we identify and discuss seven key components of an urban living lab: governance and management structure; financing models; urban context; nature-based solutions; partners and users (including citizens); approach; and ICT and infrastructure. We also offer an empirically derived definition of the urban living lab concept.

Denna studie undersöker för- och nackdelarna med att implementera artificiell intelligens (AI)som ett verktyg inom en Security Operations Center (SOC). Syftet med studien är att undersökaom och hur AI-verktyg kan underlätta incidenthantering inom en SOC, samt vilka nyautmaningar som uppstår.Studien har genomförts genom kvalitativa intervjuer med fyra personer med expertkunskaperinom både AI och cybersäkerhet. Experterna utfrågades om deras syn på AI som ett verktyg, hurde ser på AI och cybersäkerhet, samt hur AI kan appliceras relaterat till de 4 stegen inom NISTincidenthantering; förberedelser, detektion & analys, Identifiera, utrotning & återhämtning samtpost-incident aktivitet.Resultaten visar på både fördelar och nackdelar med att använda AI-verktyg inom SOC inklusiveeffektivare konfigurering av SIEM, lägre antal falska positiva larm, lättad arbetsbörda förSOC-analytiker och hantering av "zero-day" incidenter. Nackdelar inkluderar lägre förklarbarhetav större AI-modeller, juridiska utmaningar och beroendet av bra indata. Slutligen visar studienatt användningen av AI som ett verktyg i SOC kan vara fördelaktigt och att mer forskningbehövs för att utforska specifika tekniker och verktyg.

With an expected 50 billion connected devices by 2020, the Internet of Things (IoT) will reshape our environment with great economic opportunities. However, the IoT market evolution will depend directly on the end-user adoption, so it is necessary to support the Large Scale Pilots (LSPs) in order to actively engage end-users in the large scale pilot design, deployment and assessment. In this paper we are presenting end-user engagement methods, including co-creative workshops, crowdsourcing, Living Labs, and developed online tools and resources for end-user engagement, crowdsourcing and personal data protection.

This paper addresses a need for developing ex-post evaluation for data-driven decisions resulting in collaboration between humans and machines. As a first step of a design science project, we propose four design objectives for an ex-post evaluation solution, from the perspectives of both theory (concepts from the literature) and practice (through a case of industrial production planning): (1) incorporate multi-faceted decision evaluation criteria across the levels of environment, organization, and decision itself and (2) acknowledge temporal requirements of the decision contexts at hand, (3) define applicable mode(s) of collaboration between humans and machines to pursue collaborative rationality, and (4) enable a (potentially automated) feedback loop for learning from the (discrete or continuous) evaluations of past decisions. The design objectives contribute by supporting development of solutions for the observed lack of ex-post methods for evaluating data-driven decisions to enhance human-machine collaboration in decision making. Our future research involves design and implementation efforts through on-going industry-academia cooperation.

Decisions continue to be an essential topic of utmost importance in every research field and era. However, while decision research has extensively offered a wide range of theories, it remains delved in the past, and needs robustness to sustain the future of data-driven decision-making, encompassing topics and technologies such as big data, analytics, machine learning, and automated decisions. Nowadays, decision processes have evolved, the role of humans as decision makers has changed and become inevitably intertwined with the support of machines, rationalities are no longer limited in the same way, data has become an abundant commodity, and the optimizing of decisions is not so far-fetched a tale as it once was in classical times. Accordingly, there is a dire need for new theories to support new phenomena. This paper aims to propose a modern data-driven decision theory, DECAS, to support the new elements of today’s decisions. Our theory extends upon classical decision theory by proposing three main claims: the (big) data and analytics should be considered as separate elements along with the decision-making process, the decision maker, and the decision; the appropriate collaboration between the decision maker and the analytics (machine) can result in a “collaborative rationality,” extending beyond the bounded rationality which decision makers were classically characterized by; and finally, the proper integration of the five elements, and the correct selection of data and analytics, can lead to more informed, and possibly better, decisions.  Hence, the theory is elaborated in the paper, and introduced to some data-driven decision examples.

Decision making has evolved throughout the years, nowadays harnessing massive amounts and types of data through the unprecedented capabilities of data science, analytics, machine learning, and artificial intelligence. This has potentially led to higher quality and more informed decisions based on the collaborative rationality between humans and machines, no longer bounded by the cognitive capacity and limited rationality of each on their own. However, the multiplicity of modes of collaboration and interaction between humans and machines has also increased the complexity of decision making, consequentially complicating ex-ante and ex-post decision evaluation. Nevertheless, evaluation remains crucial to enable human and machine learning, rationalization, and sensemaking. This paper addresses the need for more research on why and how to evaluate collaborative rationality-based decisions, setting the stage for future studies in developing holistic evaluation solutions. By analyzing four relevant streams of literature: 1) classical decision theory and organizational management, 2) cognitive and neuroscience, 3) AI and ML, and 4) data-driven decision making, we highlight the limitations of current literature in considering a holistic evaluation perspective. Finally, we elaborate the theoretical underpinnings from the knowledge base on how humans and machines evaluate decisions, and the considerations for evaluating collaborative rationality-based decisions.

Many technologies have been used in education. Such technologies fall under three main types: learning management systems; education data mining; and AI-enabled technologies. This report focuses on the use of robotics in interactive education. Over the past few years, interest in utilization of robotics in education has increased. Multiple attempts have been made, globally, in order to introduce robotics in education. Our report reveals that robotics have been used in education either in front scene acting as a teacher or in back scene supporting the teaching process. Our report also reveals that robotics are able to address unsolved educational issues such as achievement gaps and teachers gaps, in addition to the assistance it provides in some specific use cases. Further research efforts are indeed required to fully understand the exact role, current and future, or robotics in education. The report also introduce some challenges in using robotics in education e.g., Communication breakdowns, navigation capabilities, and the feeling of remote students

Abstract: Given the different types of artifacts and their various evaluation methods, one of the main challenges faced by researchers in design science research (DSR) is choosing suitable and efficient methods during the artifact evaluation phase. With the emergence of big data analytics, data scientists conducting DSR are also challenged with identifying suitable evaluation mechanisms for their data products. Hence, this conceptual research paper is set out to address the following questions. Does big data analytics impact how evaluation in DSR is conducted? If so, does it lead to a new type of evaluation or a new genre of DSR? We conclude by arguing that big data analytics should influence how evaluation is conducted, but it does not lead to the creation of a new genre of design research.

An analytics-empowered enterprise system looks to many organizations to be a far-fetched target, owing to the vast amounts of factors that need to be controlled across the implementation lifecycle activities, especially during usage and maintenance phases. On the other hand, advanced analytics techniques such as machine learning and data mining have been strongly present in academic as well as industrial arenas through robust classification and prediction. Correspondingly, this paper is set out to address a methodological approach that works on tackling post-live implementation activities, focusing on employing advanced analytics techniques to detect (business process) problems, find and recommend a solution to them, and confirm the solution. The objective is to make enterprise systems self-moderated by reducing the reliance on vendor support. The paper will profile an advanced analytics engine architecture fitted on top of an enterprise system to demonstrate the approach. Employing an advanced analytics engine has the potential to support post-implementation activities. Our research is innovative in two ways: (1) it enables enterprise systems to become self-moderated and increase their availability; and (2) the IT artifact i.e., the analytics engine, has the potential to solve other problems and be used by other systems, e.g., HRIS. This paper is beneficial to businesses implementing enterprise systems. It highlights how enterprise systems could be safeguarded from retirement caused by post-implementation problems.

This research addresses the demanding need for research in healthcare analytics, by explaining how previous studies have used big data, AI, and machine learning to identify, address, or solve healthcare problems. Healthcare science methods are combined with contemporary data science techniques to examine the literature, identify research gaps, and propose a research agenda for researchers, academic institutions, and governmental healthcare organizations. The study contributes to the body of literature by providing a state-of-the-art review of healthcare analytics as well as proposing a research agenda to advance the knowledge in this area. The results of this research can be beneficial for both healthcare science and data science researchers as well as practitioners in the field.

An innovative design process which has been conducted under the restrictions during the covid-19 pandemic is in focus in this study. Visits were banned so user-centred design activities were particularly challenged by the necessity to meet and work online. The purpose of the study is to present and reflect on how user-centred design was done under those conditions. The potential users, the reindeer herders, were merely contacted online, the user investigation were supported by for example using videos and storytelling. Also, the final concept is presented.

This paper problematizes and discuss a change towards new business models in order to highlight some basic challenges of digital transformation needed for Industry 4.0. A particular effort is to discuss if SMEs may have sufficient means to capitalize on such a new paradigm. As an approach to enable problematization and discussion, the paper presents concepts and standpoints that are related to the fourth industrial revolution. For example, the idea of new business models is a concept taken for granted, and is not sufficiently contextualized into digital transformation and Industry 4.0. The discussion sheds some light on the benefit of SMEs' flexibility, while simultaneously it finds mindsets challenges related to change and transformation as critical.

Recently, the Internet of Things (IoT) has emerged as an important way to connect diverse physical devices to the internet. The IoT paves the way for a slew of new cutting-edge applications. Despite the prospective benefits and many security solutions offered in the literature, the security of IoT networks remains a critical concern, considering the massive amount of data generated and transmitted. The resource-constrained, mobile, and heterogeneous nature of the IoT makes it increasingly challenging to preserve security in routing protocols, such as the routing protocol for low-power and lossy networks (RPL). RPL does not offer good protection against routing attacks, such as rank, Sybil, and sinkhole attacks. Therefore, to augment the security of RPL, this article proposes the energy-efficient multi-mobile agent-based trust framework for RPL (MMTM-RPL). The goal of MMTM-RPL is to mitigate internal attacks in IoT-based wireless sensor networks using fog layer capabilities. MMTM-RPL mitigates rank, Sybil, and sinkhole attacks while minimizing energy and message overheads by 25–30% due to the use of mobile agents and dynamic itineraries. MMTM-RPL enhances the security of RPL and improves network lifetime (by 25–30% or more) and the detection rate (by 10% or more) compared to state-of-the-art approaches, namely, DCTM-RPL, RBAM-IoT, RPL-MRC, and DSH-RPL. 

This study is based on an abductive approach and a case study where the purpose is to investigate how students experience online education. The questions to answer in the study are based on the students' experiences of expected digital prior knowledge, their need for digital literacy, what advantages and disadvantages they saw with the digital environments and tools they used and what improvements could be identified. The empirical process was done through semi-structured interviews with thematic analysis as an analysis method, where it emerged that the students felt that there is an expectation from universities that the students should have a digital knowledge prior to attending the university and that they had to be able to work independently. There were shortcomings in the knowledge about the digital tools with the teachers and that meant inadequate support for the students. Despite this, the students were satisfied with their choices to study online, but they had many suggestions for improvement measures, which leaves room for future research linked to the issues.

Digitization continues to accelerate and so does customers’ expectations of businesses and their services. To be able to remain competitive and to maintain pace with the market leaders, high availability and customer service 24/7 is expected. A growing trend to address this requirement is a chatbot. The fear associated with implementing a chatbot is that it may be experienced as cold or impersonal when compared to traditional customer service.

The purpose of this study is to investigate whether it is possible to maintain the personal characteristics of a human customer service during the implementation of a chatbot. To investigate this, a chat bot was developed which and then iteratively tested at a company in the electricity and energy industry. The method used in this implementation was Design Science Research Methodology (DSRM). In each iteration of development, the personal properties of the chatbot were tested against the company's customer service.

The result of the study shows that there is an opportunity to maintain humanity to a certain extent through several identified factors. The most important factors that have been identified are response delay, making sure the word choices align with company values and target audience, as well as follow-up questions that take previous context into account.

This study seeks to enhance current understandings of the risk communication challenges associated with theinformation-related means employed in cyber space to exert inappropriate influence, which frequently focus onparalyzing people and undermining stability. These means can be part of a hybrid warfare strategy located in thegray zone between the poles of peace and war, which indicates the long-term and subtle character of such a strategy.Maneuvers to conceal invasive interventions that mask activities, confuse responses, and disguise actual intentionsconstitute particular challenges. This paper presents the results of a literature review that applied a snowballsampling approach and concentrated on uncovering the threat landscape and recognition of the gray zone. The resultshighlight the emergence of information and cyber conflicts, including state operations and discreditation, along withspecific techniques, such as trolling and bots, in the Swedish context and beyond. The findings illustrate somechallenges for risk communication in information and cyber warfare and their implications for research and practice.