在联合学习（FL）中，一组参与者共享与将更新结合到全局模型中的聚合服务器在本地数据上计算的更新。但是，将准确性与隐私和安全性进行调和是FL的挑战。一方面，诚实参与者发送的良好更新可能会揭示其私人本地信息，而恶意参与者发送的中毒更新可能会损害模型的可用性和/或完整性。另一方面，通过更新失真赔偿准确性增强隐私，而通过更新聚合损坏安全性，因为它不允许服务器过滤掉单个中毒更新。为了解决准确性私人关系冲突，我们提出{\ em碎片的联合学习}（FFL），其中参与者在将其发送到服务器之前，随机交换并混合其更新的片段。为了获得隐私，我们设计了一个轻巧的协议，该协议允许参与者私下交换和混合其更新的加密片段，以便服务器既不能获得单个更新，也不能将其链接到其发起人。为了实现安全性，我们设计了针对FFL量身定制的基于声誉的防御，该防御根据他们交换的片段质量以及他们发送的混合更新来建立对参与者及其混合更新的信任。由于交换的片段的参数可以保持其原始坐标和攻击者可以中和，因此服务器可以从接收到的混合更新中正确重建全局模型而不会准确损失。四个真实数据集的实验表明，FFL可以防止半冬季服务器安装隐私攻击，可以有效地抵抗中毒攻击，并可以保持全局模型的准确性。

联合学习（FL）通过设计为参与同行提供了自主性和隐私，他们合作地建立了机器学习（ML）模型，同时将其私人数据保存在设备中。但是，同样的自主权通过进行不靶向或有针对性的中毒攻击来使恶意同伴毒害该模型的大门打开了大门。标签弹性（LF）攻击是一种有针对性的中毒攻击，攻击者通过将一些示例的标签从一个类（即源类）转换为另一个类别（即目标类别）来毒害他们的训练数据。不幸的是，这种攻击易于执行，难以检测，并且对全球模型的性能产生负面影响。现有针对LF的防御措施受到对同龄人数据分布和/或使用高维模型的表现不佳的假设的限制。在本文中，我们深入研究了LF攻击行为，并发现攻击者和诚实的同伴在源类示例上的矛盾目标反映在与输出层中源和目标类的相对应的参数梯度中梯度良好的攻击检测特征。因此，我们提出了一种新颖的防御，首先将这些梯度从同龄人的本地更新中动态提取，然后将提取的梯度簇，分析产生的簇，并在模型聚合之前过滤潜在的不良更新。对三个数据集的广泛经验分析显示，无论数据分布或模型维度如何，建议的防御力对LF攻击的有效性。此外，拟议的防御能力通过提供较低的测试错误，更高的总体准确性，更高的源类准确性，较低的攻击成功率和较高的源类准确性稳定性来优于几个最先进的防御能力。

我们审查在机器学习（ML）中使用差异隐私（DP）对隐私保护的使用。我们表明，在维护学习模型的准确性的驱动下，基于DP的ML实现非常宽松，以至于它们不提供DP的事前隐私保证。取而代之的是，他们提供的基本上是与传统（经常受到批评的）统计披露控制方法相似的噪声。由于缺乏正式的隐私保证，因此所提供的实际隐私水平必须经过实验评估，这很少进行。在这方面，我们提出的经验结果表明，ML中的标准反拟合技术可以比DP实现更好的实用性/隐私/效率权衡。

Modelling and forecasting real-life human behaviour using online social media is an active endeavour of interest in politics, government, academia, and industry. Since its creation in 2006, Twitter has been proposed as a potential laboratory that could be used to gauge and predict social behaviour. During the last decade, the user base of Twitter has been growing and becoming more representative of the general population. Here we analyse this user base in the context of the 2021 Mexican Legislative Election. To do so, we use a dataset of 15 million election-related tweets in the six months preceding election day. We explore different election models that assign political preference to either the ruling parties or the opposition. We find that models using data with geographical attributes determine the results of the election with better precision and accuracy than conventional polling methods. These results demonstrate that analysis of public online data can outperform conventional polling methods, and that political analysis and general forecasting would likely benefit from incorporating such data in the immediate future. Moreover, the same Twitter dataset with geographical attributes is positively correlated with results from official census data on population and internet usage in Mexico. These findings suggest that we have reached a period in time when online activity, appropriately curated, can provide an accurate representation of offline behaviour.

In the last years, the number of IoT devices deployed has suffered an undoubted explosion, reaching the scale of billions. However, some new cybersecurity issues have appeared together with this development. Some of these issues are the deployment of unauthorized devices, malicious code modification, malware deployment, or vulnerability exploitation. This fact has motivated the requirement for new device identification mechanisms based on behavior monitoring. Besides, these solutions have recently leveraged Machine and Deep Learning techniques due to the advances in this field and the increase in processing capabilities. In contrast, attackers do not stay stalled and have developed adversarial attacks focused on context modification and ML/DL evaluation evasion applied to IoT device identification solutions. This work explores the performance of hardware behavior-based individual device identification, how it is affected by possible context- and ML/DL-focused attacks, and how its resilience can be improved using defense techniques. In this sense, it proposes an LSTM-CNN architecture based on hardware performance behavior for individual device identification. Then, previous techniques have been compared with the proposed architecture using a hardware performance dataset collected from 45 Raspberry Pi devices running identical software. The LSTM-CNN improves previous solutions achieving a +0.96 average F1-Score and 0.8 minimum TPR for all devices. Afterward, context- and ML/DL-focused adversarial attacks were applied against the previous model to test its robustness. A temperature-based context attack was not able to disrupt the identification. However, some ML/DL state-of-the-art evasion attacks were successful. Finally, adversarial training and model distillation defense techniques are selected to improve the model resilience to evasion attacks, without degrading its performance.

Cybercriminals are moving towards zero-day attacks affecting resource-constrained devices such as single-board computers (SBC). Assuming that perfect security is unrealistic, Moving Target Defense (MTD) is a promising approach to mitigate attacks by dynamically altering target attack surfaces. Still, selecting suitable MTD techniques for zero-day attacks is an open challenge. Reinforcement Learning (RL) could be an effective approach to optimize the MTD selection through trial and error, but the literature fails when i) evaluating the performance of RL and MTD solutions in real-world scenarios, ii) studying whether behavioral fingerprinting is suitable for representing SBC's states, and iii) calculating the consumption of resources in SBC. To improve these limitations, the work at hand proposes an online RL-based framework to learn the correct MTD mechanisms mitigating heterogeneous zero-day attacks in SBC. The framework considers behavioral fingerprinting to represent SBCs' states and RL to learn MTD techniques that mitigate each malicious state. It has been deployed on a real IoT crowdsensing scenario with a Raspberry Pi acting as a spectrum sensor. More in detail, the Raspberry Pi has been infected with different samples of command and control malware, rootkits, and ransomware to later select between four existing MTD techniques. A set of experiments demonstrated the suitability of the framework to learn proper MTD techniques mitigating all attacks (except a harmfulness rootkit) while consuming <1 MB of storage and utilizing <55% CPU and <80% RAM.

We present a Machine Learning (ML) study case to illustrate the challenges of clinical translation for a real-time AI-empowered echocardiography system with data of ICU patients in LMICs. Such ML case study includes data preparation, curation and labelling from 2D Ultrasound videos of 31 ICU patients in LMICs and model selection, validation and deployment of three thinner neural networks to classify apical four-chamber view. Results of the ML heuristics showed the promising implementation, validation and application of thinner networks to classify 4CV with limited datasets. We conclude this work mentioning the need for (a) datasets to improve diversity of demographics, diseases, and (b) the need of further investigations of thinner models to be run and implemented in low-cost hardware to be clinically translated in the ICU in LMICs. The code and other resources to reproduce this work are available at https://github.com/vital-ultrasound/ai-assisted-echocardiography-for-low-resource-countries.

Explainability is a vibrant research topic in the artificial intelligence community, with growing interest across methods and domains. Much has been written about the topic, yet explainability still lacks shared terminology and a framework capable of providing structural soundness to explanations. In our work, we address these issues by proposing a novel definition of explanation that is a synthesis of what can be found in the literature. We recognize that explanations are not atomic but the product of evidence stemming from the model and its input-output and the human interpretation of this evidence. Furthermore, we fit explanations into the properties of faithfulness (i.e., the explanation being a true description of the model's decision-making) and plausibility (i.e., how much the explanation looks convincing to the user). Using our proposed theoretical framework simplifies how these properties are ope rationalized and provide new insight into common explanation methods that we analyze as case studies.

We propose a learning-based methodology to reconstruct private information held by a population of interacting agents in order to predict an exact outcome of the underlying multi-agent interaction process, here identified as a stationary action profile. We envision a scenario where an external observer, endowed with a learning procedure, is allowed to make queries and observe the agents' reactions through private action-reaction mappings, whose collective fixed point corresponds to a stationary profile. By adopting a smart query process to iteratively collect sensible data and update parametric estimates, we establish sufficient conditions to assess the asymptotic properties of the proposed learning-based methodology so that, if convergence happens, it can only be towards a stationary action profile. This fact yields two main consequences: i) learning locally-exact surrogates of the action-reaction mappings allows the external observer to succeed in its prediction task, and ii) working with assumptions so general that a stationary profile is not even guaranteed to exist, the established sufficient conditions hence act also as certificates for the existence of such a desirable profile. Extensive numerical simulations involving typical competitive multi-agent control and decision making problems illustrate the practical effectiveness of the proposed learning-based approach.

Nature-inspired optimization Algorithms (NIOAs) are nowadays a popular choice for community detection in social networks. Community detection problem in social network is treated as optimization problem, where the objective is to either maximize the connection within the community or minimize connections between the communities. To apply NIOAs, either of the two, or both objectives are explored. Since NIOAs mostly exploit randomness in their strategies, it is necessary to analyze their performance for specific applications. In this paper, NIOAs are analyzed on the community detection problem. A direct comparison approach is followed to perform pairwise comparison of NIOAs. The performance is measured in terms of five scores designed based on prasatul matrix and also with average isolability. Three widely used real-world social networks and four NIOAs are considered for analyzing the quality of communities generated by NIOAs.