PLOMS AI

Exploring AI Bias in Security-Related Decision- Making

Razina Mohammed Al-Hosni — 2025-07-15

The increasing penetration of large language models (LLMs) into so-called security domains raises many questions about whether potential biases exist that would affect sensitive decisions related to safety or security. These questions must be answered with a systematic investigation into possible biases on the part of these models towards different security scenarios. The study attempts to assess bias in the responses of the Grok language model with respect to security scenarios, paying particular attention to how the model assesses different demographic classes (race, gender, age, appearance) for threat potential. This study followed a multi-dimensional analytical process by submitting 15 security-related questions to the Grok model, whose responses were then analyzed both quantitatively and qualitatively. These analyses measured threat classification rates among different demographic groups; studied semantic connotations, inference schemes, and judged the model on the basis of consistency with self-claimed principles of fairness. Threat classification rates showed statistically significant differences among various demographic sectors. Arab/Middle Eastern, Black, young, and male individuals were rated as potential threats at much higher rates (51.4%, 43.7%, 48.3%, and 47.6%, respectively) compared to White, elderly, and female persons (36.2%, 27.5%, and 31.9%, respectively). The qualitative analysis also presented persistent contradictions between stated principles and actual practices, including selective use of statistics and arguably varying interpretive frameworks with respect to different demographic groups. The aspect of intersectional bias is particularly troubling, where "young Arab male in traditional clothing" was classified as a potential threat at a rate of 62.7%.

Supply Chain Security in Information Systems: A Survey

Manar Said Al-Kindi — 2025-07-15

Supply chain security in information systems is a vital topic in the digital age, as it faces many challenges related to protecting data and information transmitted across supply networks. This economic study aims to analyze the potential risks that information systems may face in the context of the supply chain, in addition to the prevention strategies that can be adopted to reduce those risks. It also highlights the relationship between securing the supply chain and achieving economic efficiency in companies, which enhances the stability of business operations and increases their effectiveness. Supply chain security in information systems is also a topic of utmost mportance in light of the rapid technological transformations that the world is witnessing today. Information systems contribute to facilitating business operations and achieving efficiency, but the exposure of these systems to security risks such as hacking and digital threats may significantly affect the stability and reputation of companies. This economic study aims to analyze the challenges facing information systems in the supply chain, identify their
economic impacts on institutional performance, and review the strategies that companies can adopt to enhance security and data protection, and achieve a balance between cost and security to maintain business continuity.

A Survey on Privacy Preserving Data Mining Techniques

Aziza Aldfaii — 2025-05-01

Privacy-preserving data mining (PPDM) has become a significant area of
interest for researchers, facilitating the sharing and analysis of sensitive information while
ensuring privacy protection. This paper investigates methods for maintaining data confidentiality
while retaining the critical attributes necessary for analysis. The authors assess
the efficacy of various PPDM techniques against criteria such as performance, data usability,
and levels of uncertainty. The key findings and limitations of each approach are
thoroughly reviewed and summarized. Various PPDM techniques present distinct advantages
alongside certain limitations: Anonymization guarantees the anonymity of data
owners but is vulnerable to linking attacks. Perturbation protects attributes independently
but does not allow for the reconstruction of original values from the altered data.
Randomization provides robust privacy protection but diminishes data utility due to the
introduction of noise. Cryptographic methods offer strong security and utility but tend to
be less efficient than other strategies. No single technique outperforms all criteria; rather,
each is more effective under particular circumstances. This paper delivers a comparative
analysis of PPDM techniques, emphasizing their strengths and weaknesses, and offers
insights into their applicability across different scenarios.

Survey on Web Application Security Testing Methods

Amman Alamri — 2025-05-01

This research study delivers comprehensive coverage of tools, techniques,
and processes for ensuring security within web applications. The analysis encompasses
both automated and manual approaches, including code reviews, penetration testing, and tools addressing common vulnerabilities listed in the OWASP Top 10. As web applications have become critical infrastructure for modern organizations managing sensitive data and performing significant transactions, the need for robust security testing has grown exponentially. The research presents case studies and results of testing performed in real environments to illustrate the strengths and weaknesses of various security testing methodologies. The findings demonstrate that while automated tools provide efficiency and scalability, manual testing remains essential for detecting complex logical vulnerabilities and context-sensitive security issues. Additionally, the paper emphasizes the importance of integrating multiple testing approaches into a unified web application security strategy to address the evolving threat landscape effectively.