Tooba Aamir

Mohan Baruwal Chhetri, Shahroz Tariq, Tooba Aamir et al.

Frontier AI systems, including large language models and emerging agentic AI tools, offer significant operational benefits but present unique challenges to critical infrastructure (CI) environments due to their non-deterministic and emergent properties. While formal adoption is inherently cautious and tightly controlled due to strict regulatory oversight, widespread accessibility has catalysed shadow AI: the unsanctioned use of frontier AI outside established organisational controls. In CI settings, shadow AI bypasses established assurance and oversight mechanisms, amplifying risks to data protection, decision reliability, and regulatory compliance, with potential consequences for essential service delivery. We present the first empirical study of shadow AI in CI environments, characterising it as a systemic socio-technical condition of assurance erosion. Drawing on semi-structured interviews with senior executives and functional leaders across 27 Australian CI organisations (Communications, Energy, and Water and Sewerage sectors), we analyse how shadow AI manifests in practice, how it interacts with existing technical and governance controls, and the resulting security, assurance, and compliance risks. We develop an empirically derived threat model identifying three primary mechanisms of security degradation: (i) boundary bypass, where data flows circumvent established perimeters; (ii) unassessed capability expansion, where embedded AI features introduce latent risks; and (iii) loss of observability via governance circumvention, undermining forensic auditability and least-privilege enforcement. Our findings demonstrate that shadow AI introduces unmanaged risks that fundamentally challenge existing security and compliance frameworks, necessitating tailored, pathway-aligned governance and control strategies.

Tooba Aamir, Hai Dong, Athman Bouguettaya

We propose a heuristics-based social-sensor cloud service selection and composition model to reconstruct mosaic scenes. The proposed approach leverages crowdsourced social media images to create an image mosaic to reconstruct a scene at a designated location and an interval of time. The novel approach relies on the set of features defined on the bases of the image metadata to determine the relevance and composability of services. Novel heuristics are developed to filter out non-relevant services. Multiple machine learning strategies are employed to produce smooth service composition resulting in a mosaic of relevant images indexed by geolocation and time. The preliminary analytical results prove the feasibility of the proposed composition model.

Tooba Aamir, Hai Dong, Athman Bouguettaya

The extensive use of social media platforms and overwhelming amounts of imagery data creates unique opportunities for sensing, gathering and sharing information about events. One of its potential applications is to leverage crowdsourced social media images to create a tapestry scene for scene analysis of designated locations and time intervals. The existing attempts however ignore the temporal-semantic relevance and spatio-temporal evolution of the images and direction-oriented scene reconstruction. We propose a novel social-sensor cloud (SocSen) service composition approach to form tapestry scenes for scene analysis. The novelty lies in utilising images and image meta-information to bypass expensive traditional image processing techniques to reconstruct scenes. Metadata, such as geolocation, time and angle of view of an image are modelled as non-functional attributes of a SocSen service. Our major contribution lies on proposing a context and direction-aware spatio-temporal clustering and recommendation approach for selecting a set of temporally and semantically similar services to compose the best available SocSen services. Analytical results based on real datasets are presented to demonstrate the performance of the proposed approach.