## Paper Type

ERF

## Description

A malicious hacker can compromise the electronic speed limit signs in a smart city, causing an autonomous vehicle to misread the speed limit signs and result in collision or congestion on the pathways. Based on protection-motivation theory (PMT), we propose a Deep Learning-based Cyber-risk Assessment and Mitigation (DL-CRAM) model comprising three modules for the smart city administrator. In line with the threat appraisal component of PMT, our cyber-risk assessment (CRA) module uses a Convolutional Neural Network (CNN) algorithm, takes electronic two-digit speed limit sign images as an input, learns its features, and outputs the probability of misreading it. Then, using the Bayesian inference model, we compute the conditional probability of an autonomous vehicle misreading both the digits or one of the two digits. Subsequently, based on the concepts of risk theory, the cyber-risk quantification (CRQ) module calculates the expected loss for a smart city due to collision or congestion on the pathways. In line with the coping appraisal component of PMT, our cyber-risk mitigation (CRM) module proposes strategies for the smart-city administrator to reduce cyber-risk using technological means and pass the residual risk to third-party cyber-insurer.

## Paper Number

1018

## Recommended Citation

Sharma, Kalpit and Mukhopadhyay, Arunabha, "A deep learning-based Cyber-risk Management framework for smart cities" (2023). *AMCIS 2023 Proceedings*. 1.

https://aisel.aisnet.org/amcis2023/sig_sec/sig_sec/1

A deep learning-based Cyber-risk Management framework for smart cities

A malicious hacker can compromise the electronic speed limit signs in a smart city, causing an autonomous vehicle to misread the speed limit signs and result in collision or congestion on the pathways. Based on protection-motivation theory (PMT), we propose a Deep Learning-based Cyber-risk Assessment and Mitigation (DL-CRAM) model comprising three modules for the smart city administrator. In line with the threat appraisal component of PMT, our cyber-risk assessment (CRA) module uses a Convolutional Neural Network (CNN) algorithm, takes electronic two-digit speed limit sign images as an input, learns its features, and outputs the probability of misreading it. Then, using the Bayesian inference model, we compute the conditional probability of an autonomous vehicle misreading both the digits or one of the two digits. Subsequently, based on the concepts of risk theory, the cyber-risk quantification (CRQ) module calculates the expected loss for a smart city due to collision or congestion on the pathways. In line with the coping appraisal component of PMT, our cyber-risk mitigation (CRM) module proposes strategies for the smart-city administrator to reduce cyber-risk using technological means and pass the residual risk to third-party cyber-insurer.

When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.

## Comments

SIG SEC