Vulnerability and Mitigation Strategies for Secure Expert Systems

A group of computer programs and empirical/factual dataset that simulates a person or an organization’s decision and actions with expert knowledge and experience in a particular field constitutes an Expert System. Typically, an expert system has four components namely: The User Interface, Knowledge Base (Davis et al. in AI Mag 14(1):17–33, 1993, [1]), Inference Engine, and Explanation System. The User Interface establishes a communication channel between user and the expert systems’ problem-solving processes, while the Knowledge Base is created with the input gathered from the outside world obtained using User Interface. It is really a challenging task to conceptualize, design, and develop an expert system with the complexity of today’s environment while assuring that the systems are trustworthy and secure. At the same time, finding and knowing all potential forms of adversity, disruptions, and threats is nearly impossible (Bass et al. in Software architecture in practice, 3rd edn. Addison-Wesley,Upper Saddle River, 2012, [2]). The fundamental design and structure of the system can make itself less susceptible and flexible with strength that can be utilized by the system’s proprietors and administrators. In this paper, we present few attacks on the expert system and their mitigation techniques.