| 1. |
- Hacks, Simon, et al.
(författare)
-
Towards a Systematic Method for Developing Meta Attack Language Instances
- 2022
-
Ingår i: Enterprise, Business-Process and Information Systems Modeling 23rd International Conference, BPMDS 2022 and 27th International Conference, EMMSAD 2022, Held at CAiSE 2022, Leuven, Belgium, June 6–7, 2022, Proceedings. - Cham : Springer Nature. ; , s. 139-154
-
Konferensbidrag (refereegranskat)abstract
- Successfully developing domain-specific languages (DSLs) demands language engineers to consider their organizational context, which is challenging. Action design research (ADR) provides a conceptual framework to address this challenge. Since ADR’s application to the engineering of DSLs has not yet been examined, we investigate applying it to the development of threat modeling DSLs based on the Meta Attack Language (MAL), a metamodeling language for the specification of domain-specific threat modeling languages. To this end, we conducted a survey with experienced MAL developers on their development activities. We extract guidelines and align these, together with established DSL design guidelines, to the conceptual model of ADR. The research presented, aims to be the first step to investigate whether ADR can be used to systematically engineer DSLs.
|
|
| 2. |
- Kristan, Matej, et al.
(författare)
-
The Sixth Visual Object Tracking VOT2018 Challenge Results
- 2019
-
Ingår i: Computer Vision – ECCV 2018 Workshops. - Cham : Springer Publishing Company. - 9783030110086 - 9783030110093 ; , s. 3-53
-
Konferensbidrag (refereegranskat)abstract
- The Visual Object Tracking challenge VOT2018 is the sixth annual tracker benchmarking activity organized by the VOT initiative. Results of over eighty trackers are presented; many are state-of-the-art trackers published at major computer vision conferences or in journals in the recent years. The evaluation included the standard VOT and other popular methodologies for short-term tracking analysis and a “real-time” experiment simulating a situation where a tracker processes images as if provided by a continuously running sensor. A long-term tracking subchallenge has been introduced to the set of standard VOT sub-challenges. The new subchallenge focuses on long-term tracking properties, namely coping with target disappearance and reappearance. A new dataset has been compiled and a performance evaluation methodology that focuses on long-term tracking capabilities has been adopted. The VOT toolkit has been updated to support both standard short-term and the new long-term tracking subchallenges. Performance of the tested trackers typically by far exceeds standard baselines. The source code for most of the trackers is publicly available from the VOT page. The dataset, the evaluation kit and the results are publicly available at the challenge website (http://votchallenge.net).
|
|
| 3. |
- Kristanl, Matej, et al.
(författare)
-
The Seventh Visual Object Tracking VOT2019 Challenge Results
- 2019
-
Ingår i: 2019 IEEE/CVF INTERNATIONAL CONFERENCE ON COMPUTER VISION WORKSHOPS (ICCVW). - : IEEE COMPUTER SOC. - 9781728150239 ; , s. 2206-2241
-
Konferensbidrag (refereegranskat)abstract
- The Visual Object Tracking challenge VOT2019 is the seventh annual tracker benchmarking activity organized by the VOT initiative. Results of 81 trackers are presented; many are state-of-the-art trackers published at major computer vision conferences or in journals in the recent years. The evaluation included the standard VOT and other popular methodologies for short-term tracking analysis as well as the standard VOT methodology for long-term tracking analysis. The VOT2019 challenge was composed of five challenges focusing on different tracking domains: (i) VOT-ST2019 challenge focused on short-term tracking in RGB, (ii) VOT-RT2019 challenge focused on "real-time" short-term tracking in RGB, (iii) VOT-LT2019 focused on long-term tracking namely coping with target disappearance and reappearance. Two new challenges have been introduced: (iv) VOT-RGBT2019 challenge focused on short-term tracking in RGB and thermal imagery and (v) VOT-RGBD2019 challenge focused on long-term tracking in RGB and depth imagery. The VOT-ST2019, VOT-RT2019 and VOT-LT2019 datasets were refreshed while new datasets were introduced for VOT-RGBT2019 and VOT-RGBD2019. The VOT toolkit has been updated to support both standard short-term, long-term tracking and tracking with multi-channel imagery. Performance of the tested trackers typically by far exceeds standard baselines. The source code for most of the trackers is publicly available from the VOT page. The dataset, the evaluation kit and the results are publicly available at the challenge website(1).
|
|
| 4. |
- Lagerström, Robert, 1981-, et al.
(författare)
-
Threat modeling and attack simulations of smart cities : A literature review and explorative study
- 2020
-
Ingår i: ICISSP 2020 - Proceedings of the 6th International Conference on Information Systems Security and Privacy. - : SciTePress. ; , s. 369-376
-
Konferensbidrag (refereegranskat)abstract
- Digitization has made enterprises and inter-enterprise organizations (e.g. smart cities) increasingly vulnerable to cyber attacks. Malicious actors compromising computers can have potential damage and disruptions. To mitigate cyber threats, the first thing is to identify vulnerabilities, which is difficult as it requires (i) a detailed understanding of the inter-enterprise architecture, and (ii) significant security expertise. Threat modeling supports (i) by documenting the design of the system architecture, and attack simulation supports (ii) by automating the identification of vulnerabilities. This paper presents a systematic literature review and provides a research outlook for threat modeling and attack simulations of smart cities. The results show that little research has been done in this area, and promising approaches are being developed.
|
|
| 5. |
- Liu, Quan, et al.
(författare)
-
Deep reinforcement learning-based safe interaction for industrial human-robot collaboration using intrinsic reward function
- 2021
-
Ingår i: Advanced Engineering Informatics. - : Elsevier BV. - 1474-0346 .- 1873-5320. ; 49
-
Tidskriftsartikel (refereegranskat)abstract
- Aiming at human-robot collaboration in manufacturing, the operator's safety is the primary issue during the manufacturing operations. This paper presents a deep reinforcement learning approach to realize the real-time collision-free motion planning of an industrial robot for human-robot collaboration. Firstly, the safe human robot collaboration manufacturing problem is formulated into a Markov decision process, and the mathematical expression of the reward function design problem is given. The goal is that the robot can autonomously learn a policy to reduce the accumulated risk and assure the task completion time during human-robot collaboration. To transform our optimization object into a reward function to guide the robot to learn the expected behaviour, a reward function optimizing approach based on the deterministic policy gradient is proposed to learn a parameterized intrinsic reward function. The reward function for the agent to learn the policy is the sum of the intrinsic reward function and the extrinsic reward function. Then, a deep reinforcement learning algorithm intrinsic reward-deep deterministic policy gradient (IRDDPG), which is the combination of the DDPG algorithm and the reward function optimizing approach, is proposed to learn the expected collision avoidance policy. Finally, the proposed algorithm is tested in a simulation environment, and the results show that the industrial robot can learn the expected policy to achieve the safety assurance for industrial human-robot collaboration without missing the original target. Moreover, the reward function optimizing approach can help make up for the designed reward function and improve policy performance.
|
|
| 6. |
- Xiong, Dehua, et al.
(författare)
-
Enhanced Performance of p-Type Dye-Sensitized Solar Cells Based on Ultrasmall Mg-Doped CuCrO2 Nanocrystals
- 2013
-
Ingår i: ChemSusChem. - : Wiley. - 1864-5631 .- 1864-564X. ; 6:8, s. 1432-1437
-
Tidskriftsartikel (refereegranskat)abstract
- Herein, we present ultrasmall delafossite-type Mg-doped CuCrO2 nanocrystals prepared by using hydrothermal synthesis and their first application as photocathodes in efficient p-type dye-sensitized solar cells. The short-circuit current density (J(sc)) is notably increased by approximately 27% owing to the decreased crystallite size and the enhanced optical transmittance associated with Mg doping of the CuCrO2 nanocrystalline sample. An open-circuit voltage (V-oc) of 201mV, J(sc) of 1.51mAcm(-2), fill factor of 0.449, and overall photoconversion efficiency of 0.132% have been achieved with the CuCr0.9Mg0.1O2 dye photocathode sensitized with the P1 dye under optimized conditions. This efficiency is nearly threetimes higher than that of the NiO-based reference device, which is attributed to the largely improved V-oc and J(sc). The augmentation of V-oc and J(sc) can be attributed to the lower valance band position and the faster hole diffusion coefficient of CuCr0.9Mg0.1O2 compared to those of the NiO reference, respectively, which leads to a higher hole collection efficiency.
|
|
| 7. |
- Xiong, Min, et al.
(författare)
-
Tailoring Phase Purity in the 2D/3D Perovskite Heterostructures Using Lattice Mismatch
- 2022
-
Ingår i: ACS Energy Letters. - : AMER CHEMICAL SOC. - 2380-8195. ; 7:1, s. 550-559
-
Tidskriftsartikel (refereegranskat)abstract
- Although the fabrication of two-dimensional (2D)/three-dimensional (3D) halide perovskite heterostructures has been employed to balance the long-term stability and high efficiency of perovskite solar cells, the formation of metastable quasi-2D perovskites remains the most serious challenge. Here, we demonstrate that large lattice mismatch derived from halide and cation differences between 2D and 3D perovskites are key to avoiding the formation of unintended 2D phases in the preparation of 2D/3D bulk heterostructure because the phase transformation becomes less thermodynamically favorable. Specifically, by employing chloride 2D perovskite (PYA)(2) PbCl4 (PYA = propargylammonium) crystals into a 3D precursor solution, we achieve a phase-pure 2D/3D heterojunction with clean type-I band alignment, which exhibits greatly reduced charge recombination. Furthermore, the incorporation of alkyne perovskites is also shown to suppress iodine diffusion and formation due to their exceptional iodine capture capacity. The resultant 2D/3D heterostructured devices exhibited enhanced efficiencies and stabilities compared with their 3D counterparts.
|
|
| 8. |
- Xiong, Wenjun, et al.
(författare)
-
A Method for Assigning Probability Distributions in Attack Simulation Languages
- 2021
-
Ingår i: Complex Systems Informatics and Modeling Quarterly. - : Riga Technical University. - 2255-9922. ; :26, s. 55-77
-
Tidskriftsartikel (refereegranskat)abstract
- Cyber attacks on IT and OT systems can have severe consequences for individuals and organizations, from water or energy distribution systems to online banking services. To respond to these threats, attack simulations can be used to assess the cyber security of systems to foster a higher degree of resilience against cyber attacks; the steps taken by an attacker to compromise sensitive system assets can be traced, and a time estimate can be computed from the initial step to the compromise of assets of interest.Previously, the Meta Attack Language (MAL) was introduced as a framework to develop security-oriented domain-specific languages. It allows attack simulations on modeled systems and analyzes weaknesses related to known attacks. To produce more realistic simulation results, probability distributions can be assigned to attack steps and defenses to describe the efforts required for attackers to exploit certain attack steps. However, research on assessing such probability distributions is scarce, and we often rely on security experts to model attackers’ efforts. To address this gap, we propose a method to assign probability distributions to the attack steps and defenses of MAL-based languages. We demonstrate the proposed method by assigning probability distributions to a MAL-based language. Finally, the resulting language is evaluated by modeling and simulating a known cyber attack.
|
|
| 9. |
- Xiong, Wenjun, et al.
(författare)
-
A Method for Quality Assessment of Threat Modeling Languages : The Case of enterpriseLang
- 2021
-
Ingår i: CEUR Workshop Proceedings. - Riga, Latvia : CEUR-WS. ; , s. 49-58
-
Konferensbidrag (refereegranskat)abstract
- Enterprise systems are growing in complexity, and the adoption of cloud and mobile services has greatly increased the attack surface. To proactively address these security issues in enterprise systems, a threat modeling language for enterprise systems called enterpriseLang was proposed. It is a domain-specific language (DSL) designed using the Meta Attack Language (MAL) framework and focuses on describing system assets, attack steps, defenses, and asset associations. The threat models can serve as input for attack simulations to analyze the behavior of attackers within the system. However, whether and to what extent the functionality of these threat modeling languages is achieved has not been addressed. To ensure the correct functionality of threat modeling languages, this paper proposes a method to assess the quality of such languages and illustrates its application using enterpriseLang.
|
|
| 10. |
- Xiong, Wenjun, et al.
(författare)
-
A Study of Security Vulnerabilities and Software Weaknesses in Vehicles
- 2019
-
Ingår i: Nordic Conference on Secure IT Systems. - Aalborg, Denmark : Springer. ; , s. 204-218
-
Konferensbidrag (refereegranskat)abstract
- In this paper, we conduct an empirical study with the purpose of identifying common security vulnerabilities discovered in vehicles. The vulnerability information is gathered for 60 vehicle OEMs (Original Equipment Manufacturers) and common vehicle components from the National Vulnerability Database (NVD). Each vulnerability (CVE) is analyzed with respect to its software weakness type (CWE) and severity score (CVSS). 44 unique CVEs were found in NVD and analyzed. The analysis results show that about 50% of the vulnerabilities fall into the medium severity category, and the three most common software weaknesses reported are protection mechanism failure, buffer errors, and information disclosure.
|
|
