Nonlinear instability of density-independent orbital-free kinetic energy functionals

We study in this article the mathematical properties of a class of orbital-free kinetic energy functionals. We prove that these models are linearly stable but nonlinearly unstable, in the sense that the corresponding kinetic energy functionals are not bounded from below. As a matter of illustration, we provide an example of an electronic density of simple shape the kinetic energy of which is negative.Comment: 14 pages, 1 figur

Ariel - Volume 5 Number 5

Editors Mark Dembert J. D. Kanofsky Entertainment Robert Breckenridge Joe Conti Gary Kaskey Photographer Scot Kastner Overseas Editor Mike Sinason Circulation Jay Amsterdam Humorist Jim McCann Staff Ken Jaffe Bob Sklaroff Janet Welsh Dave Jacoby Phil Nimoityn Frank Chervane

Malicious User Experience Design Research for Cybersecurity

This paper explores the factors and theory behind the user-centered research that is necessary to create a successful game-like prototype, and user experience, for malicious users in a cybersecurity context. We explore what is known about successful addictive design in the fields of video games and gambling to understand the allure of breaking into a system, and the joy of thwarting the security to reach a goal or a reward of data. Based on the malicious user research, game user research, and using the GameFlow framework, we propose a novel malicious user experience design approac

Cybersecurity Awareness Platform with Virtual Coach and Automated Challenge Assessment

Over the last years, the number of cyber-attacks on industrial control systems has been steadily increasing. Among several factors, proper software development plays a vital role in keeping these systems secure. To achieve secure software, developers need to be aware of secure coding guidelines and secure coding best practices. This work presents a platform geared towards software developers in the industry that aims to increase awareness of secure software development. The authors also introduce an interactive game component, a virtual coach, which implements a simple artificial intelligence engine based on the laddering technique for interviews. Through a survey, a preliminary evaluation of the implemented artifact with real-world players (from academia and industry) shows a positive acceptance of the developed platform. Furthermore, the players agree that the platform is adequate for training their secure coding skills. The impact of our work is to introduce a new automatic challenge evaluation method together with a virtual coach to improve existing cybersecurity awareness training programs. These training workshops can be easily held remotely or off-line.Comment: Preprint accepted for publication at the 6th Workshop On The Security Of Industrial Control Systems & Of Cyber-Physical Systems (CyberICPS 2020

Cybersecurity awareness platform with virtual coach and automated challenge assessment

Over the last years, the number of cyber-attacks on industrial control systems has been steadily increasing. Among several factors, proper software development plays a vital role in keeping these systems secure. To achieve secure software, developers need to be aware of secure coding guidelines and secure coding best practices. This work presents a platform geared towards software developers in the industry that aims to increase awareness of secure software development. The authors also introduce an interactive game component, a virtual coach, which implements a simple artificial intelligence engine based on the laddering technique for interviews. Through a survey, a preliminary evaluation of the implemented artifact with real-world players (from academia and industry) shows a positive acceptance of the developed platform. Furthermore, the players agree that the platform is adequate for training their secure coding skills. The impact of our work is to introduce a new automatic challenge evaluation method together with a virtual coach to improve existing cybersecurity awareness training programs. These training workshops can be easily held remotely or off-line.info:eu-repo/semantics/acceptedVersio

Design of secure coding challenges for cybersecurity education in the industry

To minimize the possibility of introducing vulnerabilities in source code, software developers in the industry may attend security awareness and secure coding training. One promising novel approach to raise awareness is to use cybersecurity challenges in a capture-the-flag event. In order for this to be effective, the types of challenges must be adequately designed to address the target group. In this work we look at how to design challenges for software developers in an industrial context, based on survey given to security experts by gathering their experience on the field. While our results show that traditional methods seem to be adequate, they also reveal a new class of challenges based on code entry and interaction with an automated coach.info:eu-repo/semantics/acceptedVersio

Hack the room:an augmented reality game for non-experts to learn ethical hacking

Abstract. The shortage of cybersecurity skills caused by a widespread talent drought is having a signifcant economic impact on organizations globally. Several initiatives have been implemented to address this defcit, providing new educational pathways for novice and advanced students. Recently, ethical hacking gamifcation platforms and Capture the Flag (CTF) online games have risen in popularity, offering fun and engaging content that motivate beginners to acquire offensive and defensive cybersecurity skills. However, the use of augmented reality (AR) applications for cybersecurity skill development remains mostly unexplored. Against this backdrop, the overall aim of the thesis is to examine whether CTF games in AR can improve learning outcomes in information security and enhance security situational awareness. Specifcally, we explore how AR gamifcation impacts training and overall experience in the context of ethical hacking tasks. To achieve this, we have created Hack the Room, which is an ethical hacking game developed in Unity, where players use Linux terminals to solve CTF-style tasks. The game can be used for learning key cybersecurity concepts vital for organizations, and target users who have no previous cybersecurity experience, and need to be retrained for future-proofng organizations. In the game, the player has to use simple simple Linux terminal commands like listing fles in directories and reading fles stored in virtual machines hosted in the cloud (CSC Pouta) to reach the predetermined tasks. Each playthrough lasts 20 minutes and features three tasks. The game can be modifed or made more diffcult by changing the tasks in the virtual machine. The main goal of the game is to complete all of the tasks in the game. Our gamifcation concept was evaluated in a feld experiment that included six participants divided into two groups, an expert group (N=3) and a non-expert group (N=3). The expert group responded to a questionnaire that assessed their situational awareness during the game, while the non-expert group responded to a questionnaire that evaluated learning outcomes. The participants reported positive learning outcomes and high situational awareness after playing the game.Hack the room : lisätyn todellisuuden peli eettisen hakkeroinnin oppimiseen. Tiivistelmä. Pula tietoturvaosaamisesta vaikuttaa taloudellisesti organisaatioihin maailmanlaajuisesti. Tämän puutteen korjaamiseksi on tehty useita aloitteita, joissa tarjotaan oppipolkuja aloitteleville sekä edistyneemmille oppillaille. Eettisen hakkeroinnin pelillistämisalustat sekä Capture the Flag- (CTF) (suom. lipunryöstö) verkkopelit ovat lisänneet suosiotaan viime vuosina ja ne tarjoavat hyvän mahdollisuuden vasta-alkajille opetella tietoturvahyökkäämistä ja -puolustamista. Lisätyn todellisuuden hyödyntämistä tietoturvakoulutuksessa ei ole kuitenkaan tutkittu laajalti. Tässä kandidaatin tutkinnossa käsitellään lisätyn todellisuuden hyödyntämistä CTF-peleissä sekä sitä, miten lisätty todellisuus vaikuttaa tietoturvallisuuden ja turvallisuuden tilannetietoisuuden oppimiseen. Käsittelemme erityisesti, miten lisätyn todellisuuden pelillistäminen vaikuttaa harjoitteluun sekä yleiseen kokemukseen eettisissä hakkerointitehtävissä. Tämän mahdollistamiseksi loimme Hack the Roomin, joka on Unityssä kehitetty kyberturvallisuuspeli, jossa pelaajat käyttävät Linux-terminaaleja läpäistäkseen lipunryöstötyyppisiä tehtäviä. Sitä voidaan käyttää työkaluna henkilöiden tietoturvaan tutustuttamiseen, kouluttamiseen ja uudelleen opettamiseen. Pelin tehtävät koostuivat yksinkertaisista tehtävistä, joissa käytettiin Linuxkomentoja, kuten tiedostojen listaamista ja -lukemista. Jokainen pelikerta on 20 minuutin pituinen ja sisältää kolme tehtävää. Peliä voi muokata tarpeiden mukaan, esimerkiksi nostaa vaikeustasoa muuttamalla pelin virtuaalikonetta. Pelin käyttämä virtuaalikone sijaitsee CSC Pouta-palvelimella. Kehittämämme pelillistämiskonsepti evaluoitiin kenttäkokeella. Kokeessa oli 6 osallistujaa, jotka jaettiin kahteen ryhmään. Ryhmät koostuivat asiantuntijoista ja henkilöistä, joilla ei ollut aiempaa kokemusta eettisestä hakkeroinnista. Asiantuntijoiden ryhmä vastasi kyselyyn, joka mittasi heidän tilannetietoisuuttaan ja toinen ryhmä kyselyyn, joka mittasi heidän oppimistaan pelissä. Kenttäkoe osoitti sekä positiivisia oppimistuloksia, että korkeaa tilannetietoisuutta pelissä

On the possiblity of detecting Solar pp-neutrino with a large volume liquid organic scintillator detector

It is shown that a large volume liquid organic scintillator detector with an energy resolution of 10 keV at 200 keV 1 sigma will be sensitive to solar pp-neutrino, if operated at the target radiopurity levels for the Borexino detector, or the solar neutrino project of KamLAND.Comment: 18 pages, 2 figures, 4 tables. Contributed paper to the Nonaccelerating New Neutrino Physic. NANP-2003, Dubna. To be published in Phys.At.Nucl.(2004