@misc{32409, abstract = {{Context: Cryptographic APIs are often misused in real-world applications. Therefore, many cryptographic API misuse detection tools have been introduced. However, there exists no established reference benchmark for a fair and comprehensive comparison and evaluation of these tools. While there are benchmarks, they often only address a subset of the domain or were only used to evaluate a subset of existing misuse detection tools. Objective: To fairly compare cryptographic API misuse detection tools and to drive future development in this domain, we will devise such a benchmark. Openness and transparency in the generation process are key factors to fairly generate and establish the needed benchmark. Method: We propose an approach where we derive the benchmark generation methodology from the literature which consists of general best practices in benchmarking and domain-specific benchmark generation. A part of this methodology is transparency and openness of the generation process, which is achieved by pre-registering this work. Based on our methodology we design CamBench, a fair "Cryptographic API Misuse Detection Tool Benchmark Suite". We will implement the first version of CamBench limiting the domain to Java, the JCA, and static analyses. Finally, we will use CamBench to compare current misuse detection tools and compare CamBench to related benchmarks of its domain.}}, author = {{Schlichtig, Michael and Wickert, Anna-Katharina and Krüger, Stefan and Bodden, Eric and Mezini, Mira}}, keywords = {{cryptography, benchmark, API misuse, static analysis}}, title = {{{CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite}}}, doi = {{10.48550/ARXIV.2204.06447}}, year = {{2022}}, } @phdthesis{32414, author = {{Lass, Michael}}, publisher = {{Universität Paderborn}}, title = {{{Bringing Massive Parallelism and Hardware Acceleration to Linear Scaling Density Functional Theory Through Targeted Approximations}}}, doi = {{10.17619/UNIPB/1-1281}}, year = {{2022}}, } @inproceedings{32410, abstract = {{Static analysis tools support developers in detecting potential coding issues, such as bugs or vulnerabilities. Research on static analysis emphasizes its technical challenges but also mentions severe usability shortcomings. These shortcomings hinder the adoption of static analysis tools, and in some cases, user dissatisfaction even leads to tool abandonment. To comprehensively assess the current state of the art, this paper presents the first systematic usability evaluation in a wide range of static analysis tools. We derived a set of 36 relevant criteria from the scientific literature and gathered a collection of 46 static analysis tools complying with our inclusion and exclusion criteria - a representative set of mainly non-proprietary tools. Then, we evaluated how well these tools fulfill the aforementioned criteria. The evaluation shows that more than half of the considered tools offer poor warning messages, while about three-quarters of the tools provide hardly any fix support. Furthermore, the integration of user knowledge is strongly neglected, which could be used for improved handling of false positives and tuning the results for the corresponding developer. Finally, issues regarding workflow integration and specialized user interfaces are proved further. These findings should prove useful in guiding and focusing further research and development in the area of user experience for static code analyses.}}, author = {{Nachtigall, Marcus and Schlichtig, Michael and Bodden, Eric}}, booktitle = {{Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis}}, isbn = {{9781450393799}}, keywords = {{Automated static analysis, Software usability}}, pages = {{532 -- 543}}, publisher = {{ACM}}, title = {{{A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools}}}, doi = {{10.1145/3533767}}, year = {{2022}}, } @inproceedings{31133, abstract = {{Application Programming Interfaces (APIs) are the primary mechanism that developers use to obtain access to third-party algorithms and services. Unfortunately, APIs can be misused, which can have catastrophic consequences, especially if the APIs provide security-critical functionalities like cryptography. Understanding what API misuses are, and for what reasons they are caused, is important to prevent them, e.g., with API misuse detectors. However, definitions and nominations for API misuses and related terms in literature vary and are diverse. This paper addresses the problem of scattered knowledge and definitions of API misuses by presenting a systematic literature review on the subject and introducing FUM, a novel Framework for API Usage constraint and Misuse classification. The literature review revealed that API misuses are violations of API usage constraints. To capture this, we provide unified definitions and use them to derive FUM. To assess the extent to which FUM aids in determining and guiding the improvement of an API misuses detectors' capabilities, we performed a case study on CogniCrypt, a state-of-the-art misuse detector for cryptographic APIs. The study showed that FUM can be used to properly assess CogniCrypt's capabilities, identify weaknesses and assist in deriving mitigations and improvements. And it appears that also more generally FUM can aid the development and improvement of misuse detection tools.}}, author = {{Schlichtig, Michael and Sassalla, Steffen and Narasimhan, Krishna and Bodden, Eric}}, booktitle = {{2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)}}, keywords = {{API misuses, API usage constraints, classification framework, API misuse detection, static analysis}}, pages = {{673 -- 684}}, title = {{{FUM - A Framework for API Usage constraint and Misuse Classification}}}, doi = {{https://doi.org/10.1109/SANER53432.2022.00085}}, year = {{2022}}, } @misc{32399, author = {{Vahle, Ella}}, title = {{{Modelling and Proving Security for a Secure MPC Protocol for Stable Matching}}}, year = {{2022}}, } @misc{6561, author = {{Hetkämper, Tim}}, title = {{{Visualisierung von Ultraschallfeldern mittels Schlierentechnik und fraktionaler Fouriertransformation}}}, year = {{2022}}, } @misc{6592, author = {{Claes, Leander}}, title = {{{Messverfahren für die akustische Absorption zur Bestimmung der Volumenviskosität}}}, year = {{2022}}, } @inproceedings{31847, abstract = {{The famous $k$-Server Problem covers plenty of resource allocation scenarios, and several variations have been studied extensively for decades. However, to the best of our knowledge, no research has considered the problem if the servers are not identical and requests can express which specific servers should serve them. Therefore, we present a new model generalizing the $k$-Server Problem by *preferences* of the requests and proceed to study it in a uniform metric space for deterministic online algorithms (the special case of paging). In our model, requests can either demand to be answered by any server (*general requests*) or by a specific one (*specific requests*). If only general requests appear, the instance is one of the original $k$-Server Problem, and a lower bound for the competitive ratio of $k$ applies. If only specific requests appear, a solution with a competitive ratio of $1$ becomes trivial since there is no freedom regarding the servers' movements. Perhaps counter-intuitively, we show that if both kinds of requests appear, the lower bound raises to $2k-1$. We study deterministic online algorithms in uniform metrics and present two algorithms. The first one has an adaptive competitive ratio dependent on the frequency of specific requests. It achieves a worst-case competitive ratio of $3k-2$ while it is optimal when only general or only specific requests appear (competitive ratio of $k$ and $1$, respectively). The second has a fixed close-to-optimal worst-case competitive ratio of $2k+14$. For the first algorithm, we show a lower bound of $3k-2$, while the second algorithm has a lower bound of $2k-1$ when only general requests appear. The two algorithms differ in only one behavioral rule for each server that significantly influences the competitive ratio. Each server acting according to the rule allows approaching the worst-case lower bound, while it implies an increased lower bound for $k$-Server instances. In other words, there is a trade-off between performing well against instances of the $k$-Server Problem and instances containing specific requests. We also show that no deterministic online algorithm can be optimal for both kinds of instances simultaneously.}}, author = {{Castenow, Jannik and Feldkord, Björn and Knollmann, Till and Malatyali, Manuel and Meyer auf der Heide, Friedhelm}}, booktitle = {{Proceedings of the 34th ACM Symposium on Parallelism in Algorithms and Architectures}}, isbn = {{9781450391467}}, keywords = {{K-Server Problem, Heterogeneity, Online Caching}}, pages = {{345--356}}, publisher = {{Association for Computing Machinery}}, title = {{{The k-Server with Preferences Problem}}}, doi = {{10.1145/3490148.3538595}}, year = {{2022}}, } @inbook{34023, abstract = {{Decision makers increasingly rely on decision support systems for optimal decision making. Recently, special attention has been paid to process-driven decision support systems (PD-DSS) in which a process model prescribes the invocation sequence of software-based decision support services and the data exchange between them. Thus, it is possible to quickly combine available decision support services as needed for optimally supporting the decision making process of an individual decision maker. However, process modelers may accidentally create a process model which is technically well-formed and executable, but contains functional and behavioral flaws such as redundant or missing services. These flaws may result in inefficient computations or invalid decision recommendations when the corresponding PD-DSS is utilized by a decision maker. In this paper, we therefore propose an approach to validate functionality and behavior of a process model representing a PD-DSS. Our approach is based on expressing flaws as anti-patterns for which the process model can be automatically checked via graph matching. We prototypically implemented our approach and demonstrate its applicability in the context of decision making for energy network planning.}}, author = {{Kirchhoff, Jonas and Engels, Gregor}}, booktitle = {{Software Business}}, isbn = {{9783031207051}}, issn = {{1865-1348}}, pages = {{227----243}}, publisher = {{Springer International Publishing}}, title = {{{Anti-pattern Detection in Process-Driven Decision Support Systems}}}, doi = {{10.1007/978-3-031-20706-8_16}}, volume = {{463}}, year = {{2022}}, } @inproceedings{34040, abstract = {{Consider the practical goal of making a desired action profile played, when the planner can only change the payoffs, bound by stringent constraints. Applications include motivating people to choose the closest school, the closest subway station, or to coordinate on a communication protocol or an investment strategy. Employing subsidies and tolls, we adjust the game so that choosing this predefined action profile becomes strictly dominant. Inspired mainly by the work of Monderer and Tennenholtz, where the promised subsidies do not materialise in the not played profiles, we provide a fair and individually rational game adjustment, such that the total outside investments sum up to zero at any profile, thereby facilitating easy and frequent usage of our adjustment without bearing costs, even if some players behave unexpectedly. The resultant action profile itself needs no adjustment. Importantly, we also prove that our adjustment minimises the general transfer among all such adjustments, counting the total subsidising and taxation.}}, author = {{Polevoy, Gleb and Dziubiński, Marcin}}, booktitle = {{Proceedings of the Thirty-First International Joint Conference on Artificial Intelligence}}, editor = {{De Raedt, Luc}}, keywords = {{adjustment, strictly dominant, fairness, individually rational, transfer, tax, subsidy}}, location = {{Vienna}}, publisher = {{International Joint Conferences on Artificial Intelligence Organization}}, title = {{{Fair, Individually Rational and Cheap Adjustment}}}, doi = {{10.24963/ijcai.2022/64}}, year = {{2022}}, } @inproceedings{33085, author = {{Epstein, Leah and Lassota, Alexandra and Levin, Asaf and Maack, Marten and Rohwedder, Lars}}, booktitle = {{39th International Symposium on Theoretical Aspects of Computer Science, STACS 2022, March 15-18, 2022, Marseille, France (Virtual Conference)}}, editor = {{Berenbrink, Petra and Monmege, Benjamin}}, pages = {{28:1–28:15}}, publisher = {{Schloss Dagstuhl - Leibniz-Zentrum für Informatik}}, title = {{{Cardinality Constrained Scheduling in Online Models}}}, doi = {{10.4230/LIPIcs.STACS.2022.28}}, volume = {{219}}, year = {{2022}}, } @inproceedings{33004, author = {{Wachsmuth, Henning and Alshomary, Milad}}, booktitle = {{Proceedings of the 29th International Conference on Computational Linguistics}}, pages = {{344 -- 354}}, title = {{{"Mama Always Had a Way of Explaining Things So I Could Understand": A Dialogue Corpus for Learning How to Explain}}}, year = {{2022}}, } @article{34049, author = {{Lauscher, Anne and Wachsmuth, Henning and Gurevych, Iryna and Glavaš, Goran}}, journal = {{Transactions of the Association for Computational Linguistics}}, title = {{{On the Role of Knowledge in Computational Argumentation}}}, year = {{2022}}, } @inproceedings{22157, author = {{Kiesel, Johannes and Alshomary, Milad and Handke, Nicolas and Cai, Xiaoni and Wachsmuth, Henning and Stein, Benno}}, booktitle = {{Proceedings of the 60th Annual Meeting of the Association for Computational Linguistics}}, pages = {{4459 -- 4471}}, title = {{{Identifying the Human Values behind Arguments}}}, year = {{2022}}, } @inproceedings{34057, author = {{Pasic, Faruk and Becker, Matthias}}, booktitle = {{2022 IEEE 27th International Conference on Emerging Technologies and Factory Automation (ETFA)}}, publisher = {{IEEE}}, title = {{{Domain-specific Language for Condition Monitoring Software Development}}}, doi = {{10.1109/etfa52439.2022.9921730}}, year = {{2022}}, } @inproceedings{34047, abstract = {{News articles both shape and reflect public opinion across the political spectrum. Analyzing them for social bias can thus provide valuable insights, such as prevailing stereotypes in society and the media, which are often adopted by NLP models trained on respective data. Recent work has relied on word embedding bias measures, such as WEAT. However, several representation issues of embeddings can harm the measures' accuracy, including low-resource settings and token frequency differences. In this work, we study what kind of embedding algorithm serves best to accurately measure types of social bias known to exist in US online news articles. To cover the whole spectrum of political bias in the US, we collect 500k articles and review psychology literature with respect to expected social bias. We then quantify social bias using WEAT along with embedding algorithms that account for the aforementioned issues. We compare how models trained with the algorithms on news articles represent the expected social bias. Our results suggest that the standard way to quantify bias does not align well with knowledge from psychology. While the proposed algorithms reduce the~gap, they still do not fully match the literature.}}, author = {{Spliethöver, Maximilian and Keiff, Maximilian and Wachsmuth, Henning}}, booktitle = {{Proceedings of The 2022 Conference on Empirical Methods in Natural Language Processing (EMNLP 2022)}}, location = {{Abu Dhabi}}, publisher = {{Association for Computational Linguistics}}, title = {{{No Word Embedding Model Is Perfect: Evaluating the Representation Accuracy for Social Bias in the Media}}}, year = {{2022}}, } @inbook{34077, author = {{Bondarenko, Alexander and Fröbe, Maik and Kiesel, Johannes and Syed, Shahbaz and Gurcke, Timon and Beloucif, Meriem and Panchenko, Alexander and Biemann, Chris and Stein, Benno and Wachsmuth, Henning and Potthast, Martin and Hagen, Matthias}}, booktitle = {{Lecture Notes in Computer Science}}, isbn = {{9783030997380}}, issn = {{0302-9743}}, publisher = {{Springer International Publishing}}, title = {{{Overview of Touché 2022: Argument Retrieval}}}, doi = {{10.1007/978-3-030-99739-7_43}}, year = {{2022}}, } @inproceedings{32602, author = {{Padalkin, Andreas and Scheideler, Christian and Warner, Daniel}}, booktitle = {{28th International Conference on DNA Computing and Molecular Programming (DNA 28)}}, editor = {{Ouldridge, Thomas E. and Wickham, Shelley F. J.}}, isbn = {{978-3-95977-253-2}}, issn = {{1868-8969}}, pages = {{8:1–8:22}}, publisher = {{Schloss Dagstuhl – Leibniz-Zentrum für Informatik}}, title = {{{The Structural Power of Reconfigurable Circuits in the Amoebot Model}}}, doi = {{10.4230/LIPIcs.DNA.28.8}}, volume = {{238}}, year = {{2022}}, } @inproceedings{32603, author = {{Kostitsyna, Irina and Scheideler, Christian and Warner, Daniel}}, booktitle = {{28th International Conference on DNA Computing and Molecular Programming (DNA 28)}}, editor = {{Ouldridge, Thomas E. and Wickham, Shelley F. J.}}, isbn = {{978-3-95977-253-2}}, issn = {{1868-8969}}, pages = {{9:1–9:22}}, publisher = {{Schloss Dagstuhl – Leibniz-Zentrum für Informatik}}, title = {{{Fault-Tolerant Shape Formation in the Amoebot Model}}}, doi = {{10.4230/LIPIcs.DNA.28.9}}, volume = {{238}}, year = {{2022}}, } @inproceedings{32811, abstract = {{The decentralized nature of multi-agent systems requires continuous data exchange to achieve global objectives. In such scenarios, Age of Information (AoI) has become an important metric of the freshness of exchanged data due to the error-proneness and delays of communication systems. Communication systems usually possess dependencies: the process describing the success or failure of communication is highly correlated when these attempts are ``close'' in some domain (e.g. in time, frequency, space or code as in wireless communication) and is, in general, non-stationary. To study AoI in such scenarios, we consider an abstract event-based AoI process $\Delta(n)$, expressing time since the last update: If, at time $n$, a monitoring node receives a status update from a source node (event $A(n-1)$ occurs), then $\Delta(n)$ is reset to one; otherwise, $\Delta(n)$ grows linearly in time. This AoI process can thus be viewed as a special random walk with resets. The event process $A(n)$ may be nonstationary and we merely assume that its temporal dependencies decay sufficiently, described by $\alpha$-mixing. We calculate moment bounds for the resulting AoI process as a function of the mixing rate of $A(n)$. Furthermore, we prove that the AoI process $\Delta(n)$ is itself $\alpha$-mixing from which we conclude a strong law of large numbers for $\Delta(n)$. These results are new, since AoI processes have not been studied so far in this general strongly mixing setting. This opens up future work on renewal processes with non-independent interarrival times.}}, author = {{Redder, Adrian and Ramaswamy, Arunselvan and Karl, Holger}}, booktitle = {{Proceedings of the 58th Allerton Conference on Communication, Control, and Computing}}, title = {{{Age of Information Process under Strongly Mixing Communication -- Moment Bound, Mixing Rate and Strong Law}}}, year = {{2022}}, }