@phdthesis{116, author = {{Liske, Gennadij}}, publisher = {{Universität Paderborn}}, title = {{{CCA-Security for Predicate Encryption Schemes}}}, doi = {{10.17619/UNIPB/1-220}}, year = {{2017}}, } @inproceedings{17652, author = {{Polevoy, Gleb and Trajanovski, Stojan and Grosso, Paola and de Laat, Cees}}, booktitle = {{Combinatorial Optimization and Applications: 11th International Conference, COCOA 2017, Shanghai, China, December 16-18, 2017, Proceedings, Part I}}, isbn = {{978-3-319-71150-8}}, keywords = {{flow, filter, MMSA, set cover, approximation, local ratio algorithm}}, pages = {{3--17}}, publisher = {{Springer International Publishing}}, title = {{{Filtering Undesirable Flows in Networks}}}, doi = {{10.1007/978-3-319-71150-8_1}}, year = {{2017}}, } @inproceedings{17653, author = {{Polevoy, Gleb and de Weerdt, M.M.}}, booktitle = {{Proceedings of the 29th Benelux Conference on Artificial Intelligence}}, keywords = {{interaction, reciprocation, contribute, shared effort, curbing, convergence, threshold, Nash equilibrium, social welfare, efficiency, price of anarchy, price of stability}}, publisher = {{Springer}}, title = {{{Reciprocation Effort Games}}}, year = {{2017}}, } @inproceedings{17654, author = {{Polevoy, Gleb and de Weerdt, M.M.}}, booktitle = {{Proceedings of the 29th Benelux Conference on Artificial Intelligence}}, keywords = {{agents, projects, contribute, shared effort game, competition, quota, threshold, Nash equilibrium, social welfare, efficiency, price of anarchy, price of stability}}, publisher = {{Springer}}, title = {{{Competition between Cooperative Projects}}}, year = {{2017}}, } @inproceedings{1767, abstract = {{Conditional Value-at-Risk, denoted as CVaRα, is becoming the prevailing measure of risk over two paramount economic domains: the insurance domain and the financial domain; α∈(0,1) is the confidence level. In this work, we study the strategic equilibria for an economic system modeled as a game, where risk-averse players seek to minimize the Conditional Value-at-Risk of their costs. Concretely, in a CVaRα -equilibrium, the mixed strategy of each player is a best-response. We establish two significant properties of CVaRα at equilibrium: (1) The Optimal-Value property: For any best-response of a player, each mixed strategy in the support gives the same cost to the player. This follows directly from the concavity of CVaRα in the involved probabilities, which we establish. (2) The Crawford property: For every α, there is a 2-player game with no CVaRα-equilibrium. The property is established using the Optimal-Value property and a new functional property of CVaRα, called Weak-Equilibrium-for- VaRα, we establish. On top of these properties, we show, as one of our two main results, that deciding the existence of a CVaRα-equilibrium is strongly NP-hard even for 2-player games. As our other main result, we show the strong NP-hardness of deciding the existence of a V-equilibrium, over 2-player games, for any valuation V with the Optimal-Value and the Crawford properties. This result has a rich potential since we prove that the very significant and broad class of strictly quasiconcave valuations has the Optimal-Value property.}}, author = {{Mavronicolas, Marios and Monien, Burkhard}}, booktitle = {{Proceedings of the 10th International Symposium on Algorithmic Game Theory (SAGT 2017)}}, location = {{L'Aquila, Italy}}, pages = {{131----143}}, title = {{{Conditional Value-at-Risk: Structure and Complexity of Equilibria}}}, doi = {{10.1007/978-3-319-66700-3_11}}, volume = {{10504}}, year = {{2017}}, } @unpublished{17811, abstract = {{We consider a swarm of $n$ autonomous mobile robots, distributed on a 2-dimensional grid. A basic task for such a swarm is the gathering process: All robots have to gather at one (not predefined) place. A common local model for extremely simple robots is the following: The robots do not have a common compass, only have a constant viewing radius, are autonomous and indistinguishable, can move at most a constant distance in each step, cannot communicate, are oblivious and do not have flags or states. The only gathering algorithm under this robot model, with known runtime bounds, needs $\mathcal{O}(n^2)$ rounds and works in the Euclidean plane. The underlying time model for the algorithm is the fully synchronous $\mathcal{FSYNC}$ model. On the other side, in the case of the 2-dimensional grid, the only known gathering algorithms for the same time and a similar local model additionally require a constant memory, states and "flags" to communicate these states to neighbors in viewing range. They gather in time $\mathcal{O}(n)$. In this paper we contribute the (to the best of our knowledge) first gathering algorithm on the grid that works under the same simple local model as the above mentioned Euclidean plane strategy, i.e., without memory (oblivious), "flags" and states. We prove its correctness and an $\mathcal{O}(n^2)$ time bound in the fully synchronous $\mathcal{FSYNC}$ time model. This time bound matches the time bound of the best known algorithm for the Euclidean plane mentioned above. We say gathering is done if all robots are located within a $2\times 2$ square, because in $\mathcal{FSYNC}$ such configurations cannot be solved.}}, author = {{Fischer, Matthias and Jung, Daniel and Meyer auf der Heide, Friedhelm}}, booktitle = {{arXiv:1702.03400}}, title = {{{Gathering Anonymous, Oblivious Robots on a Grid}}}, year = {{2017}}, } @inproceedings{2343, author = {{Löken, Nils}}, booktitle = {{Proceedings of the 12th International Conference on Availability, Reliability and Security - ARES '17}}, isbn = {{9781450352574}}, publisher = {{ACM Press}}, title = {{{Searchable Encryption with Access Control}}}, doi = {{10.1145/3098954.3098987}}, year = {{2017}}, } @inproceedings{2344, author = {{Blömer, Johannes and Günther, Peter and Krummel, Volker and Löken, Nils}}, booktitle = {{Foundations and Practice of Security}}, isbn = {{9783319756493}}, issn = {{0302-9743}}, pages = {{3--17}}, publisher = {{Springer International Publishing}}, title = {{{Attribute-Based Encryption as a Service for Access Control in Large-Scale Organizations}}}, doi = {{10.1007/978-3-319-75650-9_1}}, year = {{2017}}, } @inbook{2381, abstract = {{Metric facility location and K-means are well-known problems of combinatorial optimization. Both admit a fairly simple heuristic called single-swap, which adds, drops or swaps open facilities until it reaches a local optimum. For both problems, it is known that this algorithm produces a solution that is at most a constant factor worse than the respective global optimum. In this paper, we show that single-swap applied to the weighted metric uncapacitated facility location and weighted discrete K-means problem is tightly PLS-complete and hence has exponential worst-case running time.}}, author = {{Brauer, Sascha}}, booktitle = {{Lecture Notes in Computer Science}}, editor = {{Fotakis, Dimitris and Pagourtzis, Aris and Paschos, Vangelis Th.}}, isbn = {{9783319575858}}, issn = {{0302-9743}}, location = {{Athens, Greece}}, pages = {{116--127}}, publisher = {{Springer International Publishing}}, title = {{{Complexity of Single-Swap Heuristics for Metric Facility Location and Related Problems}}}, doi = {{10.1007/978-3-319-57586-5_11}}, volume = {{10236}}, year = {{2017}}, } @inbook{20552, abstract = {{Das Zukunftsszenario der Industrie 4.0 ist gepr{\"a}gt durch einen massiven Anstieg der unternehmens{\"u}bergreifenden Vernetzung. Um einer Bedrohung durch unautorisierte Weitergabe oder Sabotage vertraulicher Daten entgegenzuwirken, muss der Informationssicherheit bereits im Entwurf der cyber-physischen Produktionssysteme ein hoher Stellenwert einger{\"a}umt werden. Dieses Paradigma wird als Security by Design bezeichnet. {\"U}ber den gesamten Entstehungsprozess hinweg muss nachverfolgt werden k{\"o}nnen, ob die Systeme spezifische Anforderungen an die Informationssicherheit erf{\"u}llen und damit die Eigenschaft der Industrial Security gew{\"a}hrleisten. Dieser Beitrag stellt einen Entwurfsansatz zur Nachverfolgung der Informationssicherheit vor, der durch Integration softwaretechnischer Methoden in das Systems Engineering eine Entwicklung nach dem Paradigma Security by Design erm{\"o}glicht.}}, author = {{Gerking, Christopher and Bodden, Eric and Schäfer, Wilhelm}}, booktitle = {{Handbuch Gestaltung digitaler und vernetzter Arbeitswelten}}, editor = {{Maier, Günter W. and Engels, Gregor and Steffen, Eckhard}}, isbn = {{978-3-662-52903-4}}, keywords = {{ITSECWEBSITE}}, pages = {{1--24}}, publisher = {{Springer Berlin Heidelberg}}, title = {{{Industrial Security by Design}}}, doi = {{10.1007/978-3-662-52903-4_8-1}}, year = {{2017}}, } @article{20553, abstract = {{Finding and fixing software vulnerabilities have become a major struggle for most software development companies. While generally without alternative, such fixing efforts are a major cost factor, which is why companies have a vital interest in focusing their secure software development activities such that they obtain an optimal return on this investment. We investigate, in this paper, quantitatively the major factors that impact the time it takes to fix a given security issue based on data collected automatically within SAP's secure development process, and we show how the issue fix time could be used to monitor the fixing process. We use three machine learning methods and evaluate their predictive power in predicting the time to fix issues. Interestingly, the models indicate that vulnerability type has less dominant impact on issue fix time than previously believed. The time it takes to fix an issue instead seems much more related to the component in which the potential vulnerability resides, the project related to the issue, the development groups that address the issue, and the closeness of the software release date. This indicates that the software structure, the fixing processes, and the development groups are the dominant factors that impact the time spent to address security issues. SAP can use the models to implement a continuous improvement of its secure software development process and to measure the impact of individual improvements. The development teams at SAP develop different types of software, adopt different internal development processes, use different programming languages and platforms, and are located in different cities and countries. Other organizations, may use the results---with precaution---and be learning organizations.}}, author = {{Ben Othmane, Lotfi and Chehrazi, Golriz and Bodden, Eric and Tsalovski, Petar and Brucker, Achim D.}}, issn = {{2364-1541}}, journal = {{Data Science and Engineering}}, number = {{2}}, pages = {{107--124}}, title = {{{Time for Addressing Software Security Issues: Prediction Models and Impacting Factors}}}, doi = {{https://doi.org/10.1007/s41019-016-0019-8}}, volume = {{2}}, year = {{2017}}, } @techreport{20554, author = {{Bodden, Eric}}, title = {{{Self-adaptive static analysis}}}, year = {{2017}}, } @article{20557, author = {{Lillack, Max and Kästner, Christian and Bodden, Eric}}, issn = {{0098-5589}}, journal = {{IEEE Transactions on Software Engineering}}, keywords = {{Androids, Bluetooth, Humanoid robots, Java, Software, Tools, Configuration options, Static analysis, Variability mining}}, number = {{99}}, pages = {{1--1}}, title = {{{Tracking Load-time Configuration Options}}}, doi = {{10.1109/TSE.2017.2756048}}, volume = {{PP}}, year = {{2017}}, } @inproceedings{20558, author = {{Krüger, Stefan and Nadi, Sarah and Reif, Michael and Ali, Karim and Mezini, Mira and Bodden, Eric and Göpfert, Florian and Günther, Felix and Weinert, Christian and Demmler, Daniel and Kamath, Ram}}, booktitle = {{International Conference on Automated Software Engineering (ASE 2017), Tool Demo Track}}, keywords = {{ITSECWEBSITE, CROSSING}}, title = {{{CogniCrypt: Supporting Developers in using Cryptography}}}, year = {{2017}}, } @inproceedings{20559, author = {{Do, Lisa Nguyen Quang and Ali, Karim and Livshits, Benjamin and Bodden, Eric and Smith, Justin and Murphy-Hill, Emerson}}, booktitle = {{Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis}}, isbn = {{978-1-4503-5076-1}}, keywords = {{Just-in-Time, Layered analysis, Static analysis}}, pages = {{307--317}}, publisher = {{ACM}}, title = {{{Just-in-time Static Analysis}}}, doi = {{10.1145/3092703.3092705}}, year = {{2017}}, } @inproceedings{20715, author = {{Nguyen Quang Do, Lisa and Ali, Karim and Livshits, Benjamin and Bodden, Eric and Smith, Justin and Murphy-Hill, Emerson}}, booktitle = {{International Conference for Software Engineering (ICSE), Tool Demonstrations Track}}, keywords = {{ATTRACT, ITSECWEBSITE}}, title = {{{Cheetah: Just-in-Time Taint Analysis for Android Apps}}}, year = {{2017}}, } @inproceedings{20792, author = {{Schivo, Stefano and Yildiz., Bugra M. and Ruijters, Enno and Gerking, Christopher and Kumar, Rajesh and Dziwok, Stefan and Rensink, Arend and Stoelinga, Mariëlle}}, booktitle = {{Dependable Software Engineering, 3rd International Symposium (SETTA 2017)}}, editor = {{Larsen, Kim G. and Sokolsky, Oleg and Wang, Ji}}, number = {{10606}}, pages = {{319--336}}, publisher = {{Springer}}, title = {{{How to Efficiently Build a Front-End Tool for UPPAAL: A Model-Driven Approach}}}, doi = {{10.1007/978-3-319-69483-2_19}}, year = {{2017}}, } @phdthesis{20794, abstract = {{Cyber-physische Systeme (CPSs) sind die nächste Generation von eingebetteten Systemen, die fortwährend ihre Zusammenarbeit koordinieren, um anspruchsvolle Funktionen zu erfüllen. Die Koordination zwischen ihnen kann in Software mittels asynchroner Nachrichtenkommunikation realisiert werden. Um die funktionale Korrektheit der Software zu gewährleisten, ist aufgrund der Kritikalität dieser Systeme eine formale Verifikation wie z.B. Model Checking notwendig. Die Eingabesprache eines Model Checkers unterstützt jedoch domänenspezifische Aspekte wie asynchrone Kommunikation nicht direkt, wodurch diese vom Softwareingenieur mittels zahlreicher Modellelemente spezifiziert werden müssen. Dies ist hochgradig komplex und somit fehleranfällig. Im Rahmen dieser Arbeit wird eine modellgetriebene Methode zur domänenspezifischen Spezifikation und vollautomatischen Verifikation der nachrichtenbasierten Koordination von CPSs präsentiert. Mit Hilfe dieser Methode kann der Softwareingenieur die Koordination kompakt modellieren und muss nicht länger verstehen, wie seine Spezifikation auf der Ebene des Model Checkers ausgedrückt wird. Insgesamt wird die Komplexität für den Softwareingenieur somit deutlich handhabbarer. Bezüglich der Spezifikation einer solchen Koordination definiert die Arbeit eine domänenspezifische Sprache namens Real-Time Coordination Protocols (RTCPs). Darüber hinaus wird eine domänenspezifische Sprache zur Spezifikation von Verifikationseigenschaften eingeführt und Entwurfsmuster für RTCPs präsentiert, um die Anzahl der Modellierungsfehler zu senken.}}, author = {{Dziwok, Stefan}}, publisher = {{Paderborn University}}, title = {{{Specification and Verification for Real-Time Coordination Protocols of Cyber-physical Systems}}}, year = {{2017}}, } @inproceedings{20797, author = {{Gerking, Christopher and Schubert, David and Budde, Ingo}}, booktitle = {{Theory and Practice of Model Transformation, 10th International Conference (ICMT 2017)}}, editor = {{Guerra, Esther and van den Brand, Mark}}, number = {{10374}}, pages = {{19--34}}, publisher = {{Springer}}, title = {{{Reducing the Verbosity of Imperative Model Refinements by using General-Purpose Language Facilities}}}, year = {{2017}}, } @inproceedings{20804, abstract = {{Modern Cyber-physical Systems are executed in physical environments and distributed over several Electronic Control Units using multiple cores for execution. These systems perform safety-critical tasks and, therefore, have to fulfill hard real-time requirements. To face these requirements systematically, system engineers de- velop these systems model-driven and prove the fulfillment of these requirements via model checking. It is important to ensure that the runtime scheduling does not violate the verified requirements by neglecting the model checking assumptions. Currently, there is a gap in the process for model-driven approaches to derive a feasible runtime scheduling that respects these assumptions. In this paper, we present an approach for a semi- automatic synthesis of behavioral models into a deterministic scheduling that respects real-time requirements at runtime. We evaluate our approach using an example of a distributed automotive system with hard real-time requirements specified with the MechatronicUML method.}}, author = {{Geismann, Johannes and Pohlmann, Uwe and Schmelter, David}}, booktitle = {{Proceedings of the 5th International Conference on Model-Driven Engineering and Software Development}}, title = {{{Towards an Automated Synthesis of a Real-time Scheduling for Cyber-physical Multi-core Systems}}}, year = {{2017}}, }