@inproceedings{207, abstract = {{We consider a scheduling problem where machines need to be rented from the cloud in order to process jobs. There are two types of machines available which can be rented for machine-type dependent prices and for arbitrary durations. However, a machine-type dependent setup time is required before a machine is available for processing. Jobs arrive online over time, have machine-type dependent sizes and have individual deadlines. The objective is to rent machines and schedule jobs so as to meet all deadlines while minimizing the rental cost. Since we observe the slack of jobs to have a fundamental influence on the competitiveness, we study the model when instances are parameterized by their (minimum) slack. An instance is called to have a slack of $\beta$ if, for all jobs, the difference between the job's release time and the latest point in time at which it needs to be started is at least $\beta$. While for $\beta series = {LNCS}}}, author = {{Mäcker, Alexander and Malatyali, Manuel and Meyer auf der Heide, Friedhelm and Riechers, Sören}}, booktitle = {{Proceedings of the 10th Annual International Conference on Combinatorial Optimization and Applications (COCOA)}}, pages = {{578----592}}, title = {{{Cost-efficient Scheduling on Machines from the Cloud}}}, doi = {{10.1007/978-3-319-48749-6_42}}, year = {{2016}}, } @inproceedings{20716, author = {{Bodden, Eric and Eichberg, Michael and I Pun, Ka and Steffen, Martin and Stolz, Volker and Wickert, Anna-Katharina}}, booktitle = {{Nordic Workshop on Programming Theory (NWPT'16)}}, title = {{{Don't let data Go astray---A Context-Sensitive Taint Analysis for Concurrent Programs in Go}}}, year = {{2016}}, } @techreport{20717, author = {{Nguyen Quang Do, Lisa and Ali, Karim and Livshits, Benjamin and Bodden, Eric and Smith, Justin and Murphy-Hill, Emerson}}, keywords = {{ATTRACT, ITSECWEBSITE}}, title = {{{Just-in-Time Static Analysis}}}, doi = {{http://dx.doi.org/10.7939/DVN/10859}}, year = {{2016}}, } @article{20718, author = {{Rasthofer, Siegfried and Arzt, Steven and Bodden, Eric and Miltenberger, Marc}}, journal = {{Datenschutz und Datensicherheit}}, keywords = {{ATTRACT, ITSECWEBSITE}}, pages = {{718--722}}, title = {{{Harvester - Vollautomatische Extraktion von Laufzeitwerten aus obfuskierten Android-Applikationen}}}, doi = {{https://www.springerprofessional.de/en/datenschutz-und-datensicherheit-dud-11-2016/10866536}}, year = {{2016}}, } @inproceedings{20719, author = {{Holzinger, Philipp and Triller, Stefan and Bartel, Alexandre and Bodden, Eric}}, booktitle = {{Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security}}, isbn = {{978-1-4503-4139-4}}, keywords = {{ATTRACT, access control, exploits, java security, security analysis, ITSECWEBSITE}}, pages = {{779--790}}, title = {{{An In-Depth Study of More Than Ten Years of Java Exploitation}}}, doi = {{http://doi.acm.org/10.1145/2976749.2978361}}, year = {{2016}}, } @inproceedings{20720, author = {{Follner, Andreas and Bartel, Alexandre and Peng, Hui and Chang, Yu-Chen and Ispoglou, Kyriakos and Payer, Mathias and Bodden, Eric}}, booktitle = {{International Workshop on Security and Trust Management (STM)}}, pages = {{212--228}}, title = {{{PSHAPE: Automatically Combining Gadgets for Arbitrary Method Execution}}}, year = {{2016}}, } @inproceedings{20721, author = {{Nguyen Quang Do, Lisa and Eichberg, Michael and Bodden, Eric}}, booktitle = {{Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis}}, keywords = {{ATTRACT}}, pages = {{13--17}}, title = {{{Toward an Automated Benchmark Management System}}}, year = {{2016}}, } @inproceedings{20722, author = {{Arzt, Steven and Kussmaul, Tobias and Bodden, Eric}}, booktitle = {{Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis}}, pages = {{1--6}}, title = {{{Towards Cross-Platform Cross-Language Analysis with Soot}}}, year = {{2016}}, } @article{20724, author = {{Follner, Andreas and Bodden, Eric}}, issn = {{2214-2126}}, journal = {{Journal of Information Security and Applications }}, pages = {{16--26}}, title = {{{ROPocop — Dynamic mitigation of code-reuse attacks}}}, doi = {{http://dx.doi.org/10.1016/j.jisa.2016.01.002}}, volume = {{29}}, year = {{2016}}, } @inproceedings{20725, author = {{Follner, Andreas and Bartel, Alexandre and Bodden, Eric}}, booktitle = {{International Symposium on Engineering Secure Software and Systems (ESSoS)}}, title = {{{Analyzing the Gadgets - Towards a Metric to Measure Gadget Quality}}}, year = {{2016}}, } @inproceedings{20726, author = {{Falzon, Kevin and Bodden, Eric}}, booktitle = {{Principles of Security and Trust: 5th International Conference, POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April 2--8, 2016, Proceedings}}, editor = {{Piessens, Frank and Vigan'o, Luca}}, isbn = {{978-3-662-49635-0}}, pages = {{116--138}}, publisher = {{Springer Berlin Heidelberg}}, title = {{{Towards a Comprehensive Model of Isolation for Mitigating Illicit Channels}}}, doi = {{10.1007/978-3-662-49635-0_7}}, year = {{2016}}, } @inproceedings{20727, author = {{Rasthofer, Siegfried and Arzt, Steven and Miltenberger, Marc and Bodden, Eric}}, booktitle = {{Network and Distributed System Security Symposium (NDSS)}}, keywords = {{ATTRACT, ITSECWEBSITE}}, title = {{{Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques}}}, year = {{2016}}, } @inproceedings{20728, author = {{Nadi, Sarah and Krüger, Stefan and Mezini, Mira and Bodden, Eric}}, booktitle = {{International Conference for Software Engineering (ICSE)}}, keywords = {{CROSSING, ITSECWEBSITE}}, pages = {{935--946}}, title = {{{Jumping Through Hoops: Why do Java Developers Struggle With Cryptography APIs?}}}, year = {{2016}}, } @inproceedings{20729, author = {{Arzt, Steven and Bodden, Eric}}, booktitle = {{International Conference for Software Engineering (ICSE)}}, keywords = {{ITSECWEBSITE}}, title = {{{StubDroid: Automatic Inference of Precise Data-flow Summaries for the Android Framework}}}, year = {{2016}}, } @inproceedings{20730, author = {{Eling, N. and Rasthofer, S. and Kolhagen, M. and Bodden, Eric and Buxmann, P.}}, booktitle = {{2016 49th Hawaii International Conference on System Sciences (HICSS)}}, issn = {{1530-1605}}, pages = {{3666--3675}}, title = {{{Investigating Users' Reaction to Fine-Grained Data Requests: A Market Experiment}}}, doi = {{10.1109/HICSS.2016.458}}, year = {{2016}}, } @inproceedings{208, abstract = {{This paper presents a new framework for constructing fully CCA-secure predicate encryption schemes from pair encoding schemes. Our construction is the first in the context of predicate encryption which uses the technique of well-formedness proofs known from public key encryption. The resulting constructions are simpler and more efficient compared to the schemes achieved using known generic transformations from CPA-secure to CCA-secure schemes. The reduction costs of our framework are comparable to the reduction costs of the underlying CPA-secure framework. We achieve this last result by applying the dual system encryption methodology in a novel way.}}, author = {{Blömer, Johannes and Liske, Gennadij}}, booktitle = {{Proceedings of the CT-RSA 2016}}, pages = {{431--447}}, title = {{{Construction of Fully CCA-Secure Predicate Encryptions from Pair Encoding Schemes}}}, doi = {{10.1007/978-3-319-29485-8_25}}, year = {{2016}}, } @techreport{20822, abstract = {{Several examples of mechatronic systems can be found nowadays in modern cars, production systems, and medical technology. Day by day, the number of innovative functionalities in such mechatronic systems is increasing. These functionalities are realized with complex software. Such software exhibits hard real-time, safety requirements. The adherence to these requirements must be thoroughly analyzed and verified. Moreover, to obtain a significant increment in the reliability, performance, and efficiency of such software, it needs to maintain the self-adaptation of its properties. In order to develop such systems with a high quality and within a short time, we need a systematic and consistent design method. For this purpose, the software engineering group at the University of Paderborn and the Fraunhofer IEM in Paderborn propose the MechatronicUML method. This method provides a comprehensive model-driven process support, that starts from requirements and reaches the executable software after passing through several design and analysis steps. This process improves the comprehension during development and makes complex systems manageable. MechatronicUML emphasizes mainly on: (1) modeling and (formal) verification of reconfigurable software architectures, (2) the coordination among system components in such architectures, and (3) the integration of discrete software events with the continuous behavior of control devices.}}, author = {{Dziwok, Stefan and Pohlmann, Uwe and Piskachev, Goran and Schubert, David and Thiele, Sebastian and Gerking, Christopher}}, title = {{{The MechatronicUML Design Method: Process and Language for Platform-Independent Modeling}}}, year = {{2016}}, } @techreport{20823, abstract = {{In this technical report, we present the MechatronicUML requirements engineering method. The method encompasses a process and a scenario-based modeling language for the documentation and analysis of requirements on the message-based interaction behavior of software-intensive systems. The modeling language uses a scenario notation based on Modal Sequence Diagrams (MSDs), which borrows concepts of UML Interactions as well as of Live Sequence Charts. Furthermore, we introduce the so-called Emergency Braking & Evasion System (EBEAS) as a running example, which is based on current and upcoming real-world driver assistance systems. }}, author = {{Holtmann, Jörg and Fockel, Markus and Koch, Thorsten and Schmelter, David and Brenner, Christian and Bernijazov, Ruslan and Sander, Marcel}}, title = {{{The MechatronicUML Requirements Engineering Method: Process and Language}}}, doi = {{10.13140/RG.2.2.33223.29606}}, year = {{2016}}, } @inproceedings{20825, abstract = {{Das Systemmodell ist der Kern des Model-Based Systems Engineering (MBSE). Während jedoch im Systems Engineering dem Zusammenspiel von Produkt und Projekt ein hoher Stellenwert beigemessen wird, liegt der Fokus im MBSE noch sehr stark auf technischen Prozessen. Im Hinblick auf die Idee des Systemmodells als zentrale Datenquelle sollten auch Stakeholder jenseits der direkten Entwicklungsaktivitäten das Systemmodell entsprechend nutzen können und davon profitieren. Dazu wird ein Demonstrator vorgestellt, welcher die Anwendung einer Komplexitätsanalyse auf Basis des Systemmodells mechatronischer Systeme stellvertretend für Methoden in Sinne der technischen Managementprozesse der ISO/IEC 15288 aufzeigt. Grundlage des Demonstrators bildet das Systemmodell eines Pedelecs. Die darin modellierten Strukturen dienen als Input für die Komplexitätsanalyse. Über die automatisierte Anwendung der Komplexitätsanalyse ergibt sich als Output ein Portfolio, das die Komplexität der funktionserfüllenden Komponenten mit der Bewertung der Funktionalität in Beziehung setzt und somit eine Beurteilung und entsprechende Handlungsempfehlungen der Komponenten ermöglicht.}}, author = {{Greinert, Matthias and Tschirner, Christian and Holtmann, Jörg}}, booktitle = {{Tag des Systems Engineering 2016}}, pages = {{77--86}}, publisher = {{Gesellschaft f{\"u}r Systems Engineering e.V.}}, title = {{{Anwendung von Methoden der Produktentstehung auf Basis des Systemmodells mechatronischer Systeme}}}, doi = {{10.3139/9783446451414.008}}, year = {{2016}}, } @inproceedings{20830, author = {{Schubert, David and Heinzemann, Christian and Gerking, Christopher}}, booktitle = {{Proceedings of the 19th international ACM Sigsoft symposium on component-based software engineering}}, publisher = {{ACM}}, title = {{{Towards Safe Execution of Reconfigurations in Cyber-Physical Systems}}}, year = {{2016}}, }