@article{31060,
author = {{Feldmann, Michael and Padalkin, Andreas and Scheideler, Christian and Dolev, Shlomi}},
journal = {{J. Comput. Biol.}},
number = {{4}},
pages = {{317–343}},
title = {{{Coordinating Amoebots via Reconfigurable Circuits}}},
doi = {{10.1089/cmb.2021.0363}},
volume = {{29}},
year = {{2022}},
}
@article{31844,
abstract = {{Encrypting data before sending it to the cloud ensures data confidentiality but requires the cloud to compute on encrypted data. Trusted execution environments, such as Intel SGX enclaves, promise to provide a secure environment in which data can be decrypted and then processed. However, vulnerabilities in the executed program give attackers ample opportunities to execute arbitrary code inside the enclave. This code can modify the dataflow of the program and leak secrets via SGX side channels. Fully homomorphic encryption would be an alternative to compute on encrypted data without data leaks. However, due to its high computational complexity, its applicability to general-purpose computing remains limited. Researchers have made several proposals for transforming programs to perform encrypted computations on less powerful encryption schemes. Yet current approaches do not support programs making control-flow decisions based on encrypted data.
We introduce the concept of
dataflow authentication
(DFAuth) to enable such programs. DFAuth prevents an adversary from arbitrarily deviating from the dataflow of a program. Our technique hence offers protections against the side-channel attacks described previously. We implemented two flavors of DFAuth, a Java bytecode-to-bytecode compiler, and an SGX enclave running a small and program-independent trusted code base. We applied DFAuth to a neural network performing machine learning on sensitive medical data and a smart charging scheduler for electric vehicles. Our transformation yields a neural network with encrypted weights, which can be evaluated on encrypted inputs in
\( 12.55 \,\mathrm{m}\mathrm{s} \)
. Our protected scheduler is capable of updating the encrypted charging plan in approximately 1.06 seconds.
}},
author = {{Fischer, Andreas and Fuhry, Benny and Kußmaul, Jörn and Janneck, Jonas and Kerschbaum, Florian and Bodden, Eric}},
issn = {{2471-2566}},
journal = {{ACM Transactions on Privacy and Security}},
keywords = {{Safety, Risk, Reliability and Quality, General Computer Science}},
number = {{3}},
pages = {{1--36}},
publisher = {{Association for Computing Machinery (ACM)}},
title = {{{Computation on Encrypted Data Using Dataflow Authentication}}},
doi = {{10.1145/3513005}},
volume = {{25}},
year = {{2022}},
}
@misc{31947,
author = {{Hillebrandt, Henning}},
title = {{{Verteiltes Berechnen kompakter Routingtabellen in Unit Disk Graphen}}},
year = {{2022}},
}
@inproceedings{32311,
abstract = {{Testing is one of the most frequent means of quality assurance for software. Property-based testing aims at generating test suites for checking code against user-defined properties. Test input generation is, however, most often independent of the property to be checked, and is instead based on random or user-defined data generation.In this paper, we present property-driven unit testing of functions with numerical inputs and outputs. Alike property-based testing, it allows users to define the properties to be tested for. Contrary to property-based testing, it also uses the property for a targeted generation of test inputs. Our approach is a form of learning-based testing where we first of all learn a model of a given black-box function using standard machine learning algorithms, and in a second step use model and property for test input generation. This allows us to test both predefined functions as well as machine learned regression models. Our experimental evaluation shows that our property-driven approach is more effective than standard property-based testing techniques.}},
author = {{Sharma, Arnab and Melnikov, Vitaly and Hüllermeier, Eyke and Wehrheim, Heike}},
booktitle = {{Proceedings of the 10th IEEE/ACM International Conference on Formal Methods in Software Engineering (FormaliSE)}},
pages = {{113--123}},
publisher = {{IEEE}},
title = {{{Property-Driven Testing of Black-Box Functions}}},
year = {{2022}},
}
@inproceedings{29842,
abstract = {{To build successful software products, developers continuously have to discover what features the users really need. This discovery can be achieved with continuous experimentation, testing different software variants with distinct user groups, and deploying the superior variant for all users. However, existing approaches do not focus on explicit modeling of variants and experiments, which offers advantages such as traceability of decisions and combinability of experiments. Therefore, our vision is the provision of model-driven continuous experimentation, which provides the developer with a framework for structuring the experimentation process. For that, we introduce the overall concept, apply it to the experimentation on component-based software architectures and point out future research questions. In particular, we show the applicability by combining feature models for modeling the software variants, users, and experiments (i.e., model-driven) with MAPE-K for the adaptation (i.e., continuous experimentation) and implementing the concept based on the component-based Angular framework.}},
author = {{Gottschalk, Sebastian and Yigitbas, Enes and Engels, Gregor}},
booktitle = {{Proceedings of the 18th International Conference on Software Architecture Companion }},
keywords = {{continuous experimentation, model-driven, component-based software architectures, self-adaptation}},
location = {{Hawaii}},
publisher = {{IEEE}},
title = {{{Model-driven Continuous Experimentation on Component-based Software Architectures }}},
doi = {{10.1109/ICSA-C54293.2022.00011}},
year = {{2022}},
}
@article{32335,
abstract = {{Aspects of data science surround us in many contexts, for example regarding climate change, air pollution, and other environmental issues. To open the “data-science-black-box” for lower secondary school students we developed a data science project focussing on the analysis of self-collected environmental data. We embed this project in computer science education, which enables us to use a new knowledge-based programming approach for the data analysis within Jupyter Notebooks and the programming language Python. In this paper, we evaluate the second cycle of this project which took place in a ninth-grade computer science class. In particular, we present how the students coped with the professional tool of Jupyter Notebooks for doing statistical investigations and which insights they gained.}},
author = {{PODWORNY, SUSANNE and Hüsing, Sven and SCHULTE, CARSTEN}},
issn = {{1570-1824}},
journal = {{STATISTICS EDUCATION RESEARCH JOURNAL}},
keywords = {{Education, Statistics and Probability}},
number = {{2}},
publisher = {{International Association for Statistical Education}},
title = {{{A PLACE FOR A DATA SCIENCE PROJECT IN SCHOOL: BETWEEN STATISTICS AND EPISTEMIC PROGRAMMING}}},
doi = {{10.52041/serj.v21i2.46}},
volume = {{21}},
year = {{2022}},
}
@article{29673,
abstract = {{Koopman operator theory has been successfully applied to problems from various research areas such as fluid dynamics, molecular dynamics, climate science, engineering, and biology. Applications include detecting metastable or coherent sets, coarse-graining, system identification, and control. There is an intricate connection between dynamical systems driven by stochastic differential equations and quantum mechanics. In this paper, we compare the ground-state transformation and Nelson's stochastic mechanics and demonstrate how data-driven methods developed for the approximation of the Koopman operator can be used to analyze quantum physics problems. Moreover, we exploit the relationship between Schrödinger operators and stochastic control problems to show that modern data-driven methods for stochastic control can be used to solve the stationary or imaginary-time Schrödinger equation. Our findings open up a new avenue towards solving Schrödinger's equation using recently developed tools from data science.}},
author = {{Klus, Stefan and Nüske, Feliks and Peitz, Sebastian}},
journal = {{Journal of Physics A: Mathematical and Theoretical}},
number = {{31}},
pages = {{314002}},
publisher = {{IOP Publishing Ltd.}},
title = {{{Koopman analysis of quantum systems}}},
doi = {{10.1088/1751-8121/ac7d22}},
volume = {{55}},
year = {{2022}},
}
@misc{32409,
abstract = {{Context: Cryptographic APIs are often misused in real-world applications. Therefore, many cryptographic API misuse detection tools have been introduced. However, there exists no established reference benchmark for a fair and comprehensive comparison and evaluation of these tools. While there are benchmarks, they often only address a subset of the domain or were only used to evaluate a subset of existing misuse detection tools. Objective: To fairly compare cryptographic API misuse detection tools and to drive future development in this domain, we will devise such a benchmark. Openness and transparency in the generation process are key factors to fairly generate and establish the needed benchmark. Method: We propose an approach where we derive the benchmark generation methodology from the literature which consists of general best practices in benchmarking and domain-specific benchmark generation. A part of this methodology is transparency and openness of the generation process, which is achieved by pre-registering this work. Based on our methodology we design CamBench, a fair "Cryptographic API Misuse Detection Tool Benchmark Suite". We will implement the first version of CamBench limiting the domain to Java, the JCA, and static analyses. Finally, we will use CamBench to compare current misuse detection tools and compare CamBench to related benchmarks of its domain.}},
author = {{Schlichtig, Michael and Wickert, Anna-Katharina and Krüger, Stefan and Bodden, Eric and Mezini, Mira}},
keywords = {{cryptography, benchmark, API misuse, static analysis}},
title = {{{CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite}}},
doi = {{10.48550/ARXIV.2204.06447}},
year = {{2022}},
}
@phdthesis{32414,
author = {{Lass, Michael}},
publisher = {{Universität Paderborn}},
title = {{{Bringing Massive Parallelism and Hardware Acceleration to Linear Scaling Density Functional Theory Through Targeted Approximations}}},
doi = {{10.17619/UNIPB/1-1281}},
year = {{2022}},
}
@inproceedings{32410,
abstract = {{Static analysis tools support developers in detecting potential coding issues, such as bugs or vulnerabilities. Research on static analysis emphasizes its technical challenges but also mentions severe usability shortcomings. These shortcomings hinder the adoption of static analysis tools, and in some cases, user dissatisfaction even leads to tool abandonment.
To comprehensively assess the current state of the art, this paper presents the first systematic usability evaluation in a wide range of static analysis tools. We derived a set of 36 relevant criteria from the scientific literature and gathered a collection of 46 static analysis tools complying with our inclusion and exclusion criteria - a representative set of mainly non-proprietary tools. Then, we evaluated how well these tools fulfill the aforementioned criteria.
The evaluation shows that more than half of the considered tools offer poor warning messages, while about three-quarters of the tools provide hardly any fix support. Furthermore, the integration of user knowledge is strongly neglected, which could be used for improved handling of false positives and tuning the results for the corresponding developer. Finally, issues regarding workflow integration and specialized user interfaces are proved further.
These findings should prove useful in guiding and focusing further research and development in the area of user experience for static code analyses.}},
author = {{Nachtigall, Marcus and Schlichtig, Michael and Bodden, Eric}},
booktitle = {{Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis}},
isbn = {{9781450393799}},
keywords = {{Automated static analysis, Software usability}},
pages = {{532 -- 543}},
publisher = {{ACM}},
title = {{{A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools}}},
doi = {{10.1145/3533767}},
year = {{2022}},
}
@inproceedings{31133,
abstract = {{Application Programming Interfaces (APIs) are the primary mechanism that developers use to obtain access to third-party algorithms and services. Unfortunately, APIs can be misused, which can have catastrophic consequences, especially if the APIs provide security-critical functionalities like cryptography. Understanding what API misuses are, and for what reasons they are caused, is important to prevent them, e.g., with API misuse detectors. However, definitions and nominations for API misuses and related terms in literature vary and are diverse. This paper addresses the problem of scattered knowledge and definitions of API misuses by presenting a systematic literature review on the subject and introducing FUM, a novel Framework for API Usage constraint and Misuse classification. The literature review revealed that API misuses are violations of API usage constraints. To capture this, we provide unified definitions and use them to derive FUM. To assess the extent to which FUM aids in determining and guiding the improvement of an API misuses detectors' capabilities, we performed a case study on CogniCrypt, a state-of-the-art misuse detector for cryptographic APIs. The study showed that FUM can be used to properly assess CogniCrypt's capabilities, identify weaknesses and assist in deriving mitigations and improvements. And it appears that also more generally FUM can aid the development and improvement of misuse detection tools.}},
author = {{Schlichtig, Michael and Sassalla, Steffen and Narasimhan, Krishna and Bodden, Eric}},
booktitle = {{2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)}},
keywords = {{API misuses, API usage constraints, classification framework, API misuse detection, static analysis}},
pages = {{673 -- 684}},
title = {{{FUM - A Framework for API Usage constraint and Misuse Classification}}},
doi = {{https://doi.org/10.1109/SANER53432.2022.00085}},
year = {{2022}},
}
@misc{32399,
author = {{Vahle, Ella}},
title = {{{Modelling and Proving Security for a Secure MPC Protocol for Stable Matching}}},
year = {{2022}},
}
@inproceedings{31847,
abstract = {{The famous $k$-Server Problem covers plenty of resource allocation scenarios, and several variations have been studied extensively for decades. However, to the best of our knowledge, no research has considered the problem if the servers are not identical and requests can express which specific servers should serve them. Therefore, we present a new model generalizing the $k$-Server Problem by *preferences* of the requests and proceed to study it in a uniform metric space for deterministic online algorithms (the special case of paging).
In our model, requests can either demand to be answered by any server (*general requests*) or by a specific one (*specific requests*). If only general requests appear, the instance is one of the original $k$-Server Problem, and a lower bound for the competitive ratio of $k$ applies. If only specific requests appear, a solution with a competitive ratio of $1$ becomes trivial since there is no freedom regarding the servers' movements. Perhaps counter-intuitively, we show that if both kinds of requests appear, the lower bound raises to $2k-1$.
We study deterministic online algorithms in uniform metrics and present two algorithms. The first one has an adaptive competitive ratio dependent on the frequency of specific requests. It achieves a worst-case competitive ratio of $3k-2$ while it is optimal when only general or only specific requests appear (competitive ratio of $k$ and $1$, respectively). The second has a fixed close-to-optimal worst-case competitive ratio of $2k+14$. For the first algorithm, we show a lower bound of $3k-2$, while the second algorithm has a lower bound of $2k-1$ when only general requests appear.
The two algorithms differ in only one behavioral rule for each server that significantly influences the competitive ratio. Each server acting according to the rule allows approaching the worst-case lower bound, while it implies an increased lower bound for $k$-Server instances. In other words, there is a trade-off between performing well against instances of the $k$-Server Problem and instances containing specific requests. We also show that no deterministic online algorithm can be optimal for both kinds of instances simultaneously.}},
author = {{Castenow, Jannik and Feldkord, Björn and Knollmann, Till and Malatyali, Manuel and Meyer auf der Heide, Friedhelm}},
booktitle = {{Proceedings of the 34th ACM Symposium on Parallelism in Algorithms and Architectures}},
isbn = {{9781450391467}},
keywords = {{K-Server Problem, Heterogeneity, Online Caching}},
pages = {{345--356}},
publisher = {{Association for Computing Machinery}},
title = {{{The k-Server with Preferences Problem}}},
doi = {{10.1145/3490148.3538595}},
year = {{2022}},
}
@inbook{34023,
abstract = {{Decision makers increasingly rely on decision support systems for optimal decision making. Recently, special attention has been paid to process-driven decision support systems (PD-DSS) in which a process model prescribes the invocation sequence of software-based decision support services and the data exchange between them. Thus, it is possible to quickly combine available decision support services as needed for optimally supporting the decision making process of an individual decision maker. However, process modelers may accidentally create a process model which is technically well-formed and executable, but contains functional and behavioral flaws such as redundant or missing services. These flaws may result in inefficient computations or invalid decision recommendations when the corresponding PD-DSS is utilized by a decision maker. In this paper, we therefore propose an approach to validate functionality and behavior of a process model representing a PD-DSS. Our approach is based on expressing flaws as anti-patterns for which the process model can be automatically checked via graph matching. We prototypically implemented our approach and demonstrate its applicability in the context of decision making for energy network planning.}},
author = {{Kirchhoff, Jonas and Engels, Gregor}},
booktitle = {{Software Business}},
isbn = {{9783031207051}},
issn = {{1865-1348}},
pages = {{227----243}},
publisher = {{Springer International Publishing}},
title = {{{Anti-pattern Detection in Process-Driven Decision Support Systems}}},
doi = {{10.1007/978-3-031-20706-8_16}},
volume = {{463}},
year = {{2022}},
}
@inproceedings{34040,
abstract = {{Consider the practical goal of making a desired action profile played,
when the planner can only change the payoffs, bound by
stringent constraints.
Applications include motivating people
to choose the closest school, the closest subway station, or to coordinate
on a communication protocol or an investment strategy.
Employing subsidies and tolls, we adjust the game so that choosing this predefined action profile
becomes strictly dominant.
Inspired mainly by the work of Monderer and Tennenholtz,
where the promised subsidies do not materialise in the not played
profiles, we provide a fair and individually rational game
adjustment, such that the total outside investments sum up
to zero at any profile, thereby facilitating easy and frequent
usage of our adjustment without bearing costs, even if some
players behave unexpectedly. The resultant action profile itself needs no
adjustment. Importantly, we also prove that our adjustment minimises
the general transfer among all such adjustments, counting the total subsidising and taxation.}},
author = {{Polevoy, Gleb and Dziubiński, Marcin}},
booktitle = {{Proceedings of the Thirty-First International Joint Conference on Artificial Intelligence}},
editor = {{De Raedt, Luc}},
keywords = {{adjustment, strictly dominant, fairness, individually rational, transfer, tax, subsidy}},
location = {{Vienna}},
publisher = {{International Joint Conferences on Artificial Intelligence Organization}},
title = {{{Fair, Individually Rational and Cheap Adjustment}}},
doi = {{10.24963/ijcai.2022/64}},
year = {{2022}},
}
@inproceedings{33085,
author = {{Epstein, Leah and Lassota, Alexandra and Levin, Asaf and Maack, Marten and Rohwedder, Lars}},
booktitle = {{39th International Symposium on Theoretical Aspects of Computer Science, STACS 2022, March 15-18, 2022, Marseille, France (Virtual Conference)}},
editor = {{Berenbrink, Petra and Monmege, Benjamin}},
pages = {{28:1–28:15}},
publisher = {{Schloss Dagstuhl - Leibniz-Zentrum für Informatik}},
title = {{{Cardinality Constrained Scheduling in Online Models}}},
doi = {{10.4230/LIPIcs.STACS.2022.28}},
volume = {{219}},
year = {{2022}},
}
@inproceedings{33004,
author = {{Wachsmuth, Henning and Alshomary, Milad}},
booktitle = {{Proceedings of the 29th International Conference on Computational Linguistics}},
pages = {{344 -- 354}},
title = {{{"Mama Always Had a Way of Explaining Things So I Could Understand": A Dialogue Corpus for Learning How to Explain}}},
year = {{2022}},
}
@article{34049,
author = {{Lauscher, Anne and Wachsmuth, Henning and Gurevych, Iryna and Glavaš, Goran}},
journal = {{Transactions of the Association for Computational Linguistics}},
title = {{{On the Role of Knowledge in Computational Argumentation}}},
year = {{2022}},
}
@inproceedings{22157,
author = {{Kiesel, Johannes and Alshomary, Milad and Handke, Nicolas and Cai, Xiaoni and Wachsmuth, Henning and Stein, Benno}},
booktitle = {{Proceedings of the 60th Annual Meeting of the Association for Computational Linguistics}},
pages = {{4459 -- 4471}},
title = {{{Identifying the Human Values behind Arguments}}},
year = {{2022}},
}
@inproceedings{34057,
author = {{Pasic, Faruk and Becker, Matthias}},
booktitle = {{2022 IEEE 27th International Conference on Emerging Technologies and Factory Automation (ETFA)}},
publisher = {{IEEE}},
title = {{{Domain-specific Language for Condition Monitoring Software Development}}},
doi = {{10.1109/etfa52439.2022.9921730}},
year = {{2022}},
}