Semantische Suche
| Vortragende-/r | Tobias Hey | |
|---|---|---|
| Forschungsgruppe | ||
| Titel | Information retrieval versus deep learning approaches for generating traceability links in bilingual projects | |
| Autoren | Jinfeng Lin, Yalin Liu, Jane Cleland-Huang | |
| https://link.springer.com/content/pdf/10.1007/s10664-021-10050-0.pdf | ||
| URL | https://doi.org/10.1007/s10664-021-10050-0 | |
| BibTeX | https://citation-needed.springer.com/v2/references/10.1007/s10664-021-10050-0?format=bibtex&flavour=citation | |
| Abstract | Software traceability links are established between diverse artifacts of the software development process in order to support tasks such as compliance analysis, safety assurance, and requirements validation. However, practice has shown that it is difficult and costly to create and maintain trace links in non-trivially sized projects. For this reason, many researchers have proposed and evaluated automated approaches based on information retrieval and deep-learning. Generating trace links automatically can also be challenging – especially in multi-national projects which include artifacts written in multiple languages. The intermingled language use can reduce the efficiency of automated tracing solutions. In this work, we analyze patterns of intermingled language that we observed in several different projects, and then comparatively evaluate different tracing algorithms. These include Information Retrieval techniques, such as the Vector Space Model (VSM), Latent Semantic Indexing (LSI), Latent Dirichlet Allocation (LDA), and various models that combine mono- and cross-lingual word embeddings with the Generative Vector Space Model (GVSM), and a deep-learning approach based on a BERT language model. Our experimental analysis of trace links generated for 14 Chinese-English projects indicates that our MultiLingual Trace-BERT approach performed best in large projects with close to 2-times the accuracy of the best IR approach, while the IR-based GVSM with neural machine translation and a monolingual word embedding performed best on small projects. | |
| Vortragende-/r | Dieser Termin fällt aus! | |
|---|---|---|
| Forschungsgruppe | ||
| Titel | ||
| Autoren | ||
| URL | ||
| BibTeX | ||
| Abstract | ||
| Vortragende-/r | Nicolas Boltz | |
|---|---|---|
| Forschungsgruppe | AbQP | |
| Titel | Making Big Data, Privacy, and Anonymization Work Together in the Enterprise: Experiences and Issues | |
| Autoren | Jeff Sedayao, Rahul Bhardwaj, Nakul Gorade | |
| https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6906834 | ||
| URL | https://www.doi.org/10.1109/BigData.Congress.2014.92 | |
| BibTeX | https://dblp.org/rec/conf/bigdata/SedayaoBG14.html?view=bibtex | |
| Abstract | Some scholars feel that Big Data techniques render anonymization (also known as de-identification) useless as a privacy protection technique. This paper discusses our experiences and issues encountered when we successfully combined anonymization, privacy protection, and Big Data techniques to analyze usage data while protecting the identities of users. Our Human Factors Engineering team wanted to use web page access logs and Big Data tools to improve usability of Intel's heavily used internal web portal. To protect Intel employees' privacy, they needed to remove personally identifying information (PII) from the portal's usage log repository but in a way that did not affect the use of Big Data tools to do analysis or the ability to re-identify a log entry in order to investigate unusual behavior. To meet these objectives, we created an open architecture for anonymization that allowed a variety of tools to be used for both de-identifying and re-identifying web log records. In the process of implementing our architecture, we found that enterprise data has properties different from the standard examples in anonymization literature. Our proof of concept showed that Big Data techniques could yield benefits in the enterprise environment even when working on anonymized data. We also found that despite masking obvious PII like usernames and IP addresses, the anonymized data was vulnerable to correlation attacks. We explored the tradeoffs of correcting these vulnerabilities and found that User Agent (Browser/OS) information strongly correlates to individual users. While browser fingerprinting has been known before, it has implications for tools and products currently used to de-identify enterprise data. We conclude that Big Data, anonymization, and privacy can be successfully combined but requires analysis of data sets to make sure that anonymization is not vulnerable to correlation attacks. | |
| Vortragende-/r | Frederik Reiche | |
|---|---|---|
| Forschungsgruppe | AbQP | |
| Titel | Assume-guarantee verification of source code with design-level assumptions | |
| Autoren | D. Giannakopoulou, C.S. Pasareanu, J.M. Cobleigh | |
| https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=1317443 | ||
| URL | https://www.doi.org/10.1109/ICSE.2004.1317443 | |
| BibTeX | ||
| Abstract | Model checking is an automated technique that can be used to determine whether a system satisfies certain required properties. To address the "state explosion" problem associated with this technique, we propose to integrate assume-guarantee verification at different phases of system development. During design, developers build abstract behavioral models of the system components and use them to establish key properties of the system. To increase the scalability of model checking at this level, we have previously developed techniques that automatically decompose the verification task by generating component assumptions for the properties to hold. The design artifacts are subsequently used to guide the implementation of the system, but also to enable more efficient reasoning of the source code. In particular, we propose to use assumptions generated for the design to similarly decompose the verification of the actual system implementation. We demonstrate our approach on a significant NASA application, where design models were used to identify and correct a safety property violation, and the generated assumptions allowed us to check successfully that the property was preserved by the implementation. | |
| Vortragende-/r | Tobias Walter | |
|---|---|---|
| Forschungsgruppe | AbQP | |
| Titel | P2CySeMoL: Predictive, Probabilistic Cyber Security Modeling Language | |
| Autoren | Hannes Holm, Khurram Shahzad, Markus Buschle, Mathias Ekstedt | |
| https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6990572 | ||
| URL | https://doi.org/10.1109/TDSC.2014.2382574 | |
| BibTeX | https://dblp.org/rec/journals/tdsc/HolmSBE15.html?view=bibtex | |
| Abstract | This paper presents the Predictive, Probabilistic Cyber Security Modeling Language (P 2 CySeMoL), an attack graph tool that can be used to estimate the cyber security of enterprise architectures. P 2 CySeMoL includes theory on how attacks and defenses relate quantitatively; thus, users must only model their assets and how these are connected in order to enable calculations. The performance of P 2 CySeMoL enables quick calculations of large object models. It has been validated on both a component level and a system level using literature, domain experts, surveys, observations, experiments and case studies. | |
| Vortragende-/r | Snigdha Singh | |
|---|---|---|
| Forschungsgruppe | ARE | |
| Titel | A Microservice-Based Architecture for Performance and Energy Benchmarking of Docker-Host Linux Distributions on Internet-of-Things Devices | |
| Autoren | David Lennick and Akramul Azim and Ramiro Liscano | |
| https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=9453517 | ||
| URL | https://ieeexplore.ieee.org/abstract/document/9453517 | |
| BibTeX | https://dblp.org/rec/conf/icit2/LennickAL21.html?view=bibtex | |
| Abstract | Containers are rapidly being adopted in several areas of the information technology industry. A major area is edge and embedded Internet-of-Things systems. In this paper, we present a microservice-based architecture for performance analysis and energy consumption of Internet-of-Things "Docker host" Linux distributions. Our methodology builds on previous container benchmarking work, with analysis of performance metrics such as processing, memory, and disk throughput. Furthermore, our methodology introduces container-engine performance metrics related to container lifecycle operations, and concurrent container performance. We demonstrate by comparing four Linux distributions in this domain: BalenaOS, HypriotOS, RancherOS, and Raspbian Lite. All source code is provided. | |
| Vortragende-/r | Dirk Neumann | |
|---|---|---|
| Forschungsgruppe | Student | |
| Titel | A systematic literature review of cross-domain model consistency checking by model management tools | |
| Autoren | Weslley Torres, Mark G. J. van den Brand & Alexander Serebrenik | |
| https://link.springer.com/content/pdf/10.1007/s10270-020-00834-1.pdf | ||
| URL | https://link.springer.com/article/10.1007/s10270-020-00834-1 | |
| BibTeX | https://dblp.org/rec/journals/sosym/TorresBS21.html?view=bibtex | |
| Abstract | Objective: The goal of this study is to identify gaps and challenges related to cross-domain model management focusing on consistency checking. Method We conducted a systematic literature review. We used the keyword-based search on Google Scholar, and we identified 618 potentially relevant studies; after applying inclusion and exclusion criteria, 96 papers were selected for further analysis. Results The main findings/contributions are: (i) a list of available tools used to support model management; (ii) 40% of the tools can provide consistency checking on models of different domains and 25% on models of the same domain, and 35% do not provide any consistency checking; (iii) available strategies to keep the consistency between models of different domains are not mature enough; (iv) most of the tools that provide consistency checking on models of different domains can only capture up to two inconsistency types; (v) the main challenges associated with tools that manage models on different domains are related to interoperability between tools and the consistency maintenance. Conclusion: The results presented in this study can be used to guide new research on maintaining the consistency between models of different domains. Example of further research is to investigate how to capture the Behavioral and Refinement inconsistency types. This study also indicates that the tools should be improved in order to address, for example, more kinds of consistency check. | |
| Vortragende-/r | Maximilian Walter | |
|---|---|---|
| Forschungsgruppe | SDQ | |
| Titel | From product recommendation to cyber-attack prediction: generating attack graphs and predicting future attacks | |
| Autoren | Nikolaos Polatidis, Elias Pimenidis, Michalis Pavlidis, Spyridon Papastergiou, Haralambos Mouratidis | |
| URL | https://doi.org/10.1007/s12530-018-9234-z | |
| BibTeX | ||
| Abstract | Modern information society depends on reliable functionality of information systems infrastructure, while at the same time the number of cyber-attacks has been increasing over the years and damages have been caused. Furthermore, graphs can be used to show paths than can be exploited by attackers to intrude into systems and gain unauthorized access through vulnerability exploitation. This paper presents a method that builds attack graphs using data supplied from the maritime supply chain infrastructure. The method delivers all possible paths that can be exploited to gain access. Then, a recommendation system is utilized to make predictions about future attack steps within the network. We show that recommender systems can be used in cyber defense by predicting attacks. The goal of this paper is to identify attack paths and show how a recommendation method can be used to classify future cyber-attacks in terms of risk management. The proposed method has been experimentally evaluated and validated, with the results showing that it is both practical and effective. | |
| Vortragende-/r | Jan Keim | |
|---|---|---|
| Forschungsgruppe | ARE | |
| Titel | Explicit Alignment of Requirements and Architecture in Agile Development | |
| Autoren | Sabine Molenaar, Tjerk Spijkman, Fabiano Dalpiaz, Sjaak Brinkkemper | |
| https://link.springer.com/content/pdf/10.1007/978-3-030-44429-7.pdf | ||
| URL | https://link.springer.com/chapter/10.1007/978-3-030-44429-7 13 | |
| BibTeX | https://citation-needed.springer.com/v2/references/10.1007/978-3-030-44429-7 13?format=bibtex&flavour=citation | |
| Abstract | ||
| Vortragende-/r | Dieser Termin fällt aus! | |
|---|---|---|
| Forschungsgruppe | ||
| Titel | ||
| Autoren | ||
| URL | ||
| BibTeX | ||
| Abstract | ||