@misc{KliemeTietzMeinel2018,
  author    = {Klieme, Eric and Tietz, Christian and Meinel, Christoph},
  title     = {Beware of SMOMBIES},
  series = {The 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom 2018)/the 12th IEEE International Conference on Big Data Science and Engineering (IEEE BigDataSE 2018)},
  journal   = {The 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom 2018)/the 12th IEEE International Conference on Big Data Science and Engineering (IEEE BigDataSE 2018)},
  publisher = {IEEE},
  address   = {New York},
  isbn      = {978-1-5386-4387-7},
  issn      = {2324-9013},
  doi       = {10.1109/TrustCom/BigDataSE.2018.00096},
  pages     = {651 -- 660},
  year      = {2018},
  abstract  = {Several research evaluated the user's style of walking for the verification of a claimed identity and showed high authentication accuracies in many settings. In this paper we present a system that successfully verifies a user's identity based on many real world smartphone placements and yet not regarded interactions while walking. Our contribution is the distinction of all considered activities into three distinct subsets and a specific one-class Support Vector Machine per subset. Using sensor data of 30 participants collected in a semi-supervised study approach, we prove that unsupervised verification is possible with very low false-acceptance and false-rejection rates. We furthermore show that these subsets can be distinguished with a high accuracy and demonstrate that this system can be deployed on off-the-shelf smartphones.},
  language  = {en}
}
@article{LeungLeutbecherReichetal.2021,
  author    = {Leung, Tsz Yan and Leutbecher, Martin and Reich, Sebastian and Shepherd, Theodore G.},
  title     = {Forecast verification},
  series = {Quarterly journal of the Royal Meteorological Society},
  volume    = {147},
  journal   = {Quarterly journal of the Royal Meteorological Society},
  number    = {739},
  publisher = {Wiley},
  address   = {Hoboken},
  issn      = {0035-9009},
  doi       = {10.1002/qj.4120},
  pages     = {3124 -- 3134},
  year      = {2021},
  abstract  = {The philosophy of forecast verification is rather different between deterministic and probabilistic verification metrics: generally speaking, deterministic metrics measure differences, whereas probabilistic metrics assess reliability and sharpness of predictive distributions. This article considers the root-mean-square error (RMSE), which can be seen as a deterministic metric, and the probabilistic metric Continuous Ranked Probability Score (CRPS), and demonstrates that under certain conditions, the CRPS can be mathematically expressed in terms of the RMSE when these metrics are aggregated. One of the required conditions is the normality of distributions. The other condition is that, while the forecast ensemble need not be calibrated, any bias or over/underdispersion cannot depend on the forecast distribution itself. Under these conditions, the CRPS is a fraction of the RMSE, and this fraction depends only on the heteroscedasticity of the ensemble spread and the measures of calibration. The derived CRPS-RMSE relationship for the case of perfect ensemble reliability is tested on simulations of idealised two-dimensional barotropic turbulence. Results suggest that the relationship holds approximately despite the normality condition not being met.},
  language  = {en}
}
@article{LorenzClemensSchroetteretal.2022,
  author    = {Lorenz, Claas and Clemens, Vera Elisabeth and Schr{\"o}tter, Max and Schnor, Bettina},
  title     = {Continuous verification of network security compliance},
  series = {IEEE transactions on network and service management},
  volume    = {19},
  journal   = {IEEE transactions on network and service management},
  number    = {2},
  publisher = {Institute of Electrical and Electronics Engineers},
  address   = {New York},
  issn      = {1932-4537},
  doi       = {10.1109/TNSM.2021.3130290},
  pages     = {1729 -- 1745},
  year      = {2022},
  abstract  = {Continuous verification of network security compliance is an accepted need. Especially, the analysis of stateful packet filters plays a central role for network security in practice. But the few existing tools which support the analysis of stateful packet filters are based on general applicable formal methods like Satifiability Modulo Theories (SMT) or theorem prover and show runtimes in the order of minutes to hours making them unsuitable for continuous compliance verification. In this work, we address these challenges and present the concept of state shell interweaving to transform a stateful firewall rule set into a stateless rule set. This allows us to reuse any fast domain specific engine from the field of data plane verification tools leveraging smart, very fast, and domain specialized data structures and algorithms including Header Space Analysis (HSA). First, we introduce the formal language FPL that enables a high-level human-understandable specification of the desired state of network security. Second, we demonstrate the instantiation of a compliance process using a verification framework that analyzes the configuration of complex networks and devices - including stateful firewalls - for compliance with FPL policies. Our evaluation results show the scalability of the presented approach for the well known Internet2 and Stanford benchmarks as well as for large firewall rule sets where it outscales state-of-the-art tools by a factor of over 41.},
  language  = {en}
}