@article{MausHoefkenSchuba2011,
  author    = {Maus, Stefan and H{\"o}fken, Hans-Wilhelm and Schuba, Marko},
  title     = {Forensic Analysis of Geodata in Android Smartphones},
  pages     = {1 -- 11},
  year      = {2011},
  language  = {en}
}
@article{SchaeferHoefkenSchuba2011,
  author    = {Schaefer, Thomas and H{\"o}fken, Hans-Wilhelm and Schuba, Marko},
  title     = {Windows Phone 7 from a Digital Forensics' Perspective},
  publisher = {Springer},
  address   = {Berlin},
  year      = {2011},
  language  = {en}
}
@inproceedings{SchuetzBreuerHoefkenetal.2013,
  author    = {Sch{\"u}tz, P. and Breuer, M. and H{\"o}fken, Hans-Wilhelm and Schuba, Marko},
  title     = {Malware proof on mobile phone exhibits based on GSM/GPRS traces},
  series = {The Second International Conference on Cyber Security, Cyber Peacefare and Digital Forensic (CyberSec 2013) : 04.03. - 06.03.2013, Kuala Lumpur, Malaysia},
  booktitle = {The Second International Conference on Cyber Security, Cyber Peacefare and Digital Forensic (CyberSec 2013) : 04.03. - 06.03.2013, Kuala Lumpur, Malaysia},
  publisher = {The Society of Digital Information and Wireless Communication},
  isbn      = {978-0-9853483-7-3},
  pages     = {89 -- 96},
  year      = {2013},
  language  = {en}
}
@inproceedings{StoebeHoefkenSchubaetal.2013,
  author    = {St{\"o}be, Rolf and H{\"o}fken, Hans-Wilhelm and Schuba, Marko and Breuer, Michael},
  title     = {Artificial ageing of mobile devices using a simulated GSM/GPRS network},
  series = {Eighth International Conference on Availability, Reliability and Security (ARES) : 2-6 Sept. 2013, Regensburg},
  booktitle = {Eighth International Conference on Availability, Reliability and Security (ARES) : 2-6 Sept. 2013, Regensburg},
  publisher = {IEEE},
  pages     = {493 -- 497},
  year      = {2013},
  language  = {en}
}
@inproceedings{BonneyHoefkenPaffenetal.2015,
  author    = {Bonney, Gregor and H{\"o}fken, Hans-Wilhelm and Paffen, Benedikt and Schuba, Marko},
  title     = {ICS/SCADA Security - Analysis of a Beckhoff CX5020 PLC},
  series = {1st International Conference on Information Systems Security and Privacy : ICISSP 2015},
  booktitle = {1st International Conference on Information Systems Security and Privacy : ICISSP 2015},
  organization    = {International Conference on Information Systems Security and Privacy <1, 2015, Angers>},
  pages     = {1 -- 6},
  year      = {2015},
  language  = {en}
}
@inproceedings{LindenlaufHoefkenSchuba2015,
  author    = {Lindenlauf, Simon and H{\"o}fken, Hans-Wilhelm and Schuba, Marko},
  title     = {Cold Boot Attacks on DDR2 and DDR3 SDRAM},
  series = {10th International Conference on Availability, Reliability and Security (ARES) 2015},
  booktitle = {10th International Conference on Availability, Reliability and Security (ARES) 2015},
  doi       = {10.1109/ARES.2015.28},
  pages     = {287 -- 292},
  year      = {2015},
  language  = {en}
}
@book{GalleyMinoggioSchubaetal.2016,
  author    = {Galley, Birgit and Minoggio, Ingo and Schuba, Marko and Bischoff, Barbara and H{\"o}fken, Hans-Wilhelm},
  title     = {Unternehmenseigene Ermittlungen : Recht - Kriminalistik - IT},
  publisher = {Erich Schmidt Verlag},
  address   = {Berlin},
  isbn      = {978-3-503-16531-5},
  pages     = {XIII, 372 S.},
  year      = {2016},
  language  = {de}
}
@inproceedings{BraunHoefkenSchubaetal.2015,
  author    = {Braun, Sebastian and H{\"o}fken, Hans-Wilhelm and Schuba, Marko and Breuer, Michael},
  title     = {Forensische Sicherung von DSLRoutern},
  series = {Proceedings of D-A-CH Security 2015. St. Augustin 8. und 9. September 2015},
  booktitle = {Proceedings of D-A-CH Security 2015. St. Augustin 8. und 9. September 2015},
  pages     = {11 S.},
  year      = {2015},
  language  = {de}
}
@inproceedings{BeckerHoefkenSchuetzetal.2016,
  author    = {Becker, Sebastian and H{\"o}fken, Hans-Wilhelm and Sch{\"u}tz, Philip and Schuba, Marko},
  title     = {IT-forensische Erkennung modifizierter Android-Apps},
  series = {Proceedings of DACH Security 2016, Klagenfurt, Austria, September 2016},
  booktitle = {Proceedings of DACH Security 2016, Klagenfurt, Austria, September 2016},
  editor    = {Schartner, P.},
  pages     = {120 -- 125},
  year      = {2016},
  abstract  = {Malware auf Smartphones ist ein Problem, dem auch Strafverfolgungsbeh{\"o}rden immer h{\"a}ufiger gegen{\"u}berstehen. Insbesondere Telefone, bei denen potentiell schadhafte Apps zu einem finanziellen Schaden gef{\"u}hrt haben, finden sich auf den Schreibtischen der Polizei wieder. Dabei m{\"u}ssen die Ermittler m{\"o}glichst schnell und gezielt erkennen k{\"o}nnen, ob eine App tats{\"a}chlich schadhaft manipuliert wurde, was manipuliert wurde und mit wem die App kommuniziert. Klassische Malware-Erkennungsverfahren helfen zwar bei der generellen Erkennung schadhafter Software, sind aber f{\"u}r die polizeiliche Praxis nicht geeignet. Dieses Paper stellt ein Programm vor, welches gerade die forensischen Fragestellungen ber{\"u}cksichtigt und so f{\"u}r den Einsatz in der Strafverfolgung in Frage kommt.},
  language  = {de}
}
@inproceedings{BroennerHoefkenSchuba2016,
  author    = {Broenner, Simon and H{\"o}fken, Hans-Wilhelm and Schuba, Marko},
  title     = {Streamlining extraction and analysis of android RAM images},
  series = {Proceedings of the 2nd international conference on information systems security and privacy},
  booktitle = {Proceedings of the 2nd international conference on information systems security and privacy},
  organization    = {ICISSP International Conference on Information Systems Security and Privacy <2, 2016, Rome, Italy>},
  isbn      = {978-989-758-167-0},
  doi       = {10.5220/0005652802550264},
  pages     = {255 -- 264},
  year      = {2016},
  language  = {en}
}