@inproceedings{SchubaHoefkenLinzbach2022,
  author    = {Schuba, Marko and H{\"o}fken, Hans-Wilhelm and Linzbach, Sophie},
  title     = {An ICS Honeynet for Detecting and Analyzing Cyberattacks in Industrial Plants},
  series = {2021 International Conference on Electrical, Computer and Energy Technologies (ICECET)},
  booktitle = {2021 International Conference on Electrical, Computer and Energy Technologies (ICECET)},
  publisher = {IEEE},
  isbn      = {978-1-6654-4231-2},
  doi       = {10.1109/ICECET52533.2021.9698746},
  pages     = {6 Seiten},
  year      = {2022},
  abstract  = {Cybersecurity of Industrial Control Systems (ICS) is an important issue, as ICS incidents may have a direct impact on safety of people or the environment. At the same time the awareness and knowledge about cybersecurity, particularly in the context of ICS, is alarmingly low. Industrial honeypots offer a cheap and easy to implement way to raise cybersecurity awareness and to educate ICS staff about typical attack patterns. When integrated in a productive network, industrial honeypots may not only reveal attackers early but may also distract them from the actual important systems of the network. Implementing multiple honeypots as a honeynet, the systems can be used to emulate or simulate a whole Industrial Control System. This paper describes a network of honeypots emulating HTTP, SNMP, S7communication and the Modbus protocol using Conpot, IMUNES and SNAP7. The nodes mimic SIMATIC S7 programmable logic controllers (PLCs) which are widely used across the globe. The deployed honeypots' features will be compared with the features of real SIMATIC S7 PLCs. Furthermore, the honeynet has been made publicly available for ten days and occurring cyberattacks have been analyzed},
  language  = {en}
}
@article{LagemaatBreukelsVosetal.2016,
  author    = {Lagemaat, Miriam W. and Breukels, Vincent and Vos, Eline K. and Kerr, Adam B. and Uden, Mark J. van and Orzada, Stephan and Bitz, Andreas and Maas, Marnix C. and Scheenen, Tom W. J.},
  title     = {¹H MR spectroscopic imaging of the prostate at 7T using spectral-spatial pulses},
  series = {Magnetic Resonance in Medicine},
  volume    = {75},
  journal   = {Magnetic Resonance in Medicine},
  number    = {3},
  publisher = {International Society for Magnetic Resonance in Medicine},
  issn      = {1522-2594},
  doi       = {10.1002/mrm.25569},
  pages     = {933 -- 945},
  year      = {2016},
  abstract  = {Purpose To assess the feasibility of prostate ¹H MR spectroscopic imaging (MRSI) using low-power spectral-spatial (SPSP) pulses at 7T, exploiting accurate spectral selection and spatial selectivity simultaneously. Methods A double spin-echo sequence was equipped with SPSP refocusing pulses with a spectral selectivity of 1 ppm. Three-dimensional prostate ¹H-MRSI at 7T was performed with the SPSP-MRSI sequence using an 8-channel transmit array coil and an endorectal receive coil in three patients with prostate cancer and in one healthy subject. No additional water or lipid suppression pulses were used. Results Prostate ¹H-MRSI could be obtained well within specific absorption rate (SAR) limits in a clinically feasible time (10 min). Next to the common citrate signals, the prostate spectra exhibited high spermine signals concealing creatine and sometimes also choline. Residual lipid signals were observed at the edges of the prostate because of limitations in spectral and spatial selectivity. Conclusion It is possible to perform prostate ¹H-MRSI at 7T with a SPSP-MRSI sequence while using separate transmit and receive coils. This low-SAR MRSI concept provides the opportunity to increase spatial resolution of MRSI within reasonable scan times.},
  language  = {en}
}
@book{GalleyMinoggioSchubaetal.2016,
  author    = {Galley, Birgit and Minoggio, Ingo and Schuba, Marko and Bischoff, Barbara and H{\"o}fken, Hans-Wilhelm},
  title     = {Unternehmenseigene Ermittlungen : Recht - Kriminalistik - IT},
  publisher = {Erich Schmidt Verlag},
  address   = {Berlin},
  isbn      = {978-3-503-16531-5},
  pages     = {XIII, 372 S.},
  year      = {2016},
  language  = {de}
}
@article{FerreinSteinbauerVassos2012,
  author    = {Ferrein, Alexander and Steinbauer, Gerald and Vassos, Stavros},
  title     = {Action-Based Imperative Programming with YAGI},
  series = {AAAI Technical Report},
  journal   = {AAAI Technical Report},
  publisher = {AAAI},
  address   = {Menlo Park},
  pages     = {24 -- 31},
  year      = {2012},
  abstract  = {Many tasks for autonomous agents or robots are best described by a specification of the environment and a specification of the available actions the agent or robot can perform. Combining such a specification with the possibility to imperatively program a robot or agent is what we call the actionbased imperative programming. One of the most successful such approaches is Golog. In this paper, we draft a proposal for a new robot programming language YAGI, which is based on the action-based imperative programming paradigm. Our goal is to design a small, portable stand-alone YAGI interpreter. We combine the benefits of a principled domain specification with a clean, small and simple programming language, which does not exploit any side-effects from the implementation language. We discuss general requirements of action-based programming languages and outline YAGI, our action-based language approach which particularly aims at embeddability.},
  language  = {en}
}
@inproceedings{SchuetzBreuerHoefkenetal.2013,
  author    = {Sch{\"u}tz, P. and Breuer, M. and H{\"o}fken, Hans-Wilhelm and Schuba, Marko},
  title     = {Malware proof on mobile phone exhibits based on GSM/GPRS traces},
  series = {The Second International Conference on Cyber Security, Cyber Peacefare and Digital Forensic (CyberSec 2013) : 04.03. - 06.03.2013, Kuala Lumpur, Malaysia},
  booktitle = {The Second International Conference on Cyber Security, Cyber Peacefare and Digital Forensic (CyberSec 2013) : 04.03. - 06.03.2013, Kuala Lumpur, Malaysia},
  publisher = {The Society of Digital Information and Wireless Communication},
  isbn      = {978-0-9853483-7-3},
  pages     = {89 -- 96},
  year      = {2013},
  language  = {en}
}
@article{SchaeferHoefkenSchuba2011,
  author    = {Schaefer, Thomas and H{\"o}fken, Hans-Wilhelm and Schuba, Marko},
  title     = {Windows Phone 7 from a Digital Forensics' Perspective},
  publisher = {Springer},
  address   = {Berlin},
  year      = {2011},
  language  = {en}
}
@article{FrauenrathHezelRenzetal.2010,
  author    = {Frauenrath, Tobias and Hezel, Fabian and Renz, Wolfgang and de Geyer d'Orth, Thibaut and Dieringer, Matthias and von Knobelsdorf-Brenkenhoff, Florian and Prothmann, Marcel and Schulz-Menger, Jeanette and Niendorf, Thoralf},
  title     = {Acoustic cardiac triggering: a practical solution for synchronization and gating of cardiovascular magnetic resonance at 7 Tesla},
  series = {Journal of Cardiovascular Magnetic Resonance},
  volume    = {12},
  journal   = {Journal of Cardiovascular Magnetic Resonance},
  number    = {1},
  publisher = {Elsevier},
  address   = {Amsterdam},
  issn      = {1532-429X},
  doi       = {10.1186/1532-429X-12-67},
  year      = {2010},
  abstract  = {Background To demonstrate the applicability of acoustic cardiac triggering (ACT) for imaging of the heart at ultrahigh magnetic fields (7.0 T) by comparing phonocardiogram, conventional vector electrocardiogram (ECG) and traditional pulse oximetry (POX) triggered 2D CINE acquisitions together with (i) a qualitative image quality analysis, (ii) an assessment of the left ventricular function parameter and (iii) an examination of trigger reliability and trigger detection variance derived from the signal waveforms. Results ECG was susceptible to severe distortions at 7.0 T. POX and ACT provided waveforms free of interferences from electromagnetic fields or from magneto-hydrodynamic effects. Frequent R-wave mis-registration occurred in ECG-triggered acquisitions with a failure rate of up to 30\% resulting in cardiac motion induced artifacts. ACT and POX triggering produced images free of cardiac motion artefacts. ECG showed a severe jitter in the R-wave detection. POX also showed a trigger jitter of approximately Δt = 72 ms which is equivalent to two cardiac phases. ACT showed a jitter of approximately Δt = 5 ms only. ECG waveforms revealed a standard deviation for the cardiac trigger offset larger than that observed for ACT or POX waveforms. Image quality assessment showed that ACT substantially improved image quality as compared to ECG (image quality score at end-diastole: ECG = 1.7 ± 0.5, ACT = 2.4 ± 0.5, p = 0.04) while the comparison between ECG vs. POX gated acquisitions showed no significant differences in image quality (image quality score: ECG = 1.7 ± 0.5, POX = 2.0 ± 0.5, p = 0.34). Conclusions The applicability of acoustic triggering for cardiac CINE imaging at 7.0 T was demonstrated. ACT's trigger reliability and fidelity are superior to that of ECG and POX. ACT promises to be beneficial for cardiovascular magnetic resonance at ultra-high field strengths including 7.0 T.},
  language  = {en}
}
@inproceedings{ChajanSchulteTiggesRekeetal.2021,
  author    = {Chajan, Eduard and Schulte-Tigges, Joschua and Reke, Michael and Ferrein, Alexander and Matheis, Dominik and Walter, Thomas},
  title     = {GPU based model-predictive path control for self-driving vehicles},
  series = {IEEE Intelligent Vehicles Symposium (IV)},
  booktitle = {IEEE Intelligent Vehicles Symposium (IV)},
  publisher = {IEEE},
  address   = {New York, NY},
  isbn      = {978-1-7281-5394-0},
  doi       = {10.1109/IV48863.2021.9575619},
  pages     = {1243 -- 1248},
  year      = {2021},
  abstract  = {One central challenge for self-driving cars is a proper path-planning. Once a trajectory has been found, the next challenge is to accurately and safely follow the precalculated path. The model-predictive controller (MPC) is a common approach for the lateral control of autonomous vehicles. The MPC uses a vehicle dynamics model to predict the future states of the vehicle for a given prediction horizon. However, in order to achieve real-time path control, the computational load is usually large, which leads to short prediction horizons. To deal with the computational load, the control algorithm can be parallelized on the graphics processing unit (GPU). In contrast to the widely used stochastic methods, in this paper we propose a deterministic approach based on grid search. Our approach focuses on systematically discovering the search area with different levels of granularity. To achieve this, we split the optimization algorithm into multiple iterations. The best sequence of each iteration is then used as an initial solution to the next iteration. The granularity increases, resulting in smooth and predictable steering angle sequences. We present a novel GPU-based algorithm and show its accuracy and realtime abilities with a number of real-world experiments.},
  language  = {en}
}
@article{MausHoefkenSchuba2011,
  author    = {Maus, Stefan and H{\"o}fken, Hans-Wilhelm and Schuba, Marko},
  title     = {Forensic Analysis of Geodata in Android Smartphones},
  pages     = {1 -- 11},
  year      = {2011},
  language  = {en}
}
@inproceedings{SchwankeHoefkenSchuba2017,
  author    = {Schwanke, Peter and H{\"o}fken, Hans-Wilhelm and Schuba, Marko},
  title     = {Security Analysis of the ADS Protocol of a Beckhoff CX2020 PLC},
  pages     = {1 -- 5},
  year      = {2017},
  abstract  = {ICSs (Industrial Control Systems) and its subset SCADA systems (Supervisory Control and Data Acquisition) are getting exposed to a constant stream of new threats. The increasing importance of IT security in ICS requires viable methods to assess the security of ICS, its individual components, and its protocols. This paper presents a security analysis with focus on the communication protocols of a single PLC (Programmable Logic Controller). The PLC, a Beckhoff CX2020, is examined and new vulnerabilities of the system are revealed. Based on these findings recommendations are made to improve security of the Beckhoff system and its protocols.},
  language  = {en}
}