@inproceedings{BraunHoefkenSchubaetal.2015, author = {Braun, Sebastian and H{\"o}fken, Hans-Wilhelm and Schuba, Marko and Breuer, Michael}, title = {Forensische Sicherung von DSLRoutern}, series = {Proceedings of D-A-CH Security 2015. St. Augustin 8. und 9. September 2015}, booktitle = {Proceedings of D-A-CH Security 2015. St. Augustin 8. und 9. September 2015}, pages = {11 S.}, year = {2015}, language = {de} } @inproceedings{BroennerHoefkenSchuba2016, author = {Broenner, Simon and H{\"o}fken, Hans-Wilhelm and Schuba, Marko}, title = {Streamlining extraction and analysis of android RAM images}, series = {Proceedings of the 2nd international conference on information systems security and privacy}, booktitle = {Proceedings of the 2nd international conference on information systems security and privacy}, organization = {ICISSP International Conference on Information Systems Security and Privacy <2, 2016, Rome, Italy>}, isbn = {978-989-758-167-0}, doi = {10.5220/0005652802550264}, pages = {255 -- 264}, year = {2016}, language = {en} } @inproceedings{ChristianMontagSchubaetal.2018, author = {Christian, Esser and Montag, Tim and Schuba, Marko and Allhof, Manuel}, title = {Future critical infrastructure and security - cyberattacks on charging stations}, series = {31st International Electric Vehicle Symposium \& Exhibition and International Electric Vehicle Technology Conference (EVS31 \& EVTeC 2018)}, booktitle = {31st International Electric Vehicle Symposium \& Exhibition and International Electric Vehicle Technology Conference (EVS31 \& EVTeC 2018)}, publisher = {Society of Automotive Engineers of Japan (JSAE)}, address = {Tokyo}, isbn = {978-1-5108-9157-9}, pages = {665 -- 671}, year = {2018}, language = {en} } @article{ClaessensFuchsbergerGuentheretal.2003, author = {Claessens, J. and Fuchsberger, A. and G{\"u}nther, C. and Horn, G. and Howker, K. and Hulsebosch, R.J. and Mitchell, C. and Paterson, K. and Preneel, B. and Schellekens, D. and Schuba, Marko}, title = {Pioneering Advanced Mobile Privacy and Security}, pages = {1 -- 17}, year = {2003}, language = {en} } @incollection{EnglaenderKaminskiSchuba2022, author = {Engl{\"a}nder, Jacques and Kaminski, Lars and Schuba, Marko}, title = {Informationssicherheitsmanagement}, series = {Digitalisierungs- und Informationsmanagement}, booktitle = {Digitalisierungs- und Informationsmanagement}, publisher = {Springer Vieweg}, address = {Berlin}, isbn = {978-3-662-63757-9}, doi = {10.1007/978-3-662-63758-6_15}, pages = {373 -- 398}, year = {2022}, abstract = {Daten und Informationen sind die wichtigsten Ressourcen vieler Unternehmen und m{\"u}ssen daher entsprechend gesch{\"u}tzt werden. Getrieben durch die erh{\"o}hte Vernetzung von Informationstechnologie, die h{\"o}here Offenheit infolge datengetriebener Dienstleistungen und eine starke Zunahme an Datenquellen, r{\"u}cken die Gefahren von Informationsdiebstahl, -manipulation und -verlust in den Fokus von produzierenden Unternehmen. Auf dem Weg zum lern- und wandlungsf{\"a}higen Unternehmen kann dies zu einem großen Hindernis werden, da einerseits zu hohe Sicherheitsanforderungen neue Entwicklungen beschr{\"a}nken, andererseits wegen des Mangels an ausreichenden Informationssicherheitskonzepten Unternehmen weniger Innovationen wagen. Deshalb bedarf es individuell angepasster Konzepte f{\"u}r die Bereiche IT-Security, IT-Safety und Datenschutz f{\"u}r vernetzte Produkte, Produktion und Arbeitspl{\"a}tze. Bei der Entwicklung und Durchsetzung dieser Konzepte steht der Faktor Mensch im Zentrum aller {\"U}berlegungen. In diesem Kapitel wird dargestellt, wie der Faktor Mensch bei der Erstellung von Informationssicherheitskonzepten in verschiedenen Phasen zu beachten ist. Beginnend mit der Integration von Informationssystemen und damit verbundenen Sicherheitsmaßnahmen, {\"u}ber die Administration, bis hin zur Anwendung durch den Endnutzer, werden Methoden beschrieben, die den Menschen, verbunden mit seinem Mehrwert wie auch den Risiken, einschließen. Dabei werden sowohl Grundlagen aufgezeigt als auch Konzepte vorgestellt, mit denen Entscheider in der Unternehmens-IT Leitlinien f{\"u}r die Informationssicherheit festlegen k{\"o}nnen.}, language = {de} } @book{GalleyMinoggioSchubaetal.2016, author = {Galley, Birgit and Minoggio, Ingo and Schuba, Marko and Bischoff, Barbara and H{\"o}fken, Hans-Wilhelm}, title = {Unternehmenseigene Ermittlungen : Recht - Kriminalistik - IT}, publisher = {Erich Schmidt Verlag}, address = {Berlin}, isbn = {978-3-503-16531-5}, pages = {XIII, 372 S.}, year = {2016}, language = {de} } @inproceedings{GranatHoefkenSchuba2017, author = {Granat, Andreas and H{\"o}fken, Hans-Wilhelm and Schuba, Marko}, title = {Intrusion Detection of the ICS Protocol EtherCAT}, pages = {1 -- 5}, year = {2017}, abstract = {Control mechanisms like Industrial Controls Systems (ICS) and its subgroup SCADA (Supervisory Control and Data Acquisition) are a prerequisite to automate industrial processes. While protection of ICS on process management level is relatively straightforward - well known office IT security mechanisms can be used - protection on field bus level is harder to achieve as there are real-time and production requirements like 24x7 to consider. One option to improve security on field bus level is to introduce controls that help to detect and to react on attacks. This paper introduces an initial set of intrusion detection mechanisms for the field bus protocol EtherCAT. To this end existing Ethernet attack vectors including packet injection and man-in-the-middle attacks are tested in an EtherCAT environment, where they could interrupt the EtherCAT network and may even cause physical damage. Based on the signatures of such attacks, a preprocessor and new rule options are defined for the open source intrusion detection system Snort demonstrating the general feasibility of intrusion detection on field bus level.}, language = {en} } @article{HulseboschGuentherHornetal.2004, author = {Hulsebosch, R. J. and G{\"u}nther, C. and Horn, C. and Holtmanns, S. and Howker, K. and Paterson, K. and Claessens, J. and Schuba, Marko}, title = {Pioneering Advanced Mobile Privacy and Security}, series = {Security for mobility}, journal = {Security for mobility}, editor = {Mitchell, Chris J.}, publisher = {Institution of Electrical Engineers}, address = {London}, isbn = {9781849190886}, doi = {10.1049/PBTE051E_ch}, pages = {383 -- 432}, year = {2004}, language = {en} } @article{KoenigVoelkerWolfetal.2016, author = {K{\"o}nig, Johannes Alexander and V{\"o}lker, Veronika and Wolf, Martin and Schuba, Marko}, title = {Gamified Hacking Offence Simulation-based Training (GHOST)}, series = {Crisis Prevention}, volume = {2016}, journal = {Crisis Prevention}, number = {3}, publisher = {Beta}, address = {Bonn}, pages = {44 -- 46}, year = {2016}, language = {de} } @inproceedings{KueppersSchubaNeugebaueretal.2023, author = {K{\"u}ppers, Malte and Schuba, Marko and Neugebauer, Georg and H{\"o}ner, Tim and Hack, Sacha}, title = {Security analysis of the KNX smart building protocol}, series = {ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security}, booktitle = {ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security}, publisher = {ACM}, doi = {10.1145/3600160.3605167}, pages = {1 -- 7}, year = {2023}, abstract = {KNX is a protocol for smart building automation, e.g., for automated heating, air conditioning, or lighting. This paper analyses and evaluates state-of-the-art KNX devices from manufacturers Merten, Gira and Siemens with respect to security. On the one hand, it is investigated if publicly known vulnerabilities like insecure storage of passwords in software, unencrypted communication, or denialof-service attacks, can be reproduced in new devices. On the other hand, the security is analyzed in general, leading to the discovery of a previously unknown and high risk vulnerability related to so-called BCU (authentication) keys.}, language = {en} }