@article{Schuba1997, author = {Schuba, Marko}, title = {A Performance Evaluation of Connectionless Overlay Networks for ATM}, series = {INFOCOM ´97. Sixteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings Vol. 1}, journal = {INFOCOM ´97. Sixteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings Vol. 1}, isbn = {0-8186-7780-5}, pages = {152 -- 158}, year = {1997}, language = {en} } @article{SchubaReichl1998, author = {Schuba, Marko and Reichl, Peter}, title = {An Analysis of Retransmission Strategies for Reliable Multicast Protocols / Schuba, M. ; Reichl, P.}, series = {Performance of information and communication systems : IFIP TC 6,WG 6.3 Seventh International Conference on Performance of Information and Communication Systems (PICS '98), 25 - 28 May, Lund, Sweden / ed. by Ulf K{\"o}rner ...}, journal = {Performance of information and communication systems : IFIP TC 6,WG 6.3 Seventh International Conference on Performance of Information and Communication Systems (PICS '98), 25 - 28 May, Lund, Sweden / ed. by Ulf K{\"o}rner ...}, publisher = {Chapman Hall}, address = {London}, isbn = {0-412-83730-7}, pages = {1 -- 12}, year = {1998}, language = {en} } @inproceedings{SchubaHoefkenLinzbach2022, author = {Schuba, Marko and H{\"o}fken, Hans-Wilhelm and Linzbach, Sophie}, title = {An ICS Honeynet for Detecting and Analyzing Cyberattacks in Industrial Plants}, series = {2021 International Conference on Electrical, Computer and Energy Technologies (ICECET)}, booktitle = {2021 International Conference on Electrical, Computer and Energy Technologies (ICECET)}, publisher = {IEEE}, isbn = {978-1-6654-4231-2}, doi = {10.1109/ICECET52533.2021.9698746}, pages = {6 Seiten}, year = {2022}, abstract = {Cybersecurity of Industrial Control Systems (ICS) is an important issue, as ICS incidents may have a direct impact on safety of people or the environment. At the same time the awareness and knowledge about cybersecurity, particularly in the context of ICS, is alarmingly low. Industrial honeypots offer a cheap and easy to implement way to raise cybersecurity awareness and to educate ICS staff about typical attack patterns. When integrated in a productive network, industrial honeypots may not only reveal attackers early but may also distract them from the actual important systems of the network. Implementing multiple honeypots as a honeynet, the systems can be used to emulate or simulate a whole Industrial Control System. This paper describes a network of honeypots emulating HTTP, SNMP, S7communication and the Modbus protocol using Conpot, IMUNES and SNAP7. The nodes mimic SIMATIC S7 programmable logic controllers (PLCs) which are widely used across the globe. The deployed honeypots' features will be compared with the features of real SIMATIC S7 PLCs. Furthermore, the honeynet has been made publicly available for ten days and occurring cyberattacks have been analyzed}, language = {en} } @article{Schuba1999, author = {Schuba, Marko}, title = {Analyse der Antwortzeit von zuverl{\"a}ssigen Multicast-Protokollen im Internet}, series = {Multicast - Protokolle und Anwendungen : 20. - 21. Mai 1999, Braunschweig; 1. GI-Workshop / [Workshop-Leitung: Martina Zitterbart ...]}, journal = {Multicast - Protokolle und Anwendungen : 20. - 21. Mai 1999, Braunschweig; 1. GI-Workshop / [Workshop-Leitung: Martina Zitterbart ...]}, address = {Braunschweig}, pages = {1 -- 14}, year = {1999}, language = {en} } @article{Schuba1999, author = {Schuba, Marko}, title = {Analysis of Feedback Error Control Schemes for Block Based Video Communication / Meggers, Jens ; Schuba, Marko}, year = {1999}, language = {en} } @inproceedings{StoebeHoefkenSchubaetal.2013, author = {St{\"o}be, Rolf and H{\"o}fken, Hans-Wilhelm and Schuba, Marko and Breuer, Michael}, title = {Artificial ageing of mobile devices using a simulated GSM/GPRS network}, series = {Eighth International Conference on Availability, Reliability and Security (ARES) : 2-6 Sept. 2013, Regensburg}, booktitle = {Eighth International Conference on Availability, Reliability and Security (ARES) : 2-6 Sept. 2013, Regensburg}, publisher = {IEEE}, pages = {493 -- 497}, year = {2013}, language = {en} } @article{SchubaHoefken2012, author = {Schuba, Marko and H{\"o}fken, Hans}, title = {Backtrack5: Datensammlung und Reporterstellung f{\"u}r Pentester mit MagicTree / H{\"o}fken, Hans ; Schuba, Marko}, series = {Hakin9. 73 (2012), H. 3}, journal = {Hakin9. 73 (2012), H. 3}, publisher = {-}, isbn = {1733-7186}, pages = {12 -- 16}, year = {2012}, language = {de} } @article{SerrorHackHenzeetal.2021, author = {Serror, Martin and Hack, Sacha and Henze, Martin and Schuba, Marko and Wehrle, Klaus}, title = {Challenges and Opportunities in Securing the Industrial Internet of Things}, series = {IEEE Transactions on Industrial Informatics}, volume = {17}, journal = {IEEE Transactions on Industrial Informatics}, number = {5}, publisher = {IEEE}, address = {New York}, issn = {1941-0050}, doi = {10.1109/TII.2020.3023507}, pages = {2985 -- 2996}, year = {2021}, language = {en} } @inproceedings{LindenlaufHoefkenSchuba2015, author = {Lindenlauf, Simon and H{\"o}fken, Hans-Wilhelm and Schuba, Marko}, title = {Cold Boot Attacks on DDR2 and DDR3 SDRAM}, series = {10th International Conference on Availability, Reliability and Security (ARES) 2015}, booktitle = {10th International Conference on Availability, Reliability and Security (ARES) 2015}, doi = {10.1109/ARES.2015.28}, pages = {287 -- 292}, year = {2015}, language = {en} } @incollection{SchubaHoefken2022, author = {Schuba, Marko and H{\"o}fken, Hans-Wilhelm}, title = {Cybersicherheit in Produktion, Automotive und intelligenten Geb{\"a}uden}, series = {IT-Sicherheit - Technologien und Best Practices f{\"u}r die Umsetzung im Unternehmen}, booktitle = {IT-Sicherheit - Technologien und Best Practices f{\"u}r die Umsetzung im Unternehmen}, publisher = {Carl Hanser Verlag}, address = {M{\"u}nchen}, isbn = {978-3-446-47223-5}, doi = {10.3139/9783446473478.012}, pages = {193 -- 218}, year = {2022}, language = {de} } @inproceedings{NethSchubaBrodkorbetal.2023, author = {Neth, Jannik and Schuba, Marko and Brodkorb, Karsten and Neugebauer, Georg and H{\"o}ner, Tim and Hack, Sacha}, title = {Digital forensics triage app for android}, series = {ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security}, booktitle = {ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security}, publisher = {ACM}, isbn = {9798400707728}, doi = {10.1145/3600160.3605017}, pages = {6 Seiten}, year = {2023}, abstract = {Digital forensics of smartphones is of utmost importance in many criminal cases. As modern smartphones store chats, photos, videos etc. that can be relevant for investigations and as they can have storage capacities of hundreds of gigabytes, they are a primary target for forensic investigators. However, it is exactly this large amount of data that is causing problems: extracting and examining the data from multiple phones seized in the context of a case is taking more and more time. This bears the risk of wasting a lot of time with irrelevant phones while there is not enough time left to analyze a phone which is worth examination. Forensic triage can help in this case: Such a triage is a preselection step based on a subset of data and is performed before fully extracting all the data from the smartphone. Triage can accelerate subsequent investigations and is especially useful in cases where time is essential. The aim of this paper is to determine which and how much data from an Android smartphone can be made directly accessible to the forensic investigator - without tedious investigations. For this purpose, an app has been developed that can be used with extremely limited storage of data in the handset and which outputs the extracted data immediately to the forensic workstation in a human- and machine-readable format.}, language = {en} } @article{SchubaWrona1999, author = {Schuba, Marko and Wrona, Konrad}, title = {Electronic Commerce Transactions in a Wireless Environment / Schuba, Marko. ; Wrona, Konrad}, pages = {1 -- 9}, year = {1999}, language = {en} } @article{MausHoefkenSchuba2011, author = {Maus, Stefan and H{\"o}fken, Hans-Wilhelm and Schuba, Marko}, title = {Forensic Analysis of Geodata in Android Smartphones}, pages = {1 -- 11}, year = {2011}, language = {en} } @inproceedings{BraunHoefkenSchubaetal.2015, author = {Braun, Sebastian and H{\"o}fken, Hans-Wilhelm and Schuba, Marko and Breuer, Michael}, title = {Forensische Sicherung von DSLRoutern}, series = {Proceedings of D-A-CH Security 2015. St. Augustin 8. und 9. September 2015}, booktitle = {Proceedings of D-A-CH Security 2015. St. Augustin 8. und 9. September 2015}, pages = {11 S.}, year = {2015}, language = {de} } @inproceedings{ChristianMontagSchubaetal.2018, author = {Christian, Esser and Montag, Tim and Schuba, Marko and Allhof, Manuel}, title = {Future critical infrastructure and security - cyberattacks on charging stations}, series = {31st International Electric Vehicle Symposium \& Exhibition and International Electric Vehicle Technology Conference (EVS31 \& EVTeC 2018)}, booktitle = {31st International Electric Vehicle Symposium \& Exhibition and International Electric Vehicle Technology Conference (EVS31 \& EVTeC 2018)}, publisher = {Society of Automotive Engineers of Japan (JSAE)}, address = {Tokyo}, isbn = {978-1-5108-9157-9}, pages = {665 -- 671}, year = {2018}, language = {en} } @article{KoenigVoelkerWolfetal.2016, author = {K{\"o}nig, Johannes Alexander and V{\"o}lker, Veronika and Wolf, Martin and Schuba, Marko}, title = {Gamified Hacking Offence Simulation-based Training (GHOST)}, series = {Crisis Prevention}, volume = {2016}, journal = {Crisis Prevention}, number = {3}, publisher = {Beta}, address = {Bonn}, pages = {44 -- 46}, year = {2016}, language = {de} } @article{SchubaReichlHoff1997, author = {Schuba, Marko and Reichl, Peter and Hoff, Simon}, title = {How to Model Complex Periodic Traffic with TES / Reichl, Peter ; Schuba, Marko ; Hoff, Simon}, series = {Proc. of 13th United Kingdom Workshop on Performance Engineering, Edinburgh, UK, July 1997}, journal = {Proc. of 13th United Kingdom Workshop on Performance Engineering, Edinburgh, UK, July 1997}, pages = {17/1 -- 17/11}, year = {1997}, language = {en} } @article{SchubaReichl1996, author = {Schuba, Marko and Reichl, Peter}, title = {How to Place Connectionless Servers in ATM Networks / Schuba, Marko ; Reichl, Peter}, series = {Proc. of Fourth IFIP Workshop on Performance Modelling and Evaluation of ATM Networks}, journal = {Proc. of Fourth IFIP Workshop on Performance Modelling and Evaluation of ATM Networks}, pages = {09/1 -- 09/10}, year = {1996}, language = {en} } @inproceedings{BonneyHoefkenPaffenetal.2015, author = {Bonney, Gregor and H{\"o}fken, Hans-Wilhelm and Paffen, Benedikt and Schuba, Marko}, title = {ICS/SCADA Security - Analysis of a Beckhoff CX5020 PLC}, series = {1st International Conference on Information Systems Security and Privacy : ICISSP 2015}, booktitle = {1st International Conference on Information Systems Security and Privacy : ICISSP 2015}, organization = {International Conference on Information Systems Security and Privacy <1, 2015, Angers>}, pages = {1 -- 6}, year = {2015}, language = {en} } @incollection{EnglaenderKaminskiSchuba2022, author = {Engl{\"a}nder, Jacques and Kaminski, Lars and Schuba, Marko}, title = {Informationssicherheitsmanagement}, series = {Digitalisierungs- und Informationsmanagement}, booktitle = {Digitalisierungs- und Informationsmanagement}, publisher = {Springer Vieweg}, address = {Berlin}, isbn = {978-3-662-63757-9}, doi = {10.1007/978-3-662-63758-6_15}, pages = {373 -- 398}, year = {2022}, abstract = {Daten und Informationen sind die wichtigsten Ressourcen vieler Unternehmen und m{\"u}ssen daher entsprechend gesch{\"u}tzt werden. Getrieben durch die erh{\"o}hte Vernetzung von Informationstechnologie, die h{\"o}here Offenheit infolge datengetriebener Dienstleistungen und eine starke Zunahme an Datenquellen, r{\"u}cken die Gefahren von Informationsdiebstahl, -manipulation und -verlust in den Fokus von produzierenden Unternehmen. Auf dem Weg zum lern- und wandlungsf{\"a}higen Unternehmen kann dies zu einem großen Hindernis werden, da einerseits zu hohe Sicherheitsanforderungen neue Entwicklungen beschr{\"a}nken, andererseits wegen des Mangels an ausreichenden Informationssicherheitskonzepten Unternehmen weniger Innovationen wagen. Deshalb bedarf es individuell angepasster Konzepte f{\"u}r die Bereiche IT-Security, IT-Safety und Datenschutz f{\"u}r vernetzte Produkte, Produktion und Arbeitspl{\"a}tze. Bei der Entwicklung und Durchsetzung dieser Konzepte steht der Faktor Mensch im Zentrum aller {\"U}berlegungen. In diesem Kapitel wird dargestellt, wie der Faktor Mensch bei der Erstellung von Informationssicherheitskonzepten in verschiedenen Phasen zu beachten ist. Beginnend mit der Integration von Informationssystemen und damit verbundenen Sicherheitsmaßnahmen, {\"u}ber die Administration, bis hin zur Anwendung durch den Endnutzer, werden Methoden beschrieben, die den Menschen, verbunden mit seinem Mehrwert wie auch den Risiken, einschließen. Dabei werden sowohl Grundlagen aufgezeigt als auch Konzepte vorgestellt, mit denen Entscheider in der Unternehmens-IT Leitlinien f{\"u}r die Informationssicherheit festlegen k{\"o}nnen.}, language = {de} }