TY - BOOK A1 - Schuba, Marko A1 - Linnhoff-Popien, Claudia A1 - Reichl, Peter A1 - Schuba, Marko T1 - Systemprogrammierung : Skript zur Vorlesung an der RWTH Aachen / Otto Spaniol ... Y1 - 1996 SN - 3-86073-470-9 N1 - Aachener Beiträge zur Informatik ; 14 PB - Verl. der Augustinus-Buchh. CY - Aachen ER - TY - BOOK A1 - Schuba, Marko A1 - Schuba, Marko A1 - Reichl, Peter A1 - Schneider, Gaby T1 - Lokale Netze - Skript zur Vorlesung an der RWTH Aachen / Spaniol, Otto, Y1 - 1998 SN - 3-86073-721-X N1 - Aachener Beiträge zur Informatik ; 25 PB - Mainz CY - Aachen ER - TY - JOUR A1 - Hulsebosch, R. J. A1 - Günther, C. A1 - Horn, C. A1 - Holtmanns, S. A1 - Howker, K. A1 - Paterson, K. A1 - Claessens, J. A1 - Schuba, Marko ED - Mitchell, Chris J. T1 - Pioneering Advanced Mobile Privacy and Security JF - Security for mobility Y1 - 2004 SN - 9781849190886 U6 - http://dx.doi.org/10.1049/PBTE051E_ch N1 - IEE telecommunications series ; 51 SP - 383 EP - 432 PB - Institution of Electrical Engineers CY - London ER - TY - JOUR A1 - Schuba, Marko A1 - Gerstenberger, Volker A1 - Lahaije, Paul T1 - Internet ID – Flexible Reuse of Mobile Phone Authentication Security for Service Access / Schuba, Marko ; Gerstenberger, Volker, ; Lahaije, Paul Y1 - 2004 N1 - Nordsec 2004, Helsinki ; Nordic Workshop on Secure IT-systems <9, 2004> SP - 1 EP - 7 ER - TY - JOUR A1 - Schuba, Marko A1 - Hermanns, Oliver T1 - Modellierung von Multicastmechanismen zur Unterstützung von Gruppenkommunikation / Schuba, Marko ; Hermanns, Oliver JF - Neue Konzepte für die offene verteilte Verarbeitung : Tagungsband des 1. Arbeitstreffens an der RWTH Aachen, 5. September 1994 / Hrsg. des Bd.: Claudia Popien und Bernd Meyer Y1 - 1994 SN - 3-86073-143-2 N1 - Aachener Beiträge zur Informatik ; 7 SP - 137 EP - 147 PB - Verl. der Augustinus-Buchh. CY - Aachen ER - TY - BOOK A1 - Schuba, Marko A1 - Spaniol, Otto A1 - Linnhoff-Popien, Claudia T1 - Rechnerstrukturen : Skript zur Vorlesung an der RWTH Aachen / Spaniol, Otto ; Linnhoff-Popien, Claudia ; Schuba, Marko Y1 - 1995 SN - 3-86073-147-5 N1 - Aachener Beiträge zur Informatik ; 11 PB - Verl. der Augustinus-Buchh. CY - Aachen ER - TY - JOUR A1 - Schuba, Marko A1 - Hermanns, Oliver T1 - Performance Investigations of the IP Multicast Architecture / Hermanns, Oliver ; Schuba, Marko JF - Performance of the IP Multicast Achitecture . Proceedings JENC 6. Proceedings of the 6th Joint European Networking Conference, Tel Aviv Y1 - 1995 N1 - Reprinted in Computer Networks and ISDN Systems 28 pp 429-439, 1996 SP - 121-1 EP - 121-8 ER - TY - JOUR A1 - Schuba, Marko A1 - Reichl, Peter T1 - How to Place Connectionless Servers in ATM Networks / Schuba, Marko ; Reichl, Peter JF - Proc. of Fourth IFIP Workshop on Performance Modelling and Evaluation of ATM Networks Y1 - 1996 N1 - Fourth IFIP Workshop on Performance Modelling and Evaluation of ATM Networks, Ilkley, West Yorkshire, U.K., July 1996 SP - 09/1 EP - 09/10 ER - TY - JOUR A1 - Schuba, Marko T1 - Analyse der Antwortzeit von zuverlässigen Multicast-Protokollen im Internet JF - Multicast - Protokolle und Anwendungen : 20. - 21. Mai 1999, Braunschweig; 1. GI-Workshop / [Workshop-Leitung: Martina Zitterbart ...] Y1 - 1999 SP - 1 EP - 14 CY - Braunschweig ER - TY - JOUR A1 - Schuba, Marko T1 - Performance Analysis of Reliable Multicast Mechanisms for Widely Spread Distributed Applications in the Internet JF - International Conference on Parallel and Distributed Processing Techniques and Applications : PDPTA '99 ; June 28 - July 1, 1999, Las Vegas, Nevada, USA / ed.: Hamid R. Arabnia Y1 - 1999 SN - 1892512157 SP - 1 EP - 7 ER - TY - BOOK A1 - Schuba, Marko T1 - Skalierbare und zuverlässige Multicast-Kommunikation im Internet Y1 - 1999 SN - 3-8265-6289-5 N1 - Zugl.: Aachen, Techn. Hochsch., Diss., 1999 PB - Shaker CY - Aachen ER - TY - JOUR A1 - Schuba, Marko A1 - Wrona, Konrad T1 - Electronic Commerce Transactions in a Wireless Environment / Schuba, Marko. ; Wrona, Konrad Y1 - 1999 N1 - IWTEC ´99 SP - 1 EP - 9 ER - TY - JOUR A1 - Schuba, Marko A1 - Haverkort, Boudewijn R. A1 - Schneider, Gaby T1 - Performance evaluation of multicast communication in packet-switched networks / Schuba, Marko ; Haverkort, Boudewijn R. ; Schneider, Gaby JF - Performance Evaluation. 39 (2000), H. 1-4 Y1 - 2000 SN - 0166-5316 N1 - http://dx.doi.org/10.1016/S0166-5316(99)00058-9 SP - 61 EP - 80 ER - TY - JOUR A1 - Schuba, Marko A1 - Wrona, Konrad T1 - Mobile Chip Electronic Commerce: Enabling Credit Card Payment for Mobile Devices / Schuba, Marko ; Wrona, Konrad Y1 - 2000 N1 - eBiz2000 Specialist Conference @ CommunicAsia2000, Singapore, June 2000 SP - 1 EP - 6 ER - TY - JOUR A1 - Schuba, Marko A1 - Wrona, Konrad T1 - Security for Mobile Commerce Applications / Schuba, Marko ; Wrona, Konrad Y1 - 2001 N1 - Multimedia, Internet, Video Technologies 2001 (MIV 2001), Malta, September 1-6, 2001 ; WSEAS Conference ; World Scientific and Engineering Academy and Society SP - 1 EP - 8 ER - TY - JOUR A1 - Schuba, Marko A1 - Wrona, Konrad A1 - Zavagli, Guido T1 - Mobile Payments - State of the Art and Open Problems / Wrona, Konrad ; Schuba, Marko ; Zavagli, Guido JF - Electronic commerce : second international workshop ; proceedings / WELCOM 2001, Heidelberg, Germany, November 16-17, 2001. Ludger Fiege ... (ed.) Y1 - 2001 SN - 978-3-540-42878-7 N1 - Lecture Notes in Computer Science ; 2232 SP - 88 EP - 100 PB - Springer CY - Berlin ER - TY - JOUR A1 - Schuba, Marko A1 - Busboom, Axel A1 - Herwono, Ian A1 - Zavagli, Guido T1 - Unambiguous Device Identification and Fast Connection Setup in Bluetooth / Busboom, Axel ; Herwono, Ian ; Schuba, Marko ; Zavagli, Guido JF - European wireless 2002 : next generation wireless networks: technologies, protocols, services and applications ; technical sessions: 26 - 28 February 2002, tutorials: 25 February 2002, Centro Affari, Florence, Italy ; proceedings / sponsored by EUREL ... General chair: Luciano Lenzini Y1 - 2002 SP - 1 EP - 5 ER - TY - JOUR A1 - Claessens, J. A1 - Fuchsberger, A. A1 - Günther, C. A1 - Horn, G. A1 - Howker, K. A1 - Hulsebosch, R.J. A1 - Mitchell, C. A1 - Paterson, K. A1 - Preneel, B. A1 - Schellekens, D. A1 - Schuba, Marko T1 - Pioneering Advanced Mobile Privacy and Security Y1 - 2003 N1 - electronic proceedings of the 18th IFIP International Information Security Conference, Athens, Greece, May 2003 SP - 1 EP - 17 ER - TY - JOUR A1 - Schuba, Marko T1 - A Performance Evaluation of Connectionless Overlay Networks for ATM JF - INFOCOM ´97. Sixteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings Vol. 1 Y1 - 1997 SN - 0-8186-7780-5 N1 - http://www.schuba.fh-aachen.de/papers/97-INFOCOM.pdf SP - 152 EP - 158 ER - TY - JOUR A1 - Schuba, Marko A1 - Reichl, Peter A1 - Hoff, Simon T1 - How to Model Complex Periodic Traffic with TES / Reichl, Peter ; Schuba, Marko ; Hoff, Simon JF - Proc. of 13th United Kingdom Workshop on Performance Engineering, Edinburgh, UK, July 1997 Y1 - 1997 SP - 17/1 EP - 17/11 ER - TY - JOUR A1 - Schuba, Marko A1 - Reichl, Peter T1 - On large-scale reliable multicast protocols / Schuba, M. ; Reichl, P. JF - 6th IEE Conference on Telecommunications Y1 - 1998 SN - 0-85296-700-4 N1 - Conf. Publ. No. 451 SP - 133 EP - 137 ER - TY - JOUR A1 - Schuba, Marko A1 - Reichl, Peter T1 - An Analysis of Retransmission Strategies for Reliable Multicast Protocols / Schuba, M. ; Reichl, P. JF - Performance of information and communication systems : IFIP TC 6,WG 6.3 Seventh International Conference on Performance of Information and Communication Systems (PICS '98), 25 - 28 May, Lund, Sweden / ed. by Ulf Körner ... Y1 - 1998 SN - 0-412-83730-7 SP - 1 EP - 12 PB - Chapman Hall CY - London ER - TY - JOUR A1 - Schuba, Marko T1 - SRMT-a scalable and reliable multicast transport protocol JF - IEEE International Conference on Communications, 1998. ICC 98. Vol. 1 Y1 - 1998 SN - 0-7803-4788-9 SP - 612 EP - 616 ER - TY - JOUR A1 - Schuba, Marko A1 - Schneider, Gaby A1 - Haverkort, Boudewijn R. T1 - QNA-MC: A Performance Evaluation Tool for Communication Networks with Multicast Data Streams / Schneider, G. ; Schuba, M. ; Haverkort, B. R. JF - Computer Performance Evaluation - Modelling Techniques and Tools / Puigjaner, Ramon (eds.) Y1 - 1998 SN - 3-540-64949-2 N1 - Lecture notes in computer science ; 1469 SP - 105 EP - 116 PB - Springer CY - Berlin ER - TY - JOUR A1 - Schuba, Marko A1 - Spaniol, Otto T1 - Interconnection of Local Area Networks via ATM / Spaniol, Otto ; Schuba, Marko JF - High performance networks for multimedia applications / edited by André Danthine ... Y1 - 1999 SN - 0-7923-8274-9 SP - 1 EP - 10 PB - Kluwer Academic Publ. CY - Dordrecht ER - TY - JOUR A1 - Schuba, Marko A1 - Reichl, Peter A1 - Kesdogan, Dogan A1 - Junghärtchen, Klaus T1 - Simulative Performance Evaluation of the Temporary Pseudonym Method for Protecting Location Information in GSM Networks / Reichl, P. ; Kesdogan, D. ; Junghärtchen, K. ; Schuba, M. JF - Computer Performance Evaluation - Modelling Techniques and Tools / Puigjaner, Ramon (eds.) Y1 - 1998 SN - 3-540-64949-2 N1 - Lecture notes in computer science ; 1469 SP - 105 EP - 116 PB - Springer CY - Berlin ER - TY - JOUR A1 - Schuba, Marko T1 - Analysis of Feedback Error Control Schemes for Block Based Video Communication / Meggers, Jens ; Schuba, Marko Y1 - 1999 ER - TY - JOUR A1 - Maus, Stefan A1 - Höfken, Hans-Wilhelm A1 - Schuba, Marko T1 - Forensic Analysis of Geodata in Android Smartphones Y1 - 2011 N1 - Cyberforensics 2011, Glasgow SP - 1 EP - 11 ER - TY - JOUR A1 - Schaefer, Thomas A1 - Höfken, Hans-Wilhelm A1 - Schuba, Marko T1 - Windows Phone 7 from a Digital Forensics’ Perspective Y1 - 2011 N1 - ICDF2C <3, 2011, Dublin> PB - Springer CY - Berlin ER - TY - JOUR A1 - Schuba, Marko A1 - Höfken, H. A1 - Schaefer, T. T1 - Smartphone Forensik JF - Hakin9 : Practical Protection (2012) Y1 - 2012 SN - 1733-7186 SP - 10 EP - 20 PB - - ER - TY - CHAP A1 - Logen, Steffen A1 - Höfken, Hans A1 - Schuba, Marko T1 - Simplifying RAM Forensics : A GUI and Extensions for the Volatility Framework T2 - 2012 Seventh International Conference on Availability, Reliability and Security (ARES), 20-24 August 2012, Prague, Czech Republic N2 - The Volatility Framework is a collection of tools for the analysis of computer RAM. The framework offers a multitude of analysis options and is used by many investigators worldwide. Volatility currently comes with a command line interface only, which might be a hinderer for some investigators to use the tool. In this paper we present a GUI and extensions for the Volatility Framework, which on the one hand simplify the usage of the tool and on the other hand offer additional functionality like storage of results in a database, shortcuts for long Volatility Framework command sequences, and entirely new commands based on correlation of data stored in the database. Y1 - 2012 SN - 978-1-4673-2244-7 U6 - http://dx.doi.org/10.1109/ARES.2012.12 SP - 620 EP - 624 PB - IEEE CY - New York ER - TY - JOUR A1 - Schuba, Marko A1 - Höfken, Hans T1 - Backtrack5: Datensammlung und Reporterstellung für Pentester mit MagicTree / Höfken, Hans ; Schuba, Marko JF - Hakin9. 73 (2012), H. 3 Y1 - 2012 SN - 1733-7186 SP - 12 EP - 16 PB - - ER - TY - CHAP A1 - Schütz, P. A1 - Breuer, M. A1 - Höfken, Hans-Wilhelm A1 - Schuba, Marko T1 - Malware proof on mobile phone exhibits based on GSM/GPRS traces T2 - The Second International Conference on Cyber Security, Cyber Peacefare and Digital Forensic (CyberSec 2013) : 04.03. - 06.03.2013, Kuala Lumpur, Malaysia Y1 - 2013 SN - 978-0-9853483-7-3 SP - 89 EP - 96 PB - The Society of Digital Information and Wireless Communication ER - TY - CHAP A1 - Stöbe, Rolf A1 - Höfken, Hans-Wilhelm A1 - Schuba, Marko A1 - Breuer, Michael T1 - Artificial ageing of mobile devices using a simulated GSM/GPRS network T2 - Eighth International Conference on Availability, Reliability and Security (ARES) : 2-6 Sept. 2013, Regensburg Y1 - 2013 SP - 493 EP - 497 PB - IEEE ER - TY - CHAP A1 - Hartung, Frank A1 - Hillgärtner, Michael A1 - Schmitz, Günter A1 - Schuba, Marko A1 - Adolphs, Fabian A1 - Hoffend, Jens A1 - Theis, Jochen T1 - IT-Sicherheit im Automobil T2 - AmE 2014 : Automotive meets Electronics, Beiträge der 5. GMM-Fachtagung vom 18. bis 19. Februar 2014 in Dortmund. (GMM-Fachbericht ; 78) Y1 - 2014 SN - 978-3-8007-3580-8 SP - CD-ROM PB - VDE-Verl. CY - Berlin ER - TY - CHAP A1 - Bonney, Gregor A1 - Höfken, Hans-Wilhelm A1 - Paffen, Benedikt A1 - Schuba, Marko T1 - ICS/SCADA Security - Analysis of a Beckhoff CX5020 PLC T2 - 1st International Conference on Information Systems Security and Privacy : ICISSP 2015 Y1 - 2015 SP - 1 EP - 6 ER - TY - CHAP A1 - Lindenlauf, Simon A1 - Höfken, Hans-Wilhelm A1 - Schuba, Marko T1 - Cold Boot Attacks on DDR2 and DDR3 SDRAM T2 - 10th International Conference on Availability, Reliability and Security (ARES) 2015 Y1 - 2015 U6 - http://dx.doi.org/10.1109/ARES.2015.28 SP - 287 EP - 292 ER - TY - BOOK A1 - Galley, Birgit A1 - Minoggio, Ingo A1 - Schuba, Marko A1 - Bischoff, Barbara A1 - Höfken, Hans-Wilhelm T1 - Unternehmenseigene Ermittlungen : Recht - Kriminalistik - IT Y1 - 2016 SN - 978-3-503-16531-5 PB - Erich Schmidt Verlag CY - Berlin ER - TY - CHAP A1 - Braun, Sebastian A1 - Höfken, Hans-Wilhelm A1 - Schuba, Marko A1 - Breuer, Michael T1 - Forensische Sicherung von DSLRoutern T2 - Proceedings of D-A-CH Security 2015. St. Augustin 8. und 9. September 2015 Y1 - 2015 ER - TY - CHAP A1 - Becker, Sebastian A1 - Höfken, Hans-Wilhelm A1 - Schütz, Philip A1 - Schuba, Marko ED - Schartner, P. T1 - IT-forensische Erkennung modifizierter Android-Apps T2 - Proceedings of DACH Security 2016, Klagenfurt, Austria, September 2016 N2 - Malware auf Smartphones ist ein Problem, dem auch Strafverfolgungsbehörden immer häufiger gegenüberstehen. Insbesondere Telefone, bei denen potentiell schadhafte Apps zu einem finanziellen Schaden geführt haben, finden sich auf den Schreibtischen der Polizei wieder. Dabei müssen die Ermittler möglichst schnell und gezielt erkennen können, ob eine App tatsächlich schadhaft manipuliert wurde, was manipuliert wurde und mit wem die App kommuniziert. Klassische Malware-Erkennungsverfahren helfen zwar bei der generellen Erkennung schadhafter Software, sind aber für die polizeiliche Praxis nicht geeignet. Dieses Paper stellt ein Programm vor, welches gerade die forensischen Fragestellungen berücksichtigt und so für den Einsatz in der Strafverfolgung in Frage kommt. Y1 - 2016 SP - 120 EP - 125 ER - TY - CHAP A1 - Bonney, Gregor A1 - Nagel, Stefan A1 - Schuba, Marko ED - Schartner, P. T1 - Risiko Smart Home – Angriff auf ein Babymonitorsystem T2 - Proceedings of DACH Security 2016, Klagenfurt, Austria, September 2016 N2 - Unser Zuhause wird zunehmend intelligenter. Smart Homes bieten uns die Steuerung von Haus- oder Unterhaltungstechnik bequem vom Smartphone aus. Junge Familien nutzen die Technologie, um mittels vernetzten Babymonitorsystemen ihren Nachwuchs von überall aus im Blick zu haben. Davon auszugehen, dass solche Systeme mit einem Fokus auf Sicherheit entwickelt wurden, um die sehr persönlichen Daten zu schützen, ist jedoch ein Trugschluss. Die Untersuchung eines handelsüblichen und keineswegs billigen Systems zeigt, dass die Geräte sehr einfach kompromittiert und missbraucht werden können. Y1 - 2016 SP - 371 EP - 378 ER - TY - JOUR A1 - König, Johannes Alexander A1 - Völker, Veronika A1 - Wolf, Martin A1 - Schuba, Marko T1 - Gamified Hacking Offence Simulation-based Training (GHOST) JF - Crisis Prevention Y1 - 2016 VL - 2016 IS - 3 SP - 44 EP - 46 PB - Beta CY - Bonn ER - TY - CHAP A1 - Broenner, Simon A1 - Höfken, Hans-Wilhelm A1 - Schuba, Marko T1 - Streamlining extraction and analysis of android RAM images T2 - Proceedings of the 2nd international conference on information systems security and privacy Y1 - 2016 SN - 978-989-758-167-0 U6 - http://dx.doi.org/10.5220/0005652802550264 SP - 255 EP - 264 ER - TY - CHAP A1 - Granat, Andreas A1 - Höfken, Hans-Wilhelm A1 - Schuba, Marko T1 - Intrusion Detection of the ICS Protocol EtherCAT N2 - Control mechanisms like Industrial Controls Systems (ICS) and its subgroup SCADA (Supervisory Control and Data Acquisition) are a prerequisite to automate industrial processes. While protection of ICS on process management level is relatively straightforward – well known office IT security mechanisms can be used – protection on field bus level is harder to achieve as there are real-time and production requirements like 24x7 to consider. One option to improve security on field bus level is to introduce controls that help to detect and to react on attacks. This paper introduces an initial set of intrusion detection mechanisms for the field bus protocol EtherCAT. To this end existing Ethernet attack vectors including packet injection and man-in-the-middle attacks are tested in an EtherCAT environment, where they could interrupt the EtherCAT network and may even cause physical damage. Based on the signatures of such attacks, a preprocessor and new rule options are defined for the open source intrusion detection system Snort demonstrating the general feasibility of intrusion detection on field bus level. Y1 - 2017 N1 - International Conference on Computer, Network Security and Communication Engineering (CNSCE 2017), March 26-27, 2017, Bangkok, Thailand SP - 1 EP - 5 ER - TY - CHAP A1 - Schwanke, Peter A1 - Höfken, Hans-Wilhelm A1 - Schuba, Marko T1 - Security Analysis of the ADS Protocol of a Beckhoff CX2020 PLC N2 - ICSs (Industrial Control Systems) and its subset SCADA systems (Supervisory Control and Data Acquisition) are getting exposed to a constant stream of new threats. The increasing importance of IT security in ICS requires viable methods to assess the security of ICS, its individual components, and its protocols. This paper presents a security analysis with focus on the communication protocols of a single PLC (Programmable Logic Controller). The PLC, a Beckhoff CX2020, is examined and new vulnerabilities of the system are revealed. Based on these findings recommendations are made to improve security of the Beckhoff system and its protocols. Y1 - 2017 N1 - International Conference on Computer, Network Security and Communication Engineering (CNSCE 2017), March 26-27, 2017, Bangkok, Thailand SP - 1 EP - 5 ER - TY - CHAP A1 - Serror, Martin A1 - Henze, Martin A1 - Hack, Sacha A1 - Schuba, Marko A1 - Wehrle, Klaus T1 - Towards in-network security for smart homes T2 - 13th International Conference on Availability, Reliability and Security, ARES 2018; Hamburg; Germany; 27 August 2018 through 30 August 2018 Y1 - 2018 SN - 978-145036448-5 U6 - http://dx.doi.org/10.1145/3230833.3232802 SP - Article numer 3232802 ER - TY - JOUR A1 - Serror, Martin A1 - Hack, Sacha A1 - Henze, Martin A1 - Schuba, Marko A1 - Wehrle, Klaus T1 - Challenges and Opportunities in Securing the Industrial Internet of Things JF - IEEE Transactions on Industrial Informatics Y1 - 2021 U6 - http://dx.doi.org/10.1109/TII.2020.3023507 SN - 1941-0050 VL - 17 IS - 5 SP - 2985 EP - 2996 PB - IEEE CY - New York ER - TY - CHAP A1 - Schuba, Marko A1 - Höfken, Hans-Wilhelm T1 - Cybersicherheit in Produktion, Automotive und intelligenten Gebäuden T2 - IT-Sicherheit - Technologien und Best Practices für die Umsetzung im Unternehmen Y1 - 2022 SN - 978-3-446-47223-5 SN - 978-3-446-47347-8 U6 - http://dx.doi.org/10.3139/9783446473478.012 SP - 193 EP - 218 PB - Carl Hanser Verlag CY - München ER - TY - CHAP A1 - Engländer, Jacques A1 - Kaminski, Lars A1 - Schuba, Marko T1 - Informationssicherheitsmanagement T2 - Digitalisierungs- und Informationsmanagement N2 - Daten und Informationen sind die wichtigsten Ressourcen vieler Unternehmen und müssen daher entsprechend geschützt werden. Getrieben durch die erhöhte Vernetzung von Informationstechnologie, die höhere Offenheit infolge datengetriebener Dienstleistungen und eine starke Zunahme an Datenquellen, rücken die Gefahren von Informationsdiebstahl, -manipulation und -verlust in den Fokus von produzierenden Unternehmen. Auf dem Weg zum lern- und wandlungsfähigen Unternehmen kann dies zu einem großen Hindernis werden, da einerseits zu hohe Sicherheitsanforderungen neue Entwicklungen beschränken, andererseits wegen des Mangels an ausreichenden Informationssicherheitskonzepten Unternehmen weniger Innovationen wagen. Deshalb bedarf es individuell angepasster Konzepte für die Bereiche IT-Security, IT-Safety und Datenschutz für vernetzte Produkte, Produktion und Arbeitsplätze. Bei der Entwicklung und Durchsetzung dieser Konzepte steht der Faktor Mensch im Zentrum aller Überlegungen. In diesem Kapitel wird dargestellt, wie der Faktor Mensch bei der Erstellung von Informationssicherheitskonzepten in verschiedenen Phasen zu beachten ist. Beginnend mit der Integration von Informationssystemen und damit verbundenen Sicherheitsmaßnahmen, über die Administration, bis hin zur Anwendung durch den Endnutzer, werden Methoden beschrieben, die den Menschen, verbunden mit seinem Mehrwert wie auch den Risiken, einschließen. Dabei werden sowohl Grundlagen aufgezeigt als auch Konzepte vorgestellt, mit denen Entscheider in der Unternehmens-IT Leitlinien für die Informationssicherheit festlegen können. KW - Informationssicherheitsmanagement KW - Cybersicherheit KW - Cybersecurity KW - Informationssicherheit KW - IT-Sicherheit Y1 - 2022 SN - 978-3-662-63757-9 SN - 978-3-662-63758-6 U6 - http://dx.doi.org/10.1007/978-3-662-63758-6_15 SP - 373 EP - 398 PB - Springer Vieweg CY - Berlin ER - TY - CHAP A1 - Schuba, Marko A1 - Höfken, Hans-Wilhelm A1 - Linzbach, Sophie T1 - An ICS Honeynet for Detecting and Analyzing Cyberattacks in Industrial Plants T2 - 2021 International Conference on Electrical, Computer and Energy Technologies (ICECET) N2 - Cybersecurity of Industrial Control Systems (ICS) is an important issue, as ICS incidents may have a direct impact on safety of people or the environment. At the same time the awareness and knowledge about cybersecurity, particularly in the context of ICS, is alarmingly low. Industrial honeypots offer a cheap and easy to implement way to raise cybersecurity awareness and to educate ICS staff about typical attack patterns. When integrated in a productive network, industrial honeypots may not only reveal attackers early but may also distract them from the actual important systems of the network. Implementing multiple honeypots as a honeynet, the systems can be used to emulate or simulate a whole Industrial Control System. This paper describes a network of honeypots emulating HTTP, SNMP, S7communication and the Modbus protocol using Conpot, IMUNES and SNAP7. The nodes mimic SIMATIC S7 programmable logic controllers (PLCs) which are widely used across the globe. The deployed honeypots' features will be compared with the features of real SIMATIC S7 PLCs. Furthermore, the honeynet has been made publicly available for ten days and occurring cyberattacks have been analyzed KW - Conpot KW - honeypot KW - honeynet KW - ICS KW - cybersecurity Y1 - 2022 SN - 978-1-6654-4231-2 SN - 978-1-6654-4232-9 U6 - http://dx.doi.org/10.1109/ICECET52533.2021.9698746 N1 - 2021 International Conference on Electrical, Computer and Energy Technologies (ICECET). 09-10 December 2021. Cape Town, South Africa. PB - IEEE ER - TY - CHAP A1 - Christian, Esser A1 - Montag, Tim A1 - Schuba, Marko A1 - Allhof, Manuel T1 - Future critical infrastructure and security - cyberattacks on charging stations T2 - 31st International Electric Vehicle Symposium & Exhibition and International Electric Vehicle Technology Conference (EVS31 & EVTeC 2018) Y1 - 2018 SN - 978-1-5108-9157-9 SP - 665 EP - 671 PB - Society of Automotive Engineers of Japan (JSAE) CY - Tokyo ER - TY - CHAP A1 - Neth, Jannik A1 - Schuba, Marko A1 - Brodkorb, Karsten A1 - Neugebauer, Georg A1 - Höner, Tim A1 - Hack, Sacha T1 - Digital forensics triage app for android T2 - ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security N2 - Digital forensics of smartphones is of utmost importance in many criminal cases. As modern smartphones store chats, photos, videos etc. that can be relevant for investigations and as they can have storage capacities of hundreds of gigabytes, they are a primary target for forensic investigators. However, it is exactly this large amount of data that is causing problems: extracting and examining the data from multiple phones seized in the context of a case is taking more and more time. This bears the risk of wasting a lot of time with irrelevant phones while there is not enough time left to analyze a phone which is worth examination. Forensic triage can help in this case: Such a triage is a preselection step based on a subset of data and is performed before fully extracting all the data from the smartphone. Triage can accelerate subsequent investigations and is especially useful in cases where time is essential. The aim of this paper is to determine which and how much data from an Android smartphone can be made directly accessible to the forensic investigator – without tedious investigations. For this purpose, an app has been developed that can be used with extremely limited storage of data in the handset and which outputs the extracted data immediately to the forensic workstation in a human- and machine-readable format. KW - Android KW - Digital triage KW - Triage-app Y1 - 2023 SN - 9798400707728 U6 - http://dx.doi.org/10.1145/3600160.3605017 N1 - ARES 2023: The 18th International Conference on Availability, Reliability and Security. August 29 - September 1, 2023. Benevento, Italy. PB - ACM ER - TY - CHAP A1 - Küppers, Malte A1 - Schuba, Marko A1 - Neugebauer, Georg A1 - Höner, Tim A1 - Hack, Sacha T1 - Security analysis of the KNX smart building protocol T2 - ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security N2 - KNX is a protocol for smart building automation, e.g., for automated heating, air conditioning, or lighting. This paper analyses and evaluates state-of-the-art KNX devices from manufacturers Merten, Gira and Siemens with respect to security. On the one hand, it is investigated if publicly known vulnerabilities like insecure storage of passwords in software, unencrypted communication, or denialof-service attacks, can be reproduced in new devices. On the other hand, the security is analyzed in general, leading to the discovery of a previously unknown and high risk vulnerability related to so-called BCU (authentication) keys. Y1 - 2023 U6 - http://dx.doi.org/10.1145/3600160.3605167 N1 - Article No.: 87 ARES 2023, August 29–September 01, 2023, Benevento, Italy SP - 1 EP - 7 PB - ACM ER -