TY - CHAP A1 - Logen, Steffen A1 - Höfken, Hans A1 - Schuba, Marko T1 - Simplifying RAM Forensics : A GUI and Extensions for the Volatility Framework T2 - 2012 Seventh International Conference on Availability, Reliability and Security (ARES), 20-24 August 2012, Prague, Czech Republic N2 - The Volatility Framework is a collection of tools for the analysis of computer RAM. The framework offers a multitude of analysis options and is used by many investigators worldwide. Volatility currently comes with a command line interface only, which might be a hinderer for some investigators to use the tool. In this paper we present a GUI and extensions for the Volatility Framework, which on the one hand simplify the usage of the tool and on the other hand offer additional functionality like storage of results in a database, shortcuts for long Volatility Framework command sequences, and entirely new commands based on correlation of data stored in the database. Y1 - 2012 SN - 978-1-4673-2244-7 U6 - http://dx.doi.org/10.1109/ARES.2012.12 SP - 620 EP - 624 PB - IEEE CY - New York ER - TY - JOUR A1 - Schuba, Marko A1 - Wrona, Konrad T1 - Security for Mobile Commerce Applications / Schuba, Marko ; Wrona, Konrad Y1 - 2001 N1 - Multimedia, Internet, Video Technologies 2001 (MIV 2001), Malta, September 1-6, 2001 ; WSEAS Conference ; World Scientific and Engineering Academy and Society SP - 1 EP - 8 ER - TY - CHAP A1 - Küppers, Malte A1 - Schuba, Marko A1 - Neugebauer, Georg A1 - Höner, Tim A1 - Hack, Sacha T1 - Security analysis of the KNX smart building protocol T2 - ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security N2 - KNX is a protocol for smart building automation, e.g., for automated heating, air conditioning, or lighting. This paper analyses and evaluates state-of-the-art KNX devices from manufacturers Merten, Gira and Siemens with respect to security. On the one hand, it is investigated if publicly known vulnerabilities like insecure storage of passwords in software, unencrypted communication, or denialof-service attacks, can be reproduced in new devices. On the other hand, the security is analyzed in general, leading to the discovery of a previously unknown and high risk vulnerability related to so-called BCU (authentication) keys. Y1 - 2023 U6 - http://dx.doi.org/10.1145/3600160.3605167 N1 - Article No.: 87 ARES 2023, August 29–September 01, 2023, Benevento, Italy SP - 1 EP - 7 PB - ACM ER - TY - CHAP A1 - Schwanke, Peter A1 - Höfken, Hans-Wilhelm A1 - Schuba, Marko T1 - Security Analysis of the ADS Protocol of a Beckhoff CX2020 PLC N2 - ICSs (Industrial Control Systems) and its subset SCADA systems (Supervisory Control and Data Acquisition) are getting exposed to a constant stream of new threats. The increasing importance of IT security in ICS requires viable methods to assess the security of ICS, its individual components, and its protocols. This paper presents a security analysis with focus on the communication protocols of a single PLC (Programmable Logic Controller). The PLC, a Beckhoff CX2020, is examined and new vulnerabilities of the system are revealed. Based on these findings recommendations are made to improve security of the Beckhoff system and its protocols. Y1 - 2017 N1 - International Conference on Computer, Network Security and Communication Engineering (CNSCE 2017), March 26-27, 2017, Bangkok, Thailand SP - 1 EP - 5 ER - TY - CHAP A1 - Bonney, Gregor A1 - Nagel, Stefan A1 - Schuba, Marko ED - Schartner, P. T1 - Risiko Smart Home – Angriff auf ein Babymonitorsystem T2 - Proceedings of DACH Security 2016, Klagenfurt, Austria, September 2016 N2 - Unser Zuhause wird zunehmend intelligenter. Smart Homes bieten uns die Steuerung von Haus- oder Unterhaltungstechnik bequem vom Smartphone aus. Junge Familien nutzen die Technologie, um mittels vernetzten Babymonitorsystemen ihren Nachwuchs von überall aus im Blick zu haben. Davon auszugehen, dass solche Systeme mit einem Fokus auf Sicherheit entwickelt wurden, um die sehr persönlichen Daten zu schützen, ist jedoch ein Trugschluss. Die Untersuchung eines handelsüblichen und keineswegs billigen Systems zeigt, dass die Geräte sehr einfach kompromittiert und missbraucht werden können. Y1 - 2016 SP - 371 EP - 378 ER - TY - BOOK A1 - Schuba, Marko A1 - Spaniol, Otto A1 - Linnhoff-Popien, Claudia T1 - Rechnerstrukturen : Skript zur Vorlesung an der RWTH Aachen / Spaniol, Otto ; Linnhoff-Popien, Claudia ; Schuba, Marko Y1 - 1995 SN - 3-86073-147-5 N1 - Aachener Beiträge zur Informatik ; 11 PB - Verl. der Augustinus-Buchh. CY - Aachen ER - TY - JOUR A1 - Schuba, Marko A1 - Schneider, Gaby A1 - Haverkort, Boudewijn R. T1 - QNA-MC: A Performance Evaluation Tool for Communication Networks with Multicast Data Streams / Schneider, G. ; Schuba, M. ; Haverkort, B. R. JF - Computer Performance Evaluation - Modelling Techniques and Tools / Puigjaner, Ramon (eds.) Y1 - 1998 SN - 3-540-64949-2 N1 - Lecture notes in computer science ; 1469 SP - 105 EP - 116 PB - Springer CY - Berlin ER - TY - JOUR A1 - Hulsebosch, R. J. A1 - Günther, C. A1 - Horn, C. A1 - Holtmanns, S. A1 - Howker, K. A1 - Paterson, K. A1 - Claessens, J. A1 - Schuba, Marko ED - Mitchell, Chris J. T1 - Pioneering Advanced Mobile Privacy and Security JF - Security for mobility Y1 - 2004 SN - 9781849190886 U6 - http://dx.doi.org/10.1049/PBTE051E_ch N1 - IEE telecommunications series ; 51 SP - 383 EP - 432 PB - Institution of Electrical Engineers CY - London ER - TY - JOUR A1 - Claessens, J. A1 - Fuchsberger, A. A1 - Günther, C. A1 - Horn, G. A1 - Howker, K. A1 - Hulsebosch, R.J. A1 - Mitchell, C. A1 - Paterson, K. A1 - Preneel, B. A1 - Schellekens, D. A1 - Schuba, Marko T1 - Pioneering Advanced Mobile Privacy and Security Y1 - 2003 N1 - electronic proceedings of the 18th IFIP International Information Security Conference, Athens, Greece, May 2003 SP - 1 EP - 17 ER - TY - JOUR A1 - Schuba, Marko A1 - Hermanns, Oliver T1 - Performance Investigations of the IP Multicast Architecture / Hermanns, Oliver ; Schuba, Marko JF - Performance of the IP Multicast Achitecture . Proceedings JENC 6. Proceedings of the 6th Joint European Networking Conference, Tel Aviv Y1 - 1995 N1 - Reprinted in Computer Networks and ISDN Systems 28 pp 429-439, 1996 SP - 121-1 EP - 121-8 ER -