TY - CHAP A1 - Schuba, Marko A1 - Höfken, Hans-Wilhelm A1 - Linzbach, Sophie T1 - An ICS Honeynet for Detecting and Analyzing Cyberattacks in Industrial Plants T2 - 2021 International Conference on Electrical, Computer and Energy Technologies (ICECET) N2 - Cybersecurity of Industrial Control Systems (ICS) is an important issue, as ICS incidents may have a direct impact on safety of people or the environment. At the same time the awareness and knowledge about cybersecurity, particularly in the context of ICS, is alarmingly low. Industrial honeypots offer a cheap and easy to implement way to raise cybersecurity awareness and to educate ICS staff about typical attack patterns. When integrated in a productive network, industrial honeypots may not only reveal attackers early but may also distract them from the actual important systems of the network. Implementing multiple honeypots as a honeynet, the systems can be used to emulate or simulate a whole Industrial Control System. This paper describes a network of honeypots emulating HTTP, SNMP, S7communication and the Modbus protocol using Conpot, IMUNES and SNAP7. The nodes mimic SIMATIC S7 programmable logic controllers (PLCs) which are widely used across the globe. The deployed honeypots' features will be compared with the features of real SIMATIC S7 PLCs. Furthermore, the honeynet has been made publicly available for ten days and occurring cyberattacks have been analyzed KW - Conpot KW - honeypot KW - honeynet KW - ICS KW - cybersecurity Y1 - 2022 SN - 978-1-6654-4231-2 SN - 978-1-6654-4232-9 U6 - http://dx.doi.org/10.1109/ICECET52533.2021.9698746 N1 - 2021 International Conference on Electrical, Computer and Energy Technologies (ICECET). 09-10 December 2021. Cape Town, South Africa. PB - IEEE ER - TY - CHAP A1 - Schuba, Marko A1 - Höfken, Hans-Wilhelm T1 - Cybersicherheit in Produktion, Automotive und intelligenten Gebäuden T2 - IT-Sicherheit - Technologien und Best Practices für die Umsetzung im Unternehmen Y1 - 2022 SN - 978-3-446-47223-5 SN - 978-3-446-47347-8 U6 - http://dx.doi.org/10.3139/9783446473478.012 SP - 193 EP - 218 PB - Carl Hanser Verlag CY - München ER - TY - JOUR A1 - Schuba, Marko A1 - Höfken, Hans T1 - Backtrack5: Datensammlung und Reporterstellung für Pentester mit MagicTree / Höfken, Hans ; Schuba, Marko JF - Hakin9. 73 (2012), H. 3 Y1 - 2012 SN - 1733-7186 SP - 12 EP - 16 PB - - ER - TY - JOUR A1 - Schuba, Marko A1 - Höfken, H. A1 - Schaefer, T. T1 - Smartphone Forensik JF - Hakin9 : Practical Protection (2012) Y1 - 2012 SN - 1733-7186 SP - 10 EP - 20 PB - - ER - TY - JOUR A1 - Schuba, Marko A1 - Hermanns, Oliver T1 - Modellierung von Multicastmechanismen zur Unterstützung von Gruppenkommunikation / Schuba, Marko ; Hermanns, Oliver JF - Neue Konzepte für die offene verteilte Verarbeitung : Tagungsband des 1. Arbeitstreffens an der RWTH Aachen, 5. September 1994 / Hrsg. des Bd.: Claudia Popien und Bernd Meyer Y1 - 1994 SN - 3-86073-143-2 N1 - Aachener Beiträge zur Informatik ; 7 SP - 137 EP - 147 PB - Verl. der Augustinus-Buchh. CY - Aachen ER - TY - JOUR A1 - Schuba, Marko A1 - Hermanns, Oliver T1 - Performance Investigations of the IP Multicast Architecture / Hermanns, Oliver ; Schuba, Marko JF - Performance of the IP Multicast Achitecture . Proceedings JENC 6. Proceedings of the 6th Joint European Networking Conference, Tel Aviv Y1 - 1995 N1 - Reprinted in Computer Networks and ISDN Systems 28 pp 429-439, 1996 SP - 121-1 EP - 121-8 ER - TY - JOUR A1 - Schuba, Marko A1 - Haverkort, Boudewijn R. A1 - Schneider, Gaby T1 - Performance evaluation of multicast communication in packet-switched networks / Schuba, Marko ; Haverkort, Boudewijn R. ; Schneider, Gaby JF - Performance Evaluation. 39 (2000), H. 1-4 Y1 - 2000 SN - 0166-5316 N1 - http://dx.doi.org/10.1016/S0166-5316(99)00058-9 SP - 61 EP - 80 ER - TY - JOUR A1 - Schuba, Marko A1 - Gerstenberger, Volker A1 - Lahaije, Paul T1 - Internet ID – Flexible Reuse of Mobile Phone Authentication Security for Service Access / Schuba, Marko ; Gerstenberger, Volker, ; Lahaije, Paul Y1 - 2004 N1 - Nordsec 2004, Helsinki ; Nordic Workshop on Secure IT-systems <9, 2004> SP - 1 EP - 7 ER - TY - JOUR A1 - Schuba, Marko A1 - Busboom, Axel A1 - Herwono, Ian A1 - Zavagli, Guido T1 - Unambiguous Device Identification and Fast Connection Setup in Bluetooth / Busboom, Axel ; Herwono, Ian ; Schuba, Marko ; Zavagli, Guido JF - European wireless 2002 : next generation wireless networks: technologies, protocols, services and applications ; technical sessions: 26 - 28 February 2002, tutorials: 25 February 2002, Centro Affari, Florence, Italy ; proceedings / sponsored by EUREL ... General chair: Luciano Lenzini Y1 - 2002 SP - 1 EP - 5 ER - TY - JOUR A1 - Schuba, Marko T1 - Analyse der Antwortzeit von zuverlässigen Multicast-Protokollen im Internet JF - Multicast - Protokolle und Anwendungen : 20. - 21. Mai 1999, Braunschweig; 1. GI-Workshop / [Workshop-Leitung: Martina Zitterbart ...] Y1 - 1999 SP - 1 EP - 14 CY - Braunschweig ER -