Call for Papers

Conference Background

Since 2003, IMF has established itself as one of the premier venues for presenting research on IT security incident response and management and IT forensics. While the first IMF conference was organized to establish a research forum for German-speaking researchers and practitioners from the field, it soon became an international conference attracting many experts across Europe. 2025 being the 14th Conference, it is also an important milestone in connecting IT security incident management, IT forensics and their respective legal frameworks.

IMF provides an informal collaborative environment each year that brings together leading researchers, practitioners, industry, tool developers, academics, law enforcement, and other government bodies from around the globe to tackle current and emerging challenges in their fields.

Accepted papers will be published in the ACM DTRAP Journal as a Special Issue and will be Open Access.

We invite original contributions as research papers, non-research practitioner presentations, and panels on the following topics in digital forensics and IT security incident response and management:

IT Security Incident Management

• Incident management and the law
• Incident management standardization, metrics and life cycle
• Incident management formats and protocols
• Incident response and/or Vulnerability response workflows, procedures and tools
• Incident analysis including live analysis
• Research in incident management and related processes
• Development of tools supporting incident management processes
• Sharing of data/information about threats, attacks, incidents, etc.
• Setup of cyber defense entities including but not limited to: CSIRTs, PSIRTs, ISACs, SOCs and any other organization specialising in (some) IT security incident management processes
• Maturity of such cyber defense entities
• Warning of large scale communities about upcoming threats or detected vulnerabilities
• Ensuring situational awareness and early warning
• Mandatory vs. discretionary attack / incident / vulnerability reporting
• Non-traditional incident management scenarios and approaches (such as IoT, OT, Industry 4.0)

IT Forensics

• Digital evidence, IT forensics and the law
• Research and development of tools supporting digital forensics
• Large-scale analytic approaches to forensics, including data collection, data mining, and large-scale visualization
• Digital forensic laboratories and other organizations specialising in digital forensic science
• Addressing forensic challenges of systems-on-a-chip
• Anti-forensics and anti-anti-forensics
• Bridging the gap between analog and digital traces/evidence/investigators
• Case studies and trend reports
• Data hiding and discovery
• Data recovery and reconstruction
• Database forensics
• Digital evidence storage and preservation
• Event reconstruction methods and tools
• Interpersonal communications and social network analysis
• Malware and targeted attacks: analysis, attribution
• Memory analysis
• Mobile and embedded device forensics
• Multimedia forensic analysis
• Network and distributed system forensics
• Non-traditional forensic scenarios and approaches (e.g. vehicles, control systems, and SCADA)
• Storage forensics, including file system and Flash
• Tool testing and development
• Triage, prioritization, automation: efficiently processing large amounts of data in digital forensics
• Typology of digital traces
• Virtualized environment forensics, with specific attention to the cloud and virtual machine introspection
• Forensics for attribution and prevention, comprising detection and reaction

The above list is only suggestive. We welcome new, original ideas from people in academia, industry, government, and law enforcement who are interested in sharing their results, knowledge, and experience. Authors are encouraged to demonstrate the applicability of their work to practical issues. Questions about submission topics can be sent via email to pc-chair<at>imf-conference<dot>org. Please address general queries about IMF to 2025<at>imf-conference<dot>org.

IMPORTANT DATES - Please note that all deadlines are firm.

• Papers & Presentation/Panel Proposals: April 28, 2025 23:59 (UTC)
• Author notification: July 10, 2025
• Final paper due & presenter registration: July 31, 2025
• Conference Dates: September 16, 2025 - September 17, 2025

Submissions

IMF invites to submit full papers, presenting novel and mature research results, as well as practice papers, describing best practices, case studies, or lessons learned. The maximum paper length for full papers is 20 pages, including the bibliography and well-marked appendices. Short papers for reporting early research results or best practice approaches are limited to 10 pages.
Research papers and presentation proposals must be submitted through the ScholarOne Manuscript DTRAP site at https://mc.manuscriptcentral.com/dtrap. Details about the submission format are listed here: https://dl.acm.org/journal/dtrap/author-guidelines.
All submissions must be written in the English language (see below) and submitted in PDF format. Submissions must be anonymized. Authors of accepted papers must ensure that their papers will be presented at the conference. Submitted full papers must not substantially overlap papers that have been published elsewhere or that are simultaneously submitted to a journal or a conference with proceedings.
All submissions will be reviewed by the program committee and papers accepted for presentation at the conference will be included in the conference proceedings.
Send any questions about research paper / presentation proposal submissions to: pc-chair<at>imf-conference<dot>org

Please submit your paper here.

Language

IMF 2025's scope is international. Hence all submissions must be written in English language. Presentations of accepted papers must be given in English language as well.

Student Scholarship Program

A limited number of scholarships (no registration fee, two hotel nights) may be awarded to students presenting a paper at the conference. The intent is to help alleviate the financial burden due to the cost of hotel expenses and conference registration. For more information, please contact the TPC Chairs (pc-chair<at>imf-conference<dot>org).

Technical Program Committee Chairs

Dominik Brodowski, Universität des Saarlandes - Saarbrücken
Stefan Kiltz, Otto-von-Guericke University of Magdeburg
Thomas Schreck, Munich University of Applied Sciences

Technical Program Committee

Harald Baier, Universität der Bundeswehr München
Konstantin Bayreuther, DHBW Mannheim
Jana Dittmann, Otto-von-Guericke University of Magdeburg
Christofer Fein, Hochschule Niederrhein
Felix Freiling, Friedrich-Alexander-Universität Erlangen-Nürnberg
Christian Keil, DFN CERT
Robert Martin, MITRE
Holger Morgenstern, Albstadt-Sigmaringen University
Janine Schneider, CISPA Helmholtz Center for Information Security
Marko Schuba, FH Aachen
Christoph Sorge, Universität des Saarlandes - Saarbrücken
Michael Spreitzenbarth, Siemens CERT
Ricardo J. Rodríguez, University of Zaragoza

Sincerely,
Stefan Kiltz & Dominik Brodowski & Thomas Schreck
Technical Program Co-Chairs 2025