IMF 2015

9th International Conference on
IT Security Incident Management & IT Forensics

May 18th - 20th, 2015
Magdeburg, Germany

http://www.imf-conference.org/
mailto:2015@imf-conference.org

Conference of SIG SIDAR
of the German Informatics Society (GI).

Call for Papers

Conference Background

IT security is an integral aspect in operating IT systems today. Yet, as even high-end precautionary measures cannot prevent every attack or security mishap, the capabilitiy to quickly respond to IT security incidents, to secure infrastructure operations and data, as well as forensic capabilities in investigating  such  incidents in both technical and legal aspects are paramount. Capable incident response and forensic procedures have thus gained essential relevance in IT infrastructure operations and in law-enforcement, and there is ample need for research and standardization in this area.

Since 2003, the IMF conference has established itself as one of the premier European venues for presenting research on IT security incident response and management and IT forensics. The conference provides a platform for experts from throughout the world to present and discuss recent technical and methodical advances in the field. It shall enable collaboration and exchange of ideas between industry (both as users and solution providers), academia, law-enforcement and other government bodies.

Conference Goals

IMF's intent is to gather experts from throughout the world in order to present and discuss recent technical and methodical advances in the fields of IT security incident response and management and IT forensics. The conference provides a platform for collaboration and exchange of ideas between industry, academia, law-enforcement and other government bodies.

Conference Topics

The scope of IMF 2015 is broad and includes, but is not limited to the following areas:

IT Security Incident Management

  • Incident Management and Response Procedures and Methods
  • Incident Management and Response Formats and Standardization
  • Tools Supporting Incident Management and Response
  • Incident Analysis
  • CERTs/CSIRTs
  • Information Sources, Information Exchange, Communities
  • Dealing with Vulnerabilities (Vulnerability Response)
  • Monitoring and Early Warning
  • Incident Response in Non-Standard Environments (e.g. Embedded Systems)
  • Education and Training
  • Organizations
  • Legal and Enterprise Aspects (Jurisdiction, Applicable Laws and Regulations)

IT Forensics

  • Trends and Challenges in IT Forensics
  • Application of Forensic Techniques in New Areas
  • Tools and Technology in Procedures for IT Forensics
  • Methods for the Gathering, Handling, Processing and Analysis of Digital Evidence
  • Evidence Protection in IT Environments
  • IT Forensics in Non-Standard Environments (e.g. Embedded Systems)
  • Source-Determination and Manipulation Detection (e.g. Multimedia Forensics)
  • Standardization in IT Forensics
  • Education and Training
  • Organizations
  • Legal and Enterprise Aspects (Jurisdiction, Applicable Laws and Regulations)

Special Sessions

Besides the regular conference papers, IMF2015 also invites to contribute papers for the special sessions with research topics outlined below, presenting novel and mature results, new ideas and trends as well as practice papers, describing best practices, case studies or lessons learned.

Special Session on Malware Analysis / Malware Forensics (Tobias Hoppe, Stefan Kiltz)

As (individually crafted) malware plays an important role in attacks on productive IT environments in the Desktop IT domain, mobile systems, industrial environments, automotive control units and beyond, malware analysis is an increasingly important building block of IT forensic investigations. This special session addresses new directions and ideas in Malware Analysis and Forensics to support IT forensic investigations of respective security incidents. Examples of relevant topics are (not limited to):

  • Trends and challenges in penetration testing
  • Automatic identification of addressed CPU/MCU architectures in malware sample payloads
  • Malware analysis processes and their integration into IT forensic processes and in IT security incident management
  • Trends and Challenges in Malware Forensics
  • Analysis of Malware for Non-Standard IT Environments

Special sessions on digitized forensics (Mario Hildebrandt, Claus Vielhauer)

In the context of this conference, digitized forensics addresses the traditional forensic disciplines (e.g. crime scene forensics, detection of counterfeits of physical objects and artwork) that utilize digital methods to acquire and analyze the physical traces digitally. This special session thematically complements the main conference towards novel digitized methods for the purpose of forensic challenges by bridging the gap between the emerging domains of IT and criminalistic forensics.
The scope of this special session ranges from digital processing of crime scene traces, such as fingerprints, palm prints, fibers, tool and ammunition marks or handwriting traces, to approaches for detecting and analyzing counterfeit physical objects and artworks, as well as the forensic analysis of media streams, e.g. for extracting and identifying characteristic origin patterns. Potential topics include, but are not limited to:

  • Approaches for processing of various physical trace types in digitized forensics
  • Methods for creation and maintenance of chain of custody / chain of evidence
  • Contactless and non-destructive acquisition of crime scene traces
  • Strategic and operational preparation for digitized forensic investigations
  • Pattern recognition approaches in trace processing
  • Evidence evaluation and evidential value of digitized traces
  • Technical, organizational and legal aspects in evidence documentation
  • Error, loss and uncertainty in digitized forensics
  • Incident response in IT systems used for digitized forensics
  • Event reconstruction/Fusion strategies for different types of traces
  • Legal compliance and societal impacts
  • Establishment of test procedures and benchmarking in digitized forensics

Special sessions on teaching forensics and intrusion management (Volker Krummel, Christian Krätzer)

This special session addresses the topics of teaching forensics and intrusion management from both a national and an international perspective to identify common approaches and differences for an exchange on experience and knowledge gained. Potential topics include, but are not limited to:

  • Existing and planned teaching programs (general approach and structure) with goals and concepts
  • Basic and emerging trends to provide education to be well-equipped for the challenges from new technology and new approaches in the IT industry
  • From theory to practical approaches, how to evaluate and implement new research findings such as experience-based learning

Submission Details

IMF invites to submit full papers, presenting novel and mature research results, as well as practice papers, describing best practices, case studies or lessons learned. The maximum paper length for full papers is 20 pages, including the bibliography and well-marked appendices. Short papers for reporting early research results or best practice approaches are limited to 5 pages. Proposals for workshops, discussions and presentations on practical methods and challenges are also welcome.

Please submit your paper here.

You will find the submission guidelines here.

All submissions must be written in English language (see below) and submitted either in postscript or PDF format. Submissions must be anonymized. Authors of accepted papers must ensure that their papers will be presented at the conference. Submitted full papers must not substantially overlap papers that have been published elsewhere or that are simultaneously submitted to a journal or a conference with proceedings.

Additionally, IMF2015 hosts special sessions regarding selected topics from incident response and forensics.

All submissions, including the submissions for the special sessions, will be reviewed by the program committee and papers accepted for presentation at the conference will be included in the conference proceedings.

Language

IMF 2015's scope is international. Hence all submissions must be written in English language. Presentations of accepted papers must be given in English language as well.

Publication

Accepted papers will be published by Conference Publishing Services and submitted to the IEEE Xplore Digital Library. Each participant of the conference will receive a printed copy.

Dates and Deadlines (for regular papers and special sessions)

December 15th, 2014: Deadline for paper registration
January 24th, 2015: Deadline for paper registration (extended)
December 22nd, 2014: Deadline for uploading final version of paper
January 31st, 2015: Deadline for uploading final version of paper (extended)
February 14th, 2015: Notification of acceptance or rejection
February 19th, 2015: Notification of acceptance or rejection
March 1st, 2015: Due date for conference registration for authors
March 1st, 2015: Due date for final camera-ready copies
March 4th, 2015: Due date for final camera-ready copies

Registration is now open until May 12th, 2015!
May 18th through 20th, 2015: IMF 2015 Conference

General Chair

Jana Dittmann
University of Magdeburg, Germany
chair-2015@imf-conference.org

Local Organizer Support

Silke Reifgerste
University of Magdeburg, Germany
localorg@imf-conference.org

Program Co-Chairs

Holger Morgenstern
Albstadt-Sigmaringen University, Germany

Jana Dittmann
Otto von Guericke University, Magdeburg, Germany

pc-chair-2015@imf-conference.org

Sponsor Chair

sponsor-chair-2015@imf-conference.org

Organizing Committee

Jana Dittmann
Felix Freiling
Sandra Frings
Oliver Göbel
Detlef Günther
Stefan Kiltz
Holger Morgenstern
Jens Nedon
Dirk Schadt

Programm Committee

Andreas Schuster, BFK edv-consulting GmbH
Andreas Dewald, FAU Erlangen, Germany
Harald Baier, CASED
Jack Cole, ARL
Oliver Göbel, Universitaet Stuttgart, RUS-CERT
Jens Nedon, IABG
Detlef Günther, Volkswagen AG
Holger Morgenstern, Albstadt-Sigmaringen University
Martin Rieger, Albstadt-Sigmaringen University
Dirk Schadt, SPOT Consulting
Levente Buttyan, Budapest University of Technology and Economics
Marko Schuba, FH Aachen - Aachen University of Applied Sciences
Mark Schiller, Stratton Security Ltd.
Jana Dittmann, University of Magdeburg
Stefan Kiltz, University of Magdeburg
Robert Martin, MITRE
Kwok-Yan Lam, National University of Singapore
Sebastian Schinzel, Münster University of Applied Sciences
Bernd Grobauer, Siemens
Pavel Gladyshev, University College Dublin (UCD)
Stephen Wolthusen, Gjovik University College

Special Session Reviewer

Claus Vielhauer, University of Magdeburg, Brandenburg University of Applied Sciences
Tobias Hoppe, University of Magdeburg
Mario Hildebrandt, University of Magdeburg
Christian Krätzer, University of Magdeburg
Volker Krummel, Wincor Nixdorf, Germany

Steering Committee

Sandra Frings
Oliver Göbel
Detlef Günther
Holger Morgenstern
Jens Nedon
Felix Freiling
Dirk Schadt

Under the Auspices of

German Informatics Society (GI e.V.)
Wissenschaftszentrum Ahrstr. 45, 53175 Bonn, Germany Tel.: +49 228 302 145, Fax: +49 228 302 167

Special Interest Group SIDAR

Sponsorship

We invite interested organizations to serve as sponsors for IMF 2015; please contact the organization committee at (sponsor-chair-2015@imf-conference.org).

Location

Otto-von-Guericke Zentrum
Schleinufer 1
39104 Magdeburg
Germany

Imprint / Impressum