IMF 2018

11th International Conference on
IT Security Incident Management & IT Forensics

May 7th - 9th, 2018
Hamburg, Germany

http://www.imf-conference.org/
mailto:2018@imf-conference.org

Conference of SIG SIDAR
of the German Informatics Society (GI).

About IMF Conference

IT security is an integral aspect in operating IT systems today. Yet, as even high-end precautionary measures cannot prevent every attack or security mishap, the capabilitiy to quickly respond to IT security incidents, to secure infrastructure operations and data, as well as forensic capabilities in investigating  such  incidents in both technical and legal aspects are paramount. Capable incident response and forensic procedures have thus gained essential relevance in IT infrastructure operations and in law-enforcement, and there is ample need for research and standardization in this area.

Since 2003, the IMF conference has established itself as one of the premier European venues for presenting research on IT security incident response and management and IT forensics. The conference provides a platform for experts from throughout the world to present and discuss recent technical and methodical advances in the field. It shall enable collaboration and exchange of ideas between industry (both as users and solution providers), academia, law-enforcement and other government bodies.

Conference Goals

IMF's intent is to gather experts from throughout the world in order to present and discuss recent technical and methodical advances in the fields of IT security incident response and management and IT forensics. The conference provides a platform for collaboration and exchange of ideas between industry, academia, law-enforcement and other government bodies.

Conference Topics

The scope of IMF 2018 is broad and includes, but is not limited to the following areas:

IT Security Incident Management

  • Incident management standardization, metrics and life cycle
  • Incident management formats and protocols
  • Incident response and/or Vulnerability response workflows, procedures and tools
  • Incident analysis including live analysis
  • Research in incident management and related processes
  • Development of tools supporting incident management processes
  • Exchange of cyber threat intelligence
  • Sharing of data/information about threats, attacks, incidents, etc.
  • Setup of cyber defense entities including but not limited to: CSIRTs, PSIRTs, ISACs, SOCs and any other organization specialising in (some) IT security incident management processes
  • Maturity of such cyber defense entities
  • Warning of large scale communities about upcoming threats or detected vulnerabilities
  • Ensuring situational awareness and early warning
  • Mandatory vs. discretionary attack / incident / vulnerability reporting
  • Non-traditional incident management scenarios and approaches (e.g. vehicles, control systems, and SCADA)

IT Forensics

  • "Big data" approaches to forensics, including data collection, data mining, and large scale visualization
  • Research and development of tools supporting digital forensics
  • Digital forensic laboratories and other organizations specialising in digital forensic science
  • Addressing forensic challenges of systems-on-a-chip
  • Anti-forensics and anti-anti-forensics
  • Bridging the gap between analog and digital traces/evidence/investigators
  • Case studies and trend reports
  • Data hiding and discovery
  • Data recovery and reconstruction
  • Database forensics
  • Digital evidence and the law
  • Digital evidence storage and preservation
  • Event reconstruction methods and tools
  • Impact of digital forensics on forensic science
  • Interpersonal communications and social network analysis
  • Malware and targeted attacks: analysis, attribution
  • Memory analysis and snapshot acquisition
  • Mobile and embedded device forensics
  • Multimedia forensic analysis
  • Network and distributed system forensics
  • Non-traditional forensic scenarios and approaches (e.g. vehicles, control systems, and SCADA)
  • Storage forensics, including file system and Flash
  • Tool testing and development
  • Triage, prioritization, automation: efficiently processing large amounts of data in digital forensics
  • Typology of digital traces
  • Virtualized environment forensics, with specific attention to the cloud and virtual machine introspection

We are looking forward to see you, again.

Sincerely yours,
IMF Steering Committee

Sandra Frings, Fraunhofer IAO
Oliver Göbel, RUS-CERT, Universität Stuttgart
Detlef Günther, Corporate Internal Audit, Volkswagen AG
Holger Morgenstern, EDV-Sachverständiger / IT-expert witness
Jens Nedon, IABG
Dirk Schadt, SPOT Consulting
Felix Freiling, Friedrich-Alexander Universität Erlangen-Nürnberg