IMF 2018

11th International Conference on
IT Security Incident Management & IT Forensics

May 7th - 9th, 2018
Hamburg, Germany

http://www.imf-conference.org/
mailto:2018@imf-conference.org

Conference of SIG SIDAR
of the German Informatics Society (GI).




Preliminary Conference Program - subject to change

Monday, May 7th, 2018

Time Presentation / Description Speaker/Author/Session Chair
From 12:30 - 13:10 Registration and Welcome Coffee
13:10 - 13:30 Welcome General Chair
Holger Morgenstern
Albstadt-Sigmaringen University


Peter Wirnsperger
Deloitte
13:30 - 14:30 Keynote:
What world do you want your children to live in? You can make the difference.

Don Stikvoort
Open CSIRT Foundation, chair
14:30 - 15:00 Coffee Break
15:00 - 15:50 Session 1: Network and Cloud Security (Presentation proposals)

DNS Firewall use cases and lessons learned
Matthias Seitz
Streamline AWS Security Incidents
Asif Matadar
15:50 - 16:30 Session 2:Network and Cloud Security (Full paper)

On the Robustness of Random Walk Algorithms for the Detection of Unstructured P2P Botnets
Dominik Muhs
Steffen Haas
Mathias Fischer
16:30 - 17:00 Coffee Break
17:00 - 18:00 Panel: Incident Management and GDPR
TBA

Tuesday, May 8th, 2018

Time Presentation / Description Speaker/Author/Session Chair
09:00 - 10:00 Keynote:
Beware of the Ninjas

Felix Leder
Symantec
Honeynet Project
10:00 - 10:30 Coffee Break
10:30 - 12:30 Session 3: Memory forensics and automotive (Full paper)
Exploring the processing of personal data in modern vehicles - A Proposal of a testbed for explorative research to achieve transparency for privacy and security
Alexandra Koch
Robert Altschaffel
Mario Hildebrandt
Stefan Kiltz
Jana Dittmann
Linux Memory Forensics: Expanding Rekall for Userland Investigation
Johannes Stadlinger
Frank Block
Andreas Dewald
mrsh-mem: Approximate matching on raw memory dumps
Lorenz Liebler
Frank Breitinger
12:30 - 13:30 Lunch Break
13:30 - 14:00 Lightning Talks
14:00 - 14:15 Coffee Break
14:15 - 15:45 Workshop:
Accelerate the Hunt: Using Passive DNS To Connect the Dots in Digital Investigations

Paul Vixie
Fairsight Security
15:45 - 16:15 Coffee Break
16:15 - 17:45 Workshop:
Accelerate the Hunt: Using Passive DNS To Connect the Dots in Digital Investigations

Paul Vixie
Fairsight Security
19:00 - 22:30 Social Event

Wednesday, May 9th, 2018

Time Presentation / Description Organisation
09:00 - 11:00 Session 4: Digital evidence and anti forensics (Full paper)
Principles of Secure Logging for Safekeeping Digital Evidence
Felix Freiling
Edita Bajramovic
Defeating the Secrets of OTP Apps
Michael Spreitzenbarth
Philip Polleit
Introducing Anti-Forensics to SQLite Corpora and Tool Testing
Sven Schmitt
11:00 - 11:30 Coffee Break
11:30 - 12:20 Session 5: Presentation proposals
Complexities in Investigating cases of Social Engineering: How reverse engineering and profiling can assist in the collection of evidence
Christina Lekati
Swimming in the Monero pools
Emilien Le Jamtel
12:20 - 13:00 Session 6: Risk assessment (Full paper)
The β -Time-to-Compromise Metric for Practical Cyber Security Risk Estimation
Andrej Zieger
Klaus-Peter Kossakowski
Felix Freiling