IMF 2018

11th International Conference on
IT Security Incident Management & IT Forensics

May 7th - 9th, 2018
Hamburg, Germany

Conference of SIG SIDAR
of the German Informatics Society (GI).

Preliminary Conference Program - subject to change

Monday, May 7th, 2018

Time Presentation / Description Speaker/Author/Session Chair
From 11:30 - 13:10 Registration and Lunch
13:10 - 13:30 Welcome Conference Chair
Holger Morgenstern
Albstadt-Sigmaringen University

Peter Wirnsperger
13:30 - 14:30 Keynote:
What world do you want your children to live in? You can make the difference.

Don Stikvoort
Open CSIRT Foundation, chair
14:30 - 15:00 Coffee Break
15:00 - 16:00 Session 1: Network and Cloud Security (Presentation proposals)
Andreas Dewald
DNS Firewall use cases and lessons learned
Matthias Seitz
Streamline AWS Security Incidents
Asif Matadar
16:00 - 16:40 Session 2:Network and Cloud Security (Full paper)
Andreas Dewald
On the Robustness of Random Walk Algorithms for the Detection of Unstructured P2P Botnets
Dominik Muhs
Steffen Haas
Mathias Fischer
16:40 - 17:10 Coffee Break
17:10 - 18:10 Panel: Incident Management and GDPR

Tuesday, May 8th, 2018

Time Presentation / Description Speaker/Author/Session Chair
From 08:30 - 09:00 Registration
09:00 - 10:00 Keynote:
Beware of the Ninjas

Felix Leder
Honeynet Project
10:00 - 10:30 Coffee Break
10:30 - 12:30 Session 3: Memory forensics and automotive (Full paper)
Harald Baier
Exploring the processing of personal data in modern vehicles - A Proposal of a testbed for explorative research to achieve transparency for privacy and security
Alexandra Koch
Robert Altschaffel
Mario Hildebrandt
Stefan Kiltz
Jana Dittmann
Linux Memory Forensics: Expanding Rekall for Userland Investigation
Johannes Stadlinger
Frank Block
Andreas Dewald
mrsh-mem: Approximate matching on raw memory dumps
Lorenz Liebler
Frank Breitinger
12:30 - 13:30 Lunch Break
13:30 - 14:00 Lightning Talks
14:00 - 14:15 Coffee Break
14:15 - 15:45 Workshop:
Accelerate the Hunt: Using Passive DNS To Connect the Dots in Digital Investigations

Paul Vixie
Farsight Security
15:45 - 16:15 Coffee Break
16:15 - 17:45 Workshop:
Accelerate the Hunt: Using Passive DNS To Connect the Dots in Digital Investigations

Paul Vixie
Farsight Security
19:00 - 22:30 Social Event: Harbour and Elbe boat tour with dinner,
boat „Commodore“ leaving from Überseebrücke,
20459 Hamburg

Wednesday, May 9th, 2018

Time Presentation / Description Organisation
From 08:30 - 09:00 Registration
09:00 - 11:00 Session 4: Digital evidence and anti forensics (Full paper)
Stefan Kiltz
Principles of Secure Logging for Safekeeping Digital Evidence
Felix Freiling
Edita Bajramovic
Defeating the Secrets of OTP Apps
Michael Spreitzenbarth
Philip Polleit
Introducing Anti-Forensics to SQLite Corpora and Tool Testing
Sven Schmitt
11:00 - 11:30 Coffee Break
11:30 - 12:30 Session 5: Social media and crypto currencies (Presentation proposals)
Christian Keil
Complexities in Investigating cases of Social Engineering: How reverse engineering and profiling can assist in the collection of evidence
Christina Lekati
Swimming in the Monero pools
Emilien Le Jamtel
12:30 - 13:10 Session 6: Risk assessment (Full paper)
Christian Keil
The β -Time-to-Compromise Metric for Practical Cyber Security Risk Estimation
Andrej Zieger
Klaus-Peter Kossakowski
Felix Freiling
13:10 - 13:20 Good bye
Conference Chair
Klaus-Peter Kossakowski
Program Chairs
Harald Baier
Christian Keil
13:20 - 14:10 Lunch