IMF 2023

12th International Conference on
IT Security Incident Management & IT Forensics

May 23rd - 24th, 2023
Munich, Germany

Conference of SIG SIDAR
of the German Informatics Society (GI).

Call for Papers

Conference Background

Since 2003, IMF has established itself as one of the premier venues for presenting research on IT security incident response and management and IT forensics. While the first IMF conference was organized to establish a research forum for German-speaking researchers and practitioners from the field, it soon became an international conference attracting many experts across Europe. The goal of the conference is to bring together two worlds IT security incident response and management and IT forensics. In 2023 the 12th edition of this conference will be held in Munich.
IMF provides an informal collaborative environment each year that bring together leading researchers, practitioners, industry, tool developers, academics, law enforcement, and other government bodies from around the globe to tackle current and emerging challenges in their fields.
We invite original contributions as research papers, non-research practitioner presentations, and panels on the following topics in digital forensics and IT security incident response and management:

IT Security Incident Management

  • Incident management standardization, metrics and life cycle
  • Incident management formats and protocols
  • Incident response and/or Vulnerability response workflows, procedures and tools
  • Incident analysis including live analysis
  • Research in incident management and related processes
  • Development of tools supporting incident management processes
  • Exchange of cyber threat intelligence
  • Sharing of data/information about threats, attacks, incidents, etc.
  • Setup of cyber defense entities including but not limited to: CSIRTs, PSIRTs, ISACs, SOCs and any other organization specialising in (some) IT security incident management processes
  • Maturity of such cyber defense entities
  • Warning of large scale communities about upcoming threats or detected vulnerabilities
  • Ensuring situational awareness and early warning
  • Mandatory vs. discretionary attack / incident / vulnerability reporting
  • Non-traditional incident management scenarios and approaches (such as IoT, OT, Industry 4.0)

IT Forensics

  • Research and development of tools supporting digital forensics
  • Large-scale analytic approaches to forensics, including data collection, data mining, and large-scale visualization
  • Digital forensic laboratories and other organizations specialising in digital forensic science
  • Addressing forensic challenges of systems-on-a-chip
  • Anti-forensics and anti-anti-forensics
  • Bridging the gap between analog and digital traces/evidence/investigators
  • Case studies and trend reports
  • Data hiding and discovery
  • Data recovery and reconstruction
  • Database forensics
  • Digital evidence and the law
  • Digital evidence storage and preservation
  • Event reconstruction methods and tools
  • Impact of digital forensics on forensic science
  • Interpersonal communications and social network analysis
  • Malware and targeted attacks: analysis, attribution
  • Memory analysis and snapshot acquisition
  • Mobile and embedded device forensics
  • Multimedia forensic analysis
  • Network and distributed system forensics
  • Non-traditional forensic scenarios and approaches (e.g. vehicles, control systems, and SCADA)
  • Storage forensics, including file system and Flash
  • Tool testing and development
  • Triage, prioritization, automation: efficiently processing large amounts of data in digital forensics
  • Typology of digital traces
  • Virtualized environment forensics, with specific attention to the cloud and virtual machine introspection

The above list is only suggestive. We welcome new, original ideas from people in academia, industry, government, and law enforcement who are interested in sharing their results, knowledge, and experience. Authors are encouraged to demonstrate the applicability of their work to practical issues. Questions about submission topics can be sent via email to pc-chair imf-conference org. Please address general queries about IMF to 2023 imf-conference org.

Submission Details

IMF invites to submit full papers, presenting novel and mature research results, as well as practice papers, describing best practices, case studies, or lessons learned. The maximum paper length for full papers is 20 pages in ACM double column format, including the bibliography and well-marked appendices. Short papers for reporting early research results or best practice approaches are limited to 10 pages.
Research papers and presentation proposals must be submitted through the EasyChair site at
All submissions must be written in the English language (see below) and submitted in PDF format. Submissions must be anonymized. Authors of accepted papers must ensure that their papers will be presented at the conference. Submitted full papers must not substantially overlap papers that have been published elsewhere or that are simultaneously submitted to a journal or a conference with proceedings.
All submissions will be reviewed by the program committee and papers accepted for presentation at the conference will be included in the conference proceedings.
Send any questions about research paper / presentation proposal submissions to: pc-chair imf-conference org

Please submit your paper here.


IMF 2023's scope is international. Hence all submissions must be written in English language. Presentations of accepted papers must be given in English language as well.


Accepted papers will be published by ACM DTRAP and only be available online.

Dates and Deadlines (for regular papers and special sessions)

Papers and Presentation/Panel Proposals: January 31, 2023
Author notification: March 7, 2023
Final draft papers due & presenter registration: March 31, 2023 (Papers for which no author has registered by this date may be dropped from the program.)
Conference Dates: May 23 - May 24, 2023

Conference Chairs

Harald Baier
Universität der Bundeswehr München, Germany

Holger Morgenstern
Albstadt-Sigmaringen University, Germany

Technical Programme Committee Chairs

Andreas Dewald
ERNW Research GmbH, Germany

Thomas Schreck
HS München, Germany

Technical Programm Committee

Harald Baier, Universität der Bundeswehr München
Konstantin Bayreuther, DHBW Mannheim
Andrew Cormack, JISC
Andreas Dewald, ERNW Research GmbH
Jana Dittmann, Otto-von-Guericke University of Magdeburg
Christofer Fein, HS Albstadt-Sigmaringen
Felix Freiling, Friedrich-Alexander-Universität Erlangen-Nürnberg
Oliver Göbel, University of Stuttgart
Alexander Jäger, Google
Sven Kälber, Porsche AG
Christian Keil, DFN CERT
Stefan Kelm, DFN-CERT Services GmbH
Stefan Kiltz, Otto-von-Guericke University of Magdeburg
Jan Kohlrausch, DFN-CERT Services GmbH
Klaus-Peter Kossakowski, HAW Hamburg/DFN CERT
Robert Martin, MITRE
Holger Morgenstern, HS Albstadt-Sigmaringen
Sebastian Schinzel, Münster University of Applied Sciences
Janine Schneider, Friedrich-Alexander-Universität Erlangen-Nürnberg
Thomas Schreck, Siemens CERT
Marko Schuba, FH Aachen
Michael Spreitzenbarth, Siemens CERT

Steering Committee

Harald Baier
Sandra Frings
Oliver Göbel
Detlef Günther
Holger Morgenstern
Jens Nedon
Felix Freiling
Dirk Schadt

Under the Auspices of

German Informatics Society (GI e.V.)
Wissenschaftszentrum Ahrstr. 45, 53175 Bonn, Germany Tel.: +49 228 302 145, Fax: +49 228 302 167

Special Interest Group SIDAR

In Cooperation with

Gold Sponsor:

Silver Sponsor:

Bronze Sponsor: