IMF 2025
14th International Conference on
IT Security Incident Management & IT Forensics
September 16th - 17th, 2025
Albstadt, Germany
http://www.imf-conference.org/
mailto:2025@imf-conference.org
Conference under the Auspices of SIG SIDAR
of the German Informatics Society (GI).
Conference Program
Tuesday, September 16th, 2025
| Time | Presentation / Description | Speaker/Author/Session Chair | |
|---|---|---|---|
| 08:00 - 08:30 | Registration | ||
| 08:30 - 10:15 | Workshop - Practical Malware Analysis and Memory Forensics for Incident Response <SLIDES> | Ricardo J. Rodríguez (University of Zaragoza) |
|
| 10:15 - 10:30 | Coffee Break | ||
| 10:30 - 12:15 | Workshop - Practical Malware Analysis and Memory Forensics for Incident Response <SLIDES> | Ricardo J. Rodríguez (University of Zaragoza) |
|
| 12:15 - 13:00 | Lunch | ||
| 13:00 - 13:10 | Opening Remarks | ||
| 13:10 - 14:00 | Opening Keynote - RAM Raiders: At the Edge of Memory and the Law <SLIDES> | Ricardo J. Rodríguez (University of Zaragoza) | |
| 14:00 - 15:30 | Session 1 | ||
| 14:00 - 14:30 | Fine-Tuning Large Language Models for Digital Forensics: Case Study and General Recommendations <PAPER/SLIDES> | Michelet, Gaëtan (University of Augsburg, University of Lausanne); Henseler, Hans (Netherlands Forensic Institute, Leiden University of Applied Sciences); van Beek, Harm (Netherlands Forensic Institute, Open Universiteit); Scanlon, Mark (University College Dublin); Breitinger, Frank (University of Augsburg) | |
| 14:30 - 15:00 | Leveraging LLMs for Memory Forensics: A Comparative Analysis of Malware Detection <PAPER/SLIDES> | Lang, Jan-Hendrik; Schreck, Thomas (HM Munich University of Applied Sciences) | |
| 15:00 - 15:30 | Human Factors in AI-Driven Cybersecurity: Cognitive Biases and Trust Issues <PAPER/SLIDES> | Hagen, Raymond (Norwegian Digitalisation Agency, Norwegian University of Science and Technology); Øverlier, Lasse (Norwegian University of Science and Technology); Helkala, Kirsi (Norwegian Defence University College) | |
| 15:30 - 15:35 | Poster Introduction | ||
| 15:30 - 16:00 | Coffee Break | ||
| 16:00 - 17:00 | Session 2 | ||
| 16:00 - 16:30 | From IaC to IoC -- Using Infrastructure as Code (IaC) to Generate Synthetic Datasets of Compromised (IoC) Linux Systems for Use in Digital Forensics <PAPER/SLIDES> | Göbel, Thomas; Baier Harald (Universität der Bundeswehr München Fakultät für Informatik) | |
| 16:30 - 17:00 | Old Wine in New Wineskins: How Remnant Data Challenges Forensics and the Law <PAPER/SLIDES> | Hilgert, Sebastian (Bundesamt für Bevölkerungsschutz und Katastrophenhilfe) | |
| 17:00 | Departure to Social Event at the Hohenzollern Castle and Conference Dinner | ||
Wednesday, September 17th, 2025
| Time | Presentation / Description | Speaker/Author/Session Chair |
|---|---|---|
| 09:00 - 09:30 | Registration | |
| 09:30 - 10:30 | Session 3 | |
| 09:30 - 10:00 | Limits to the Forensic Analysis of Container Applications in Cloud Environments <PAPER/SLIDES> | Schmid, Kerstin (Friedrich-Alexander University Erlangen-Nuremberg); Bayreuther, Konstantin (DHBW Mannheim);Freiling, Felix (Friedrich-Alexander University Erlangen-Nuremberg) |
| 10:00 - 10:30 | Metrics Matter - Source Camera Forensics for Large-Scale Investigations <PAPER/SLIDES> | Klier, Samantha; Baier, Harald (Universität der Bundeswehr München Fakultät für Informatik) |
| 10:30 - 11:00 | Coffee Break | |
| 11:00 - 12:00 | Practitioners Panel | Schütz, Philip (LKA NRW);Steinel, Jürgen (SySS Gmbh);Schemberger, Björn (CSBW) |
| 12:00 - 12:45 | Lunch | |
| 12:45 - 14:15 | Session 4 | |
| 12:45 - 13:15 | DiskForge: Timestomping on Disk Images for Educational Benefit <PAPER/SLIDES> | Pohl, Niclas (Friedrich-Alexander University Erlangen-Nuremberg); Voigt, Lena (Friedrich-Alexander University Erlangen-Nuremberg); Hargreaves, Christopher (University of Oxford); Fein, Christofer (Hochschule Niederrhein); Freiling, Felix (Friedrich-Alexander University Erlangen-Nuremberg) |
| 13:15 - 13:45 | Evaluating tamper resistance of digital forensic artifacts during event reconstruction <PAPER/SLIDES> | Vanini, Céline (Université de Lausanne); Hargreaves, Chris (University of Oxford); Breitinger, Frank (University of Augsburg) |
| 13:45 - 14:15 | Validating a Set of Candidate Criteria for Evaluating Software Tools and Data Sources for National CSIRTs’ Cyber Incident Responses <PAPER/SLIDES> | Mohd Kassim, Sharifah Roziah Binti (CyberSecurity Malaysia); Li, Shujun; Arief, Budi (University of Kent - School of Computing Canterbury) |
| 14:15 - 14:30 | Coffee Break | |
| 14:30 - 15:30 | WS - Insights into the practical work of CERT BWL | Schemberger, Björn (Cybersicherheitsagentur Baden-Württemberg) |
In Cooperation with
