IMF 2011

6th International Conference on
IT Security Incident Management & IT Forensics

May 10th to 12th, 2011
Stuttgart, Germany

Conference of SIG SIDAR
of the German Informatics Society (GI).

Call for Papers

Conference Background

IT-Security has become a steady concern for all entities operating IT-Systems. These include enterprises, governmental and non-governmental organizations, as well as individuals. Yet, despite high-end precautionary measures taken, not every attack or security mishap can be prevented and hence incidents will go on happening. In such cases forensic capabilities in investigating incidents in both technical and legal aspects are vital to understand their issue and feed back the knowledge gained into the security process. Documenting the measures taken to prevent or minimize damage to own or external IT infrastructure provides legal rear cover if an involved party decides to start proceedings. In a possible lawsuit emerging from such an incident, its treatment in a forensically proper way is crucial to be able to possibly claim for damages or prevent from being threatened by claims of third parties. Thus, capable incident response and forensic procedures have become an essential part of IT infrastructure operations.

In law enforcement IT forensics is an important branch and its significance constantly increases since IT has become an essential part in almost every aspect of daily life. IT systems produce traces and evidence in many ways that play a more and more relevant role in resolving cases.

Conference Goals

IMF's intent is to gather experts from throughout the world in order to present and discuss recent technical and methodical advances in the fields of IT security incident response and management and IT forensics. The conference provides a platform for collaboration and exchange of ideas between industry (both as users and solution providers), academia, law-enforcement and other government bodies.

Conference Topics

The scope of IMF 2011 is broad and includes, but is not limited to the following areas:

IT Security Incident Response

  • Procedures and Methods of Incident Response
  • Formats and Standardization for Incident Response
  • Tools Supporting Incident Response
  • Incident Analysis
  • Sources of Information, Information Exchange, Communities
  • Dealing with Vulnerabilities (Vulnerability Response)
  • Monitoring and Early Warning
  • Education and Training
  • Organizations
  • Legal and Enterprise Aspects (Jurisdiction, Applicable Laws and Regulations)

IT Forensics

  • Trends and Challenges in IT Forensics
  • Application of forensic techniques in new areas
  • Techniques, Tools in Procedures IT Forensics
  • Methods for the Gathering, Handling, Processing and Analysis of Digital Evidence
  • Evidence Protection in IT Environments
  • Standardization in IT Forensics
  • Education and Training
  • Organizations
  • Legal and Enterprise Aspects (Jurisdiction, Applicable Laws and Regulations)

Submission Details

IMF invites to submit full papers of up to 20 pages, presenting novel and mature research results as well as practice papers, describing best practices, case studies or lessons learned of up to 20 pages. Proposals for workshops, discussions and presentations on practical methods and challenges are also welcome.

All submissions must be written in English (see below), and either in postscript or PDF format. Submissions must be anonymised. Authors of accepted papers must ensure that their papers will be presented at the conference. Submitted full papers must not substantially overlap papers that have been published elsewhere or that are simultaneously submitted to a journal or a conference with proceedings.

All submissions will be reviewed by the program committee and papers accepted to be presented at the conference will be included in the conference proceedings.

The Call for Papers deadline has been extended to January 17th, 2011. Please submit your paper here.

You will find the submission guidelines here.

Fees and registration information is available here.


IMF 2011's scope is international hence all submissions must be written in English. Presentations of accepted papers also must be done in English.


Accepted papers will be published by the IEEE Computer Society's Conference Publishing Services. Each participant of the conference will receive a printed copy.

Dates and Deadlines

The deadline for paper submission is January 3rd, 2011. Notification of acceptance will be sent on January 31st, 2011 the latest. You may get your notification earlier than that. Final camera ready copies of accepted papers must me submitted until February 7th, 2011.

EXTENDED TO January 17th, 2011: Deadline for submissions
January 31st, 2011: Notification of acceptance or rejection -------> February 21st, 2011
February 7th, 2011: Due date for final camera ready copies -------> February 28th, 2011
May 10th to 12th, 2011: IMF 2011 Conference

Conference Chair

Detlef Guenther
Corporate Internal Audit, Volkswagen AG

Program Chair

Holger Morgenstern
IT Expert Witness,

Sponsor Chair

Jens Nedon
IT Security Consultant

Organizing Committee

Jack Cole
Ralf Ehlert
Sandra Frings
Oliver Goebel
Detlef Guenther
Stefan Kiltz
Holger Morgenstern
Jens Nedon
Dirk Schadt

Programm Committee

Rafael AccorsiUniversitaet Freiburg, Germany
Susan BrennerUniversity of Dayton, USA
Jack ColeUS Army Research Laboratory, USA
Andrew CormackJANET, UK
Andreas DonderaLandeskriminalamt Hamburg, Germany
Ralf DoerrieGermany
Ralf EhlertUniversitaet Magdeburg, Germany
Felix FreilingUniversitaet Mannheim, Germany
Sandra FringsFraunhofer IAO, Germany
Oliver GoebelUniversitaet Stuttgart, Germany
Detlef GuentherVolkswagen AG, Germany
Vijay K. GurbaniBell Labs, USA
Alexander HerrigelLuzerner Kantonalbank AG, Switzerland
Stefan KiltzUniversitaet Magdeburg, Germany
Bernhard M. HaemmerliACRIS GmbH, Switzerland
Robert MartinMITRE Corp., USA
Holger, Germany
Jens NedonGermany
Dirk SchadtSPOT, Germany
Mark SchillerStatton Security Ltd, UK
Andreas SchusterDeutsche Telekom, Germany
Marco ThorbrueggeENISA, EU
Stephen D. WolthusenRoyal Holloway, Univ. of London, UK
Steven W. WoodAlste Technologies GmbH, Germany

Steering Committee

Sandra Frings
Oliver Goebel
Detlef Guenther
Jens Nedon
Dirk Schadt

Under the Auspices of

German Informatics Society (GI e.V.)
Wissenschaftszentrum Ahrstr. 45, 53175 Bonn, Germany Tel.: +49 228 302 145, Fax: +49 228 302 167

Special Interest Group SIDAR

In Co-Operation with

ENISA - European Network and information Security Agency
Fraunhofer Institut fuer Arbeitswirtschaft und Organisation IAO
SPOT Consulting
Universitaet Stuttgart, RUS-CERT


We invite interested organizations to serve as sponsors for IMF 2011; please contact the Sponsor Chair, Jens Nedon, for information regarding corporate sponsorship (


Fraunhofer Institutszentrum Stuttgart IZS
Nobelstrasse 12
D-70569 Stuttgart

Local Organisation

Sandra Frings
Fraunhofer Institut fuer Arbeitswirtschaft und Organisation IAO
Dipl.-Inf. Sandra Frings
Nobelstrasse 12
D-70569 Stuttgart

Tel.: +49 711 970 2460
Fax: +49 711 970 2401