IMF 2007
3rd International Conference on
IT-Incident Management & IT-Forensics

September 11 - 13, 2007
Stuttgart, Germany

Conference of SIG SIDAR
of the German Informatics Society (GI).

*** Deadline for Paper submission extended to June 04, 2007 ***

[Start page]    [Call for Papers]    [Paper Submission]    [Program Committee]    [Contact]

Call for Papers

Information technology has become crucial to almost every part of society. IT infrastructures have become critical in the world-wide economy, the financial sector, the health sector, the government's administration, the military, and the educational sector.

Due to its importance the disruption or loss of IT capabilities results in a massive reduction of operability. Hence, IT security is continously gaining importance.

Although security usually gets involved into the design process of IT systems nowadays, the process of maintaining security in the operation of IT infrastructures still lacks the appropriate attendance in most cases. Especially the capability to manage and respond to IT security incidents and their forensic analysis is established in the rarest cases. The quickly rising number of security incidents worldwide makes the implementation of incident management capabilities essential.

In order to advance the fields of IT-Incident Management and Forensics the special interest-group Security - Intrusion Detection and Response (SIDAR) of the German Informatics Society (GI) organises an annual conference in co-operation with Stuttgart University's Computer Emergency Response Team (RUS-CERT) and the Fraunhofer Institute for Industrial Engineering (IAO), bringing together experts from throughout the world, to discuss the state of the art in the areas of Incident Management and IT-Forensics (IMF). IMF promotes collaboration and exchange of ideas between industry, academia, law-enforcement and other government bodies.

IMF invites to submit:

  • Full papers of up to 20 pages, presenting novel and mature research results.
  • Practice papers of up to 20 pages, describing best practices, case studies, lessons learned, or latest developments in technology.

All submissions must be in English, and in either postscript or PDF format. Authors of accepted papers must ensure that their papers will be presented at the conference. Presentations should be held in English.

Submitted full papers must not substantially overlap papers that have been published elsewhere or that are simultaneously submitted to a journal or a conference with proceedings.

Details on the electronic submission procedure as well as detailed registration information are provided on the conference Web site (Go to: Paper Sumission).

The scope of IMF 2007 is broad and includes, but is not restricted to the following areas:

IT-Incident Management:

  • Purposes of IT-Incident Management
  • Trends, Processes and Methods of IT-Incident Management
  • Formats and Standardization for IT-Incident Management
  • Tools for the IT-Incident Management
  • Education and Training in the field of IT-Incident Management Awareness
  • Determination, Detection and Evaluation of Incidents
  • Procedures for Handling Incidents
  • Problems and Challenges while establishing CERTs/ CSIRTs
  • Sources of Information/ Information Exchange/ Communities
  • Dealing with Vulnerabilities (vulnerability response)
  • Current Threats
  • Early Warning Systems
  • Organizations (Nat. CERT-Associations, FIRST, TERENA/ TI, TF-CSIRT, etc)
  • Trends and Challenges in IT-Forensics
  • Methods, Processes and Applications for IT-Forensics (Networks, Operating Systems, Storage Media, ICT Systems etc.)
  • Evidence Protection in IT-Environments
  • Standardization of Evidence Protection Processes
  • Data Protection and other legal implications for IT-Forensics
  • Methods in Investigation
  • Legal Relevance of IT-Forensics Investigations
  • Tools for IT-Forensics
  • IT-Forensics Readiness



extended: June 04, 2007:Deadline for Submissions
June 26, 2007:Notification of acceptance or rejection
July 17, 2007:Final paper camera ready copy due
September 11-12, 2007:IMF 2007 Conference


PEOPLE responsible for ...

General chair:Oliver Goebel, RUS-CERT, Universitaet Stuttgart
goebel @
Program chair:Sandra Frings, Fraunhofer IAO, Germany
Sandra.Frings @
Sponsor chair:Dirk Schadt, SPOT, Germany,
dirk.schadt @






Sandra Frings, Fraunhofer IAO
Oliver Goebel, RUS-CERT, Universitaet Stuttgart
Detlef Guenther, Volkswagen AG
Hardo G. Hase, IT-Security Expert
Jens Nedon, Consecur GmbH
Dirk Schadt, SPOT



Oliver Goebel
Detlef Guenther
Jens Nedon
Dirk Schadt



German Informatics Society (GI e.V.)
Wissenschaftszentrum Ahrstr. 45, 53175 Bonn, Germany
Tel.: +49 228 302 145, Fax: +49 228 302 167
Special Interest Group SIDAR



We solicit interested organizations to serve as sponsors for IMF 2007; please contact the Sponsor Chair, Dirk Schadt, for information regarding corporate sponsorship (mailto: dirk.schadt @

Imprint / Impressum