3rd International Conference on
IT-Incident Management & IT-Forensics

September 11 - 13, 2007
Stuttgart, Germany

[Start page]    [Call for Papers]    [Paper Submission]    [Program Committee]    [Contact]


Information technology has become crucial to almost every part of society. IT infrastructures have become critical in the world-wide economy, the financial sector, the health sector, the government's administration, the military, and the educational sector.

Due to its importance the disruption or loss of IT capabilities results in a massive reduction of operability. Hence, IT security is continously gaining importance.

Although security usually gets integrated into the design process of IT systems nowadays, the process of maintaining security in the operation of IT infrastructures still lacks the appropriate attendance in most cases. Especially the capability to manage and respond to IT security incidents and their forensic analysis is established in the rarest cases. The quickly rising number of security incidents worldwide makes the implementation of incident management capabilities essential.

In order to advance the fields of IT-Incident Management and Forensics the special interest-group Security - Intrusion Detection and Response (SIDAR) of the German Informatics Society (GI) organises an annual conference, bringing together experts from throughout the world, to discuss state of the art in the areas of Incident Management and IT-Forensics (IMF). IMF promotes collaboration and exchange of ideas between industry, academia, law-enforcement and other government bodies.

The scope of IMF 2006 is broad and includes, but is not restricted to the following areas:

IT-Incident Management:

  • Purposes of IT-Incident Management
  • Trends, Processes and Methods within IT-Incident Management
  • Formats and Standardisation in the IT-Incident Management
  • Tools for the IT-Incident Management
  • Education and Training in the field of IT-Incident Management Awareness
  • Determination, Detection and Evaluation of Incidents and Sensors
  • Procedures for Handling Incidents
  • Problems and Challenges while establishing CERTs/ CSIRTs
  • Sources of Information/ Information Exchange/ Communities
  • Dealing with Vulnerabilities (vulnerability response)
  • Current Threats
  • Early Warning System
  • Organisations (Nat. CERT-Associations, FIRST, TERENA/ TI, TF-CSIRT)
  • Trends and Challenges within IT-Forensics
  • Methods, Processes and Applications for IT-Forensics ( Networks, Operating Systems, Storage Media, ICT-Systems etc.)
  • Evidence Protection in IT-Environments
  • Standardisation of Evidence Protection Processes
  • Data Protection- and other legal implications for IT-Forensic Investigations
  • Juristic Relevance of IT-Forensic Investigations
  • Tools for IT-Forensics
  • Forensic readiness

Imprint / Impressum