Cipher
Calls for Papers



IEEE Computer Society's Technical Committee on Security and Privacy


 

Last Modified:1/29/18

Note: Please send new calls to cipher-cfp@ieee-security.org and take a moment to read the submission guidelines. And please see the Cipher Calendar for events sorted in date order. For all other questions, please contact cipher-cfp@ieee-security.org by email.

Contents

 

Special Issues of Journals and Handbooks


Conference and Workshop Call-for-papers

January 2018

SADFE 2018 12th International Workshop on Systematic Approaches to Digital Forensics Engineering, Co-located with 39th IEEE Symposium on Security and Privacy (IEEE S&P 2018), San Francisco, CA, USA, May 24, 2018. (Submission Due 31 January 2018) [posted here 10/30/17]
SADFE (Systematic Approaches to Digital Forensic Engineering) promotes systematic approaches to digital forensic investigation on failures of today’s cyber systems and networks. SADFE furthers Digital Forensic Engineering (DFE) advancement as a disciplined and holistic scientific practice. The 12th International Conference on Systematic Approaches to Digital Forensic Engineering (SADFE) is calling for paper submissions in the broad field of Digital Forensics from both practitioner and researcher’s perspectives. With the dynamic change and rapid expansion of the types of electronic devices, networked applications, and investigation challenges, systematic approaches for automating the process of gathering, analyzing and presenting digital evidence are in unprecedented demands. The SADFE conference aims at promoting solutions for related problems. Past speakers and attendees of SADFE have included computer scientists, social scientists, forensic practitioners, lawyers and judges. The synthesis of hard technology and science with social science and practice forms the foundation of this conference. Papers focusing on any of the system, legal, or practical aspects of digital forensics are solicited. Topics to be Addressed:
- Digital Data and Evidence Management: advanced digital evidence discovery, collection, management, storage and preservation
- Digital Evidence, Data Integrity and Analytics: advanced digital evidence and digitized data analysis, correlation, and presentation
- Forensics of embedded or non-traditional devices (e.g. digicams, cell phones, SCADA, obsolete storage media)
- Forensic and digital data integrity issues for digital preservation and recovery
- Scientific Principle-Based Digital Forensic Processes: systematic engineering processes supporting digital evidence management which are sound on scientific, technical and legal grounds
- Legal/technical aspects of admissibility and evidence tests
- Legal, Ethical and Technical Challenges

For more information, please see http://sadfe.org/cfp/.

February 2018

SP 2018 39th IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 21-23, 2018. (Submission Due first day of each month) [posted here 06/12/17]
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
- Access control and authorization
- Accountability
- Anonymity
- Application security
- Attacks and defenses
- Authentication
- Censorship resistance
- Cloud security
- Distributed systems security
- Economics of security and privacy
- Embedded systems security
- Forensics
- Hardware security
- Intrusion detection and prevention
- Malware and unwanted software
- Mobile and Web security and privacy
- Language-based security
- Network and systems security
- Privacy technologies and mechanisms
- Protocol security
- Secure information flow
- Security and privacy for the Internet of Things
- Security and privacy metrics
- Security and privacy policies
- Security architectures
- Usable security and privacy
This topic list is not meant to be exhaustive; S&P is interested in all aspects of computer security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.

Systematization of Knowledge Papers
As in past years, we solicit systematization of knowledge (SoK) papers that evaluate, systematize, and contextualize existing knowledge, as such papers can provide a high value to our community. Suitable papers are those that provide an important new viewpoint on an established, major research area, support or challenge long-held beliefs in such an area with compelling evidence, or present a convincing, comprehensive new taxonomy of such an area. Survey papers without such insights are not appropriate. Submissions will be distinguished by the prefix “SoK:” in the title and a checkbox on the submission form. They will be reviewed by the full PC and held to the same standards as traditional research papers, but they will be accepted based on their treatment of existing work and value to the community, and not based on any new research results they may contain. Accepted papers will be presented at the symposium and included in the proceedings.

Workshops
The Symposium is also soliciting submissions for co-located workshops. Further details on submissions can be found at https://www.ieee-security.org/TC/SP2018/workshops.html.

Ongoing Submissions
To enhance the quality and timeliness of the scientific results presented as part of the Symposium, and to improve the quality of our reviewing process, IEEE S&P now accepts paper submissions 12 times a year, on the first of each month. The detailed process can be found at the conference call-for-papers page.
.
For more information, please see https://www.ieee-security.org/TC/SP2018/cfpapers.html.

WCCI-Blockchain 2018 Blockchain Research and Applications Session, Held in conjunction with the 2018 World Congress on Computational Intelligence (WCCI 2018), Rio de Janeiro, Brasil, July 8-13, 2018. (Submission Due 1 February 2018) [posted here 1/29/18]
The blockchain emerged as a novel distributed consensus scheme that allows transactions, and any other data, to be securely stored and verified in a decentralized way. Considered by some as revolutionary as the Internet, the blockchain has the potential to underpin concepts, frameworks, regulations, and economics. The nascent field of blockchain research is highly interdisciplinary, and has the potential for fascinating research projects and results, sitting at the intersection of computer science, cryptography, economics, engineering, finance, law, mathematics, and politics. Many technical challenges arise with the rapid development of distributed ledger technologies. There is a great interest in applying blockchain to different application scenarios and in solving complex problems. This technology also offers superb opportunities to support the transformation of business models. This special session aims to provide a forum for researchers in this area to carefully analyze current systems or propose new ones, in order to create a scientific background for a solid development of new blockchain technology systems.

For more information, please see http://www.ieee-cifer.org.

USENIX Security 2018 27th USENIX Security Symposium, Baltimore, MD, USA, August 15-17, 2018. (Submission Due 8 February 2018) [posted here 11/27/17]
The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the security and privacy of computer systems and networks. All researchers are encouraged to submit papers covering novel and scientifically significant practical works in computer security. USENIX Security is interested in all aspects of computing systems security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.

For more information, please see https://www.usenix.org/conference/usenixsecurity18.

SOUPS 2018 14th Symposium on Usable Privacy and Security, Baltimore, MD, USA, August 12-14, 2018. (Submission Due 12 February 2018) [posted here 12/11/17]
The Fourteenth Symposium on Usable Privacy and Security will bring together an interdisciplinary group of researchers and practitioners in human computer interaction, security, and privacy. We invite authors to submit previously unpublished papers describing research or experience in all areas of usable privacy and security. We welcome a variety of research methods, including both qualitative and quantitative approaches. Papers will be judged on their scientific quality, overall quality, and value to the community.

For more information, please see https://www.usenix.org/conference/soups2018.

Crypto 2018 38th International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2018. (Submission Due 13 February 2018) [posted here 12/11/17]
Original contributions on all technical aspects of cryptology are solicited for submission to Crypto 2018, the 38th Annual International Cryptology Conference. Submissions are welcome on any cryptographic topic including, but not limited to:
- Foundational theory and mathematics
- The design, proposal, and analysis of cryptographic primitives and protocols
- Secure implementation and optimization in hardware or software; and
- Applied aspects of cryptography

For more information, please see https://crypto.iacr.org/2018/.

BioSTAR 2018 3rd International Workshop on Bio-inspired Security, Trust, Assurance and Resilience, Co-located with 39th IEEE Symposium on Security and Privacy (IEEE S&P 2018), San Francisco, CA, USA, May 24, 2018. (Submission Due 15 February 2018) [posted here 10/23/17]
As computing and communication systems continue to expand and offer new services, these advancements require more dynamic, diverse, and interconnected computing infrastructures. Unfortunately, defending and maintaining resilient and trustworthy operation of these complex systems are increasingly difficult challenges. Conventional approaches to Security, Trust, Assurance and Resilience (STAR for short) are often too narrowly focused and cannot easily scale to manage large, coordinated and persistent attacks in these environments. Designs found in nature are increasingly used as a source of inspiration for STAR and related networking and intelligence solutions for complex computing and communication environments. Nature's footprint is present in the world of Information Technology, where there are an astounding number of computational bio-inspired techniques. These well-regarded approaches include genetic algorithms, neural networks, ant algorithms, immune systems just to name a few. For example several networking management and security technologies have successfully adopted some of nature's approaches, such as swarm intelligence, artificial immune systems, sensor networks, moving target defense, diversity-based software design, etc. Nature has also developed an outstanding ability to recognize individuals or foreign objects and adapt/evolve to protect a group or a single organism. Solutions that incorporate these nature-inspired characteristics often have improved performance and/or provided new capabilities beyond more traditional methods. The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field of nature-inspired STAR aspects in computing and communications. Topics of interests include, but are not limited to:
- Nature-inspired anomaly and intrusion detection
- Adaptation algorithms
- Biometrics
- Nature-inspired algorithms and technologies for STAR
- Biomimetics
- Artificial Immune Systems
- Adaptive and Evolvable Systems
- Machine Learning, neural networks, genetic algorithms for STAR
- Nature-inspired analytics and prediction
- Cognitive systems
- Sensor and actuator networks and systems
- Information hiding solutions (steganography, watermarking) for network traffic
- Cooperative defense systems
- Cloud-supported nature-inspired STAR
- Theoretical development in heuristics
- Management of decentralized networks
- Nature-inspired algorithms for dependable networks
- Platforms for STAR services
- Diversity in computing and communications
- Survivable and sustainable systems
- STAR management systems
- Autonomic cyber defenses

For more information, please see http://biostar.cybersecurity.bio/.

WIIoTS 2018 Workshop on Industrial Internet of Things Security, Bilbao, Spain, June 4-7, 2018. (Submission Due 16 February 2018) [posted here 12/25/17]
The Industrial Internet of Things (IIoT) is an emerging paradigm in today's (control) industry, comprising Internet-enabled cyber-physical devices with the ability to couple to the new interconnection technologies such as cloud/fog computing. Under this perspective, the new industrial cyber-physical "things" can be accessible and available from remote locations, the information of which can be processed and stored in distributed locations, favouring the cooperation, the performance in field, and the achievement of operational tasks working at optimal times. However, the incorporation of the IIoT in the new scenarios of the fourth industrial revolution, also known as Industry 4.0, entails having to consider the new security and privacy issues that can threaten the wellbeing of the new IIoT ecosystem and its coexistence with the existing industrial technologies, with a high risk of impact on the end-users. Therefore, this workshop will create a collaboration platform for experts from academia, governments and industry to address the new IIoT security and privacy challenges. Papers related to security and privacy of embedded systems working in industrial and control environments, such as SCADA, smart grid, smart cities, manufacturing systems, water systems, and in critical infrastructures in general, are all welcome at WIIoTS 2018.

For more information, please see http://globaliotsummit.org.

IVSW 2018 3rd International Verification and Security Workshop, Costa Brava, Spain, July 2-4, 2018. (Submission Due 21 February 2018) [posted here 1/8/18]
Issues related to verification and security are increasingly important in modern electronic systems. In particular, the huge complexity of electronic systems has led to growth in quality, reliability and security needs in several application domains as well as pressure for low cost products. There is a corresponding increasing demand for cost-effective verification techniques and security solutions. These needs have increased dramatically with the increased complexity of electronic systems and the fast adoption of these systems in all aspects of our daily lives. The goal of IVSW is to bring industry practitioners and researchers from the fields of verification, validation, test, reliability and security to exchange innovative ideas and to develop new methodologies for solving the difficult challenges facing us today in various SoC design environments. The workshop seeks submissions from academia and industry presenting novel research results on the following topics of interest:
- Verification challenges of IoT
- High-level test generation for functional verification
- Emulation techniques and FPGA prototyping
- Triage and debug methodologies
- Silicon debugging
- Low-power verification
- Formal techniques and their applications
- Verification coverage
- Performance validation and characterization
- Design for Verifiability (DFV)
- Memory and coherency verification
- ESL design and Virtual Platforms
- Design for security and security validation
- CAD metrics and tools for security
- Cryptography and trusted computing
- Detection of Trojans and counterfeit electronics
- Methods for IP protection (obfuscation, encryption, etc.)
- Fault-based side-channel attacks and countermeasures
- Hardware security primitives design and evaluation
- Security for analog/mixed signal (AMS) circuits
- Security in automotive, railway, avionics, space, Internet of Things (IoT)
- Data analytics in verification and security
- Cross layer security and verification
- Security of design environment and tools, and supply chain

For more information, please see http://tima.imag.fr/conferences/ivsw/ivsw18/.

PETS 2018 18th Privacy Enhancing Technologies Symposium, Barcelona, Spain, July 24-27, 2018. (Submission Due 28 February 2018) [posted here 08/07/17]
The annual Privacy Enhancing Technologies Symposium (PETS) brings together privacy experts from around the world to present and discuss recent advances and new perspectives on research in privacy technologies. Papers undergo a journal-style reviewing process and accepted papers are published in Proceedings on Privacy Enhancing Technologies (PoPETs), a scholarly, open access journal. Submitted papers should present novel practical and/or theoretical research into the design, analysis, experimentation, or fielding of privacy-enhancing technologies. While PETS/PoPETs has traditionally been home to research on anonymity systems and privacy-oriented cryptography, we strongly encourage submissions on a number of both well-established and emerging privacy-related topics, for which examples are provided below. PoPETs also solicits submissions for Systematization of Knowledge (SoK) papers. These are papers that critically review, evaluate, and contextualize work in areas for which a body of prior literature exists, and whose contribution lies in systematizing the existing knowledge in that area. Authors are encouraged to view our FAQ about the submission process.
- Behavioural targeting
- Building and deploying privacy-enhancing systems
- Crowdsourcing for privacy
- Cryptographic tools for privacy
- Data protection technologies
- Differential privacy
- Economics of privacy and game-theoretical approaches to privacy
- Empirical studies of privacy in real-world systems
- Forensics and privacy
- Human factors, usability and user-centered design for PETs
- Information leakage, data correlation and generic attacks to privacy
- Interdisciplinary research connecting privacy to economics, law, ethnography, psychology, medicine, biotechnology
- Location and mobility privacy
- Machine learning and privacy
- Measuring and quantifying privacy
- Mobile devices and privacy
- Obfuscation-based privacy
- Policy languages and tools for privacy
- Privacy in cloud and big-data applications
- Privacy in social networks and microblogging systems
- Privacy-enhanced access control, authentication, and identity management
- Profiling and data mining
- Reliability, robustness, and abuse prevention in privacy systems
- Surveillance
- Systems for anonymous communications and censorship resistance
- Traffic analysis
- Transparency enhancing tools
- Web privacy

For more information, please see https://petsymposium.org/.

March 2018

SP 2018 39th IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 21-23, 2018. (Submission Due first day of each month) [posted here 06/12/17]
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
- Access control and authorization
- Accountability
- Anonymity
- Application security
- Attacks and defenses
- Authentication
- Censorship resistance
- Cloud security
- Distributed systems security
- Economics of security and privacy
- Embedded systems security
- Forensics
- Hardware security
- Intrusion detection and prevention
- Malware and unwanted software
- Mobile and Web security and privacy
- Language-based security
- Network and systems security
- Privacy technologies and mechanisms
- Protocol security
- Secure information flow
- Security and privacy for the Internet of Things
- Security and privacy metrics
- Security and privacy policies
- Security architectures
- Usable security and privacy
This topic list is not meant to be exhaustive; S&P is interested in all aspects of computer security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.

Systematization of Knowledge Papers
As in past years, we solicit systematization of knowledge (SoK) papers that evaluate, systematize, and contextualize existing knowledge, as such papers can provide a high value to our community. Suitable papers are those that provide an important new viewpoint on an established, major research area, support or challenge long-held beliefs in such an area with compelling evidence, or present a convincing, comprehensive new taxonomy of such an area. Survey papers without such insights are not appropriate. Submissions will be distinguished by the prefix “SoK:” in the title and a checkbox on the submission form. They will be reviewed by the full PC and held to the same standards as traditional research papers, but they will be accepted based on their treatment of existing work and value to the community, and not based on any new research results they may contain. Accepted papers will be presented at the symposium and included in the proceedings.

Workshops
The Symposium is also soliciting submissions for co-located workshops. Further details on submissions can be found at https://www.ieee-security.org/TC/SP2018/workshops.html.

Ongoing Submissions
To enhance the quality and timeliness of the scientific results presented as part of the Symposium, and to improve the quality of our reviewing process, IEEE S&P now accepts paper submissions 12 times a year, on the first of each month. The detailed process can be found at the conference call-for-papers page.
.
For more information, please see https://www.ieee-security.org/TC/SP2018/cfpapers.html.

SecDev 2018 IEEE Security Development Conference, Cambridge, MA, USA, September 30-October 2, 2018. (Submission Due 5 March 2018) [posted here 1/1/18]
SecDev is a venue for presenting ideas, research, and experience about how to develop secure systems. SecDev is distinguished by its focus on the theory, techniques, and tools for how to "build security in" to computing systems, and not simply discover the absence of security. Its goal is to encourage and disseminate ideas for secure system development among academia, industry, and government. Developers have valuable experiences and ideas that can inform academic research, and researchers have concepts, studies, and even code and tools that could benefit developers. Great SecDev contributions could come from attendees of industrial conferences like AppSec, RSA, Black Hat, and Shmoocon; from attendees of academic conferences like IEEE S&P, IEEE CSF, USENIX Security, PLDI, FSE, ISSTA, SOUPS, and others; and from newcomers. SecDev solicits four types of contributions. First, SecDev is a forum for novel research papers that present innovations, experience-based insights, or a vision about how to "build security in" to existing and new computing systems. Position papers with exceptional visions will also be considered. Second, SecDev seeks Best Practices (BP) papers that provide an in-depth clarification and integration of solutions on a major security area. The paper needs to provide new perspectives and insights, although it could draw upon prior work. Third, SecDev seeks hands-on and interactive tutorials on processes, frameworks, languages, and tools for building security in. The goal is to share knowledge on the art and science of secure systems development. Fourth, SecDev seeks abstracts from practitioners to share their practical experiences and challenges in security development.

For more information, please see https://secdev.ieee.org/2018/papers/.

ESSoS 2018 International Symposium on Engineering Secure Software and Systems, Campus Paris-Saclay, France, June 26-27, 2018. (Submission Due 9 March 2018) [posted here 12/11/17]
Software-based systems permeate the very fabric of our society from enterprise IT systems and mobile devices to smart home and city environments. Consequently, computer security is becoming an increasingly inter-disciplinary subject requiring attention to the various aspects of securing our software-based infrastructure. One must pay careful attention to ensure compatibility with existing software and the wider socio-technical context (e.g., users and organisations) which it inhabits. This, in turn, requires an approach that integrates insights from computer security research with rigorous software engineering methods to ensure the security and resilience of our digital infrastructure. ESSoS therefore welcomes contributions that are at the border of system security and software engineering. The goal of this symposium is to bring together researchers and practitioners to advance the state of the art and practice in secure software engineering. Being one of the few conference-level events dedicated to this topic, it explicitly aims to bridge the software engineering and software security communities. The symposium features two days of technical program including two keynote presentations. In addition to academic papers, the symposium encourages submission of high-quality, informative industrial experience papers about successes and failures in secure software engineering and the lessons learned. Furthermore, the symposium also accepts short idea papers that crisply describe a promising direction, approach, or insight.

For more information, please see https://distrinet.cs.kuleuven.be/events/essos/2018/index.html.

ARES 2018 13th International Conference on Availability, Reliability and Security, Hamburg, Germany, August 27-30, 2018. (Submission Due 16 March 2018) [posted here 12/25/17]
The 13th International Conference on Availability, Reliability and Security ("ARES - The International Dependability Conference") will bring together researchers and practitioners in the area of dependability. ARES will highlight the various aspects of dependability - with special focus on the crucial linkage between availability, reliability and security. ARES aims at a full and detailed discussion of the research issues of dependability as an integrative concept that covers amongst others availability, safety, confidentiality, integrity, maintainability and security in the different fields of applications. ARES will emphasize the interplay between foundations and practical issues of dependability in emerging areas such as e-government, m-government, location-based applications, ubiquitous computing, autonomous computing, chances of grid computing etc. ARES is devoted to the critical examination and research challenges of the various aspects of Dependable Computing and the definition of a future road map.

For more information, please see http://www.ares-conference.eu.

DASC 2018 16th IEEE International Conference on Dependable, Autonomic and Secure Computing, Athens, Greece, August 12-15, 2018. (Submission Due 30 March 2018) [posted here 12/25/17]
IEEE DASC 2018 aims to bring together computer scientists, industrial engineers, and researchers to discuss and exchange experimental and theoretical results, novel designs, work-in-progress, experience, case studies, and trend-setting ideas in the areas of dependability, security, trust and/or autonomic computing systems. Topics of particular interests include the following tracks, but are not limited to:
- Dependable, Autonomic, Secure Computing Systems, Architectures and Communications
- Cloud Computing and Fog/edge Computing with Autonomic and Trusted Environment
- Dependable Automatic Control Techniques and Systems
- Dependable Sensors, Devices, Embedded Systems
- Dependable Electronic-Mechanical Systems, Optic-Electronic Systems
- Self-improvement in Dependable Systems
- Self-healing, Self-protection and Fault-tolerant Systems
- Hardware and Software Reliability, Verification and Testing
- Software Engineering for Dependable Systems
- Safety-critical Systems in Transportation and Power System
- Security Models and Quantifications
- Trusted P2P, Web Service, SoA, SaaS, EaaS, and PaaS
- Self-protection and Intrusion-detection in Security
- DRM, Watermarking Technology, IP Protection
- Context-aware Access Control
- Virus Detections and Anti-Virus Techniques/Software
- Cyber Attack, Crime and Cyber War
- Human Interaction with Trusted and Autonomic Computing Systems
- Security, Dependability and Autonomic Issues in Ubiquitous Computing
- Security, Dependability and Autonomic Issues in Cyber-Physical System
- Security, Dependability and Autonomic Issues in Big Data, SDN, and IoT Systems
- QoS in Communications and Services and Service Oriented Architectures
- Information and System Security
- Reliable Computing and Trusted Computing
- Wireless Emergency and Security Systems
- Information Technology in Biomedicine
- Multimedia Security Issues over Mobile and Wireless Networks
- Multimedia in Mobile Computing: Issues, System Design and Performance Evaluation
- Software Architectures and Design for Emerging Systems
- Software Engineering for Emerging Networks, Systems, and Mobile Systems
- Evaluation Platforms for Dependable, Autonomic and Secure Computing Systems
- Trustworthy Data, Secured Data Collection System, Model, and Architectures

For more information, please see http://cyber-science.org/2018/dasc/.

DBSec 2018 32nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy, Bergamo, Italy, July 16-18, 2018. (Submission Due 30 March 2018) [posted here 1/22/18]
DBSec is an annual international conference covering research in data and applications security and privacy. The 32nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2018) will be held in Bergamo, Italy. The conference seeks submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of data protection, privacy, and applications security. Topics of interest include, but are not limited to:
- access control
- anonymity
- applied cryptography in data security
- authentication
- big data security
- data and system integrity
- data protection
- database security
- digital rights management
- identity management
- intrusion detection
- knowledge discovery and privacy
- methodologies for data and application security
- network security
- organizational security
- privacy
- secure cloud computing
- secure distributed systems
- secure information integration
- secure Web services
- security and privacy in crowdsourcing
- security and privacy in IT outsourcing
- security and privacy in the Internet of Things
- security and privacy in location-based services
- security and privacy in P2P scenarios and social networks
- security and privacy in pervasive/ubiquitous computing
- security and privacy policies
- security management
- security metrics
- threats, vulnerabilities, and risk management
- trust and reputation systems
- trust management
- wireless and mobile security

For more information, please see http://dbsec18.unibg.it.

April 2018

ICDF2C 2018 10th EAI International Conference on Digital Forensics & Cyber Crime, New Orleans, LA, USA, September 10-12, 2018. (Submission Due 30 April 2018) [posted here 1/29/18]
Cyberspace is becoming increasingly central to the basic function of modern society. Cybercrime and cyberwarfare have emerged as major threats to the integrity of digital information and to the functioning of cyber-controlled physical systems. Such threats have direct consequences for almost all individuals, businesses and organizations, government institutions, and civic processes. Digital forensics and cybercrime investigations are multidisciplinary areas that encompass law and law enforcement, computer science and engineering, IT operations, economics and finance, data analytics and criminal justice. ICDF2C brings together researchers and practitioners from all these areas in order to scientifically address the numerous challenges due to the rapid increase in the amount and variety of data under investigation, as well as the growing complexity of both the threats and the targeted systems.

For more information, please see http://d-forensics.org/.

May 2018

SciSec 2018 1st International Conference on Science of Cyber Security, Beijing, China, August 12-14, 2018. (Submission Due 1 May 2018) [posted here 12/4/17]
This new forum aims to catalyze the research collaborations between the relevant communities and disciplines that can work together to deepen our understanding of, and build a firm foundation for, the emerging Science of Cyber Security. Publications in this venue would distinguish themselves from others by taking or thinking from a holistic perspective about cyber security, rather than the building-block perspective. Each submission will be reviewed (double blind) by at least 3 reviewers. The program committee plans to select and award a Best Paper and a Best Student Paper. The post-conference proceedings will be published in Springer's Lecture Notes in Computer Science (LNCS) series. Areas of interest include:
- Cybersecurity Dynamics
- Cybersecurity Metrics and Their Measurements
- First-principle Cybersecurity Modeling and Analysis (e.g., Dynamical Systems, Control-Theoretic, and Game-Theoretic Modeling)
- Cybersecurity Data Analytics
- Big Data for Cybersecurity
- Artificial Intelligence for Cybersecurity
- Machine Learning for Cybersecurity
- Economics Approaches for Cybersecurity
- Social Sciences Approaches for Cybersecurity
- Statistical Physics Approaches for Cybersecurity
- Complexity Sciences Approaches for Cybersecurity
- Experimental Cybersecurity
- Macroscopic Cybersecurity
- Statistics Approaches for Cybersecurity
- Human Factors for Cybersecurity
- Compositional Security
- Biology-inspired Approaches for Cybersecurity

For more information, please see http://www.sci-cs.net/.

Archival Journals Regularly Specializing in Security and Privacy

Journal of Privacy Technology (JOPT),   Editor-in-Chief:  Latanya Sweeney
This online-only Journal, started in 2004 and  operated by Carnegie Mellon University, is a forum for the publication of original current research in privacy technology. It encourages the submission of any material dealing primarily with the technological aspects of privacy or with the privacy aspects of technology, which may include analysis of the interaction between policy and technology or the technological implications of legal decisions.  More information can be found at http://www.jopt.org/.

IEEE Security and Privacy Magazine,   Editor-in-Chief: Shari Lawrence Pfleeger
IEEE Security & Privacy provides a unique combination of research articles, case studies, tutorials, and regular departments covering diverse aspects of information assurance such as legal and ethical issues, privacy concerns, tools to help secure information, analysis of vulnerabilities and attacks, trends and new developments, pedagogical and curricular issues in educating the next generation of security professionals, secure operating systems and applications, security issues in wireless networks, design and test strategies for secure and survivable systems, and cryptology.  More information can be found at http://www.computer.org/portal/web/computingnow/securityandprivacy.

ACM Transactions on Information and System Security,   Editor-in-Chief: Gene Tsudik
ACM invites submissions for its Transactions on Information and System Security, inaugurated in November 1998. TISSEC publishes original archival-quality research papers and technical notes in all areas of information and system security including technologies, systems, applications, and policies. Papers should have practical relevance to the construction, evaluation, application, or operation of secure systems. Theoretical papers will be accepted only if there is convincing argument for the practical significance of the results. Theory must be justified by convincing examples illustrating its application. More information is given on the journal web page at http://www.acm.org/tissec.

IEEE Transactions on Dependable and Secure Computing,   Editor-in-Chief: Ravi Sandhu
The IEEE Transactions on Dependable and Secure Computing publishes archival research results related to research into foundations, methodologies, and mechanisms that support the achievement—through design, modeling, and evaluation—of systems and networks that are dependable and secure to the desired degree without compromising performance. The focus will also include measurement, modeling, and simulation techniques, and foundations for jointly evaluating, verifying, and designing for performance, security, and dependability constraints. More information is given on the journal web page at http://www.computer.org/portal/web/tdsc.

The Springer Series on ADVANCES IN INFORMATION SECURITY
The purpose of the Advances in Information Security book series is to establish the state of the art and set the course for future research in information security. The scope of this series includes not only all aspects of computer, network security, and cryptography, but related areas, such as fault tolerance and software assurance. The series serves as a central source of reference for information security research and developments. The series aims to publish thorough and cohesive overviews on specific topics in Information Security, as well as works that are larger in scope than survey articles and that will contain more detailed background information. The series also provides a single point of coverage of advanced and timely topics and a forum for topics that may not have reached a level of maturity to warrant a comprehensive textbook. Prospective Authors or Editors: If you have an idea for a book that would fit in this series, we would welcome the opportunity to review your proposal. Should you wish to discuss any potential project further or receive specific information regarding book proposal requirements, please contact Professor Sushil Jajodia (jajodia@gmu.edu,703-993-1653).
 
Journal of Computer Security,   Editor-in-Chief: John Mitchell and Pierangela Samarati
JCS is an archival research journal for significant advances in computer security. Subject areas include architecture, operating systems, database systems, networks, authentication, distributed systems, formal models, verification, algorithms, mechanisms, and policies. All papers must be submitted online at http://www.iospress.nl/journal/journal-of-computer-security/. More information is given on the journal web page at http://jcs.stanford.edu/.
 
Computers & Security,   Editor-in-Chief: Eugene H. Spafford
Computers & Security aims to satisfy the needs of managers and experts involved in computer security by providing a blend of research developments, innovations, and practical management advice. Original submissions on all computer security topics are invited, particularly those of practical benefit to the practitioner. All papers must be submitted online at http://ees.elsevier.com/cose/. More information can be found at http://www.elsevier.com/locate/issn/01674048.
 
International Journal of Information Security,   Editors-in-Chief: D. Gollmann; J. Lopez; E. Okamoto
The International Journal of Information Security, IJIS, aims to provide prompt publication of important technical work in information security, attracting any person interested in communications, commerce, banking, medicine, or other areas of endeavor affected by information security. Any research submission on theory, applications, and implementations of information security is welcomed. This includes, but is not limited to, system security, network security, content protection, applications and foundations of information security. More information is given on the journal web page at http://www.springer.com/computer/security+and+cryptology/journal/10207.
 
International Journal of Network Security,   Editors-in-Chief: Min-Shiang Hwang
International Journal of Network Security is an international official journal of Science Publications, publishing original articles, reviews and short communications of a high scientific and technology in network security. Subjects covered include: access control, computer security, cryptography, communications security, data security, database security, electronic commerce security, information security, multimedia security, and network security. Authors are strongly encouraged to submit their papers electronically by using online manuscript submission at http://ijns.nchu.edu.tw/, or submit their Word, ps or pdf file to the editor-in-chief (via Email: mshwang@isrc.nchu.edu.tw): Min-Shiang Hwang, at the Department of Management Information Systems, National Chung Hsing University, Taiwan, R.O.C.  More information can be found at http://ijns.femto.com.tw/.
 
International Journal of Security and Networks,   Editors-in-Chief: Yang Xiao
International Journal of Security and Networks is an archival research journal for significant advances in network security. Subject areas include attack models, security mechanisms, security services, authentication, authorization, access control, multicast security, data confidentiality, data integrity, non-repudiation, forensics, privacy protection, secure protocols, formal analyses, intrusion detection, key management, trust establishment, revocation of malicious parties, security policies, fraudulent usage, dependability and reliability, prevention of traffic analysis, network security performance evaluation, tradeoff analysis between performance and security, security standards, etc. All papers must be submitted online at http://www.inderscience.com/ijsn/. More information is given on the journal web page at http://www.inderscience.com/ijsn/.
 
International Journal of Critical Infrastructure Protection,   Editors-in-Chief: Sujeet Shenoi
International Journal of Critical Infrastructure Protection's primary aim is to publish high quality scientific and policy papers in all areas of critical infrastructure protection. Of particular interest are articles that weave science, technology and policy to craft sophisticated yet practical solutions that will secure information, computer and network assets in the various critical infrastructure sectors. All papers must be submitted online at http://www.elsevier.com/locate/ijcip. More information is given on the journal web page at http://www.elsevier.com/locate/ijcip.
 
IEEE Transactions on Information Forensics and Security,   Editors-in-Chief: C.-C. Jay Kuo
IEEE Transactions on Information Forensics and Security aims to provide a unified locus for archival research on the fundamental contributions and the mathematics behind information forensics, information security, surveillance, and systems applications that incorporate these features. Authors are strongly encouraged to submit their papers electronically to the online manuscript system, Manuscript Central, via sps-ieee.manuscriptcentral.com.  More information can be found at http://www.ieee.org/organizations/society/sp/tifs.html.
 
EURASIP Journal on Information Security,   Editors-in-Chief: Stefan Katzenbeisser
EURASIP Journal on Information Security aims to bring together researchers and practitioners dealing with the general field of information security, with a particular emphasis on the use of signal processing tools in adversarial environments. As such, it addresses all works whereby security is achieved through a combination of techniques from cryptography, computer security, machine learning and multimedia signal processing. Application domains lie, for example, in secure storage, retrieval and tracking of multimedia data, secure outsourcing of computations, forgery detection of multimedia data, or secure use of biometrics. The journal also welcomes survey papers that give the reader a gentle introduction to one of the topics covered as well as papers that report large-scale experimental evaluations of existing techniques. Pure cryptographic papers are outside the scope of the journal. The journal also welcomes proposals for Special Issues. All papers must be submitted online at http://jis.eurasipjournals.com/manuscript.  More information can be found at http://jis.eurasipjournals.com.