Cipher
Calls for Papers



IEEE Computer Society's Technical Committee on Security and Privacy


 

Last Modified:3/19/18

Note: Please send new calls to cipher-cfp@ieee-security.org and take a moment to read the submission guidelines. And please see the Cipher Calendar for events sorted in date order. For all other questions, please contact cipher-cfp@ieee-security.org by email.

Contents

 

Special Issues of Journals and Handbooks


Springer International Journal of Information Security, Special Issue on IoT Security and Privacy, (Submission Due 1 October 2018) [posted here 03/5/18]
Guest Editors: akeshi Takahashi (National Institute of Information and Communications Technology, Japan), Rodrigo Roman Castro (Universidad de Malaga, Spain), Ryan Ko (University of Waikato, New Zealand), Bilhanan Silverajan (Tampere University of Technology, Finland), and Said Tabet (Dell EMC, USA).

The Internet is gradually transforming from a communication platform for conventional IT appliances into the Internet of Things (IoT), increasingly interconnecting many assorted devices and sensors. These devices are generally referred as IoT devices, and many of them are inexpensive and can be constrained in terms of energy, bandwidth and memory. The establishment of IoT ecosystems in various domains is bringing multiple benefits to human users and companies alike. Example of such domains include Smart Homes, Smart Cities, the Industrial Internet and even Intelligent Transportation Systems. However, the IoT as a whole - including related paradigms such as Machine-to-Machine (M2M) and Cyber-Physical Systems (CPS) - is susceptible to a multitude of threats. In fact, many IoT devices currently are insecure and have many security vulnerabilities. For example, many vulnerable IoT devices which have been infected with malware have subsequently become comprised into large botnets, resulting in devastating DDOS attacks. Consequently, ensuring the security of such IoT ecosystems - before, during, and after an attack takes place - is a crucial issue for our society at this moment. This special issue aims to collect contributions by leading-edge researchers from academia and industry, show the latest research results in the field of IoT security and privacy, and provide valuable information to researchers as well as practitioners, standards developers and policymakers. Its aim is to focus on the research challenges and issues in IoT security. Manuscripts regarding novel algorithms, architectures, implementations, and experiences are welcome. Topics include but are not limited to:
- Secure protocols for IoT devices
- Privacy solutions and privacy helpers for IoT environments
- Trust frameworks and secure/private collaboration mechanisms for IoT environments
- Secure management and self-healing for IoT environments
- Operative systems security for IoT devices
- Security diagnosis tools for IoT devices
- Threat and vulnerability detection in IoT environments
- Anomaly detection and prevention mechanisms in IoT networks
- Case studies of malware analysis in IoT environments
- IoT forensics and digital evidence
- Testbeds and experimental facilities for IoT security analysis and research
- Standardization activities for IoT security
- Security and privacy solutions tailored to specific IoT domains and ecosystems

For more information, please see https://link.springer.com/journal/10207.

Conference and Workshop Call-for-papers

March 2018

IWSEC 2018 13th International Workshop on Security, Sendai, Japan, September 3-5, 2018. (Submission Due 23 March 2018) [posted here 2/19/18]
Original papers on the research and development of various security topics, as well as case studies and implementation experiences, are solicited for submission to IWSEC 2018. Topics of interest for IWSEC 2018 include all theory and practice of cryptography, information security, and network security, as in previous IWSEC workshops.

For more information, please see http://www.iwsec.org/2018/.

DASC 2018 16th IEEE International Conference on Dependable, Autonomic and Secure Computing, Athens, Greece, August 12-15, 2018. (Submission Due 30 March 2018) [posted here 12/25/17]
IEEE DASC 2018 aims to bring together computer scientists, industrial engineers, and researchers to discuss and exchange experimental and theoretical results, novel designs, work-in-progress, experience, case studies, and trend-setting ideas in the areas of dependability, security, trust and/or autonomic computing systems. Topics of particular interests include the following tracks, but are not limited to:
- Dependable, Autonomic, Secure Computing Systems, Architectures and Communications
- Cloud Computing and Fog/edge Computing with Autonomic and Trusted Environment
- Dependable Automatic Control Techniques and Systems
- Dependable Sensors, Devices, Embedded Systems
- Dependable Electronic-Mechanical Systems, Optic-Electronic Systems
- Self-improvement in Dependable Systems
- Self-healing, Self-protection and Fault-tolerant Systems
- Hardware and Software Reliability, Verification and Testing
- Software Engineering for Dependable Systems
- Safety-critical Systems in Transportation and Power System
- Security Models and Quantifications
- Trusted P2P, Web Service, SoA, SaaS, EaaS, and PaaS
- Self-protection and Intrusion-detection in Security
- DRM, Watermarking Technology, IP Protection
- Context-aware Access Control
- Virus Detections and Anti-Virus Techniques/Software
- Cyber Attack, Crime and Cyber War
- Human Interaction with Trusted and Autonomic Computing Systems
- Security, Dependability and Autonomic Issues in Ubiquitous Computing
- Security, Dependability and Autonomic Issues in Cyber-Physical System
- Security, Dependability and Autonomic Issues in Big Data, SDN, and IoT Systems
- QoS in Communications and Services and Service Oriented Architectures
- Information and System Security
- Reliable Computing and Trusted Computing
- Wireless Emergency and Security Systems
- Information Technology in Biomedicine
- Multimedia Security Issues over Mobile and Wireless Networks
- Multimedia in Mobile Computing: Issues, System Design and Performance Evaluation
- Software Architectures and Design for Emerging Systems
- Software Engineering for Emerging Networks, Systems, and Mobile Systems
- Evaluation Platforms for Dependable, Autonomic and Secure Computing Systems
- Trustworthy Data, Secured Data Collection System, Model, and Architectures

For more information, please see http://cyber-science.org/2018/dasc/.

DBSec 2018 32nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy, Bergamo, Italy, July 16-18, 2018. (Submission Due 30 March 2018) [posted here 1/22/18]
DBSec is an annual international conference covering research in data and applications security and privacy. The 32nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2018) will be held in Bergamo, Italy. The conference seeks submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of data protection, privacy, and applications security. Topics of interest include, but are not limited to:
- access control
- anonymity
- applied cryptography in data security
- authentication
- big data security
- data and system integrity
- data protection
- database security
- digital rights management
- identity management
- intrusion detection
- knowledge discovery and privacy
- methodologies for data and application security
- network security
- organizational security
- privacy
- secure cloud computing
- secure distributed systems
- secure information integration
- secure Web services
- security and privacy in crowdsourcing
- security and privacy in IT outsourcing
- security and privacy in the Internet of Things
- security and privacy in location-based services
- security and privacy in P2P scenarios and social networks
- security and privacy in pervasive/ubiquitous computing
- security and privacy policies
- security management
- security metrics
- threats, vulnerabilities, and risk management
- trust and reputation systems
- trust management
- wireless and mobile security

For more information, please see http://dbsec18.unibg.it.

April 2018

SP 2019 40th IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 20-22, 2019. (Submission Due first day of each month) [posted here 06/12/17]
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
- Access control and authorization
- Accountability
- Anonymity
- Application security
- Attacks and defenses
- Authentication
- Censorship resistance
- Cloud security
- Distributed systems security
- Economics of security and privacy
- Embedded systems security
- Forensics
- Hardware security
- Intrusion detection and prevention
- Malware and unwanted software
- Mobile and Web security and privacy
- Language-based security
- Network and systems security
- Privacy technologies and mechanisms
- Protocol security
- Secure information flow
- Security and privacy for the Internet of Things
- Security and privacy metrics
- Security and privacy policies
- Security architectures
- Usable security and privacy
This topic list is not meant to be exhaustive; S&P is interested in all aspects of computer security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.

Systematization of Knowledge Papers
As in past years, we solicit systematization of knowledge (SoK) papers that evaluate, systematize, and contextualize existing knowledge, as such papers can provide a high value to our community. Suitable papers are those that provide an important new viewpoint on an established, major research area, support or challenge long-held beliefs in such an area with compelling evidence, or present a convincing, comprehensive new taxonomy of such an area. Survey papers without such insights are not appropriate. Submissions will be distinguished by the prefix “SoK:” in the title and a checkbox on the submission form. They will be reviewed by the full PC and held to the same standards as traditional research papers, but they will be accepted based on their treatment of existing work and value to the community, and not based on any new research results they may contain. Accepted papers will be presented at the symposium and included in the proceedings.

Workshops
The Symposium is also soliciting submissions for co-located workshops. Further details on submissions can be found at https://www.ieee-security.org/TC/SP2018/workshops.html.

Ongoing Submissions
To enhance the quality and timeliness of the scientific results presented as part of the Symposium, and to improve the quality of our reviewing process, IEEE S&P now accepts paper submissions 12 times a year, on the first of each month. The detailed process can be found at the conference call-for-papers page.
.
For more information, please see https://www.ieee-security.org/TC/SP2019/cfpapers.html.

DSML 2018 International Workshop on Dependable and Secure Machine Learning, Co-located with the 48th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2018), Luxembourg City, Luxembourg, June 25, 2018. (Submission Due 1 April 2018) [posted here 3/12/18]
The DSN Workshop on Dependable and Secure Machine Learning (DSML) is an open forum for researchers, practitioners, and regulatory experts, to present and discuss innovative ideas and practical techniques and tools for producing dependable and secure machine learning (ML) systems. A major goal of the workshop is to draw the attention of the research community to the problem of establishing guarantees of reliability, security, safety, and robustness for systems that incorporate increasingly complex ML models, and to the challenge of determining whether such systems can comply with requirements for safety-critical systems. A further goal is to build a research community at the intersection of machine learning and dependable and secure computing.

For more information, please see https://dependablesecureml.github.io.

NSPW 2018 New Security Paradigms Workshop, Cumberland Lodge, Windsor, UK, August 28-31, 2018. (Submission Due 13 April 2018) [posted here 3/12/18]
The New Security Paradigms Workshop (NSPW) seeks embryonic, disruptive, and unconventional ideas on information and cyber security that benefit from early feedback. Submissions typically address current limitations of information security, directly challenge long-held beliefs or the very foundations of security, or discuss problems from an entirely novel angle, leading to new solutions. We welcome papers both from computer science and other disciplines that study adversarial relationships, as well as from practice. The workshop is invitation-only; all accepted papers receive a 1 hour plenary time slot for presentation and discussion. In order to maximize diversity of perspectives, we particularly encourage submissions from new NSPW authors, from Ph.D. students, and from non-obvious disciplines and institutions. In 2018, NSPW invites theme submissions around "Security in 2038" next to regular submissions. We know from past experience that every security advance brings with it new security failures. Automated software updates open the door to malicious software updates; DNSSEC is subject to cryptography-based denial-of-service attacks; antivirus software can be compromised by data files that are otherwise harmless. We encourage authors to imagine the security problems of the next 20 years, how they are currently being created through fallible solutions and paradigms, and what alternative paradigms would be available to mitigate those anomalies (as meant by Kuhn). Theme submissions can take any form, but we suggest writing them as if they were a submission for NSPW 2038 (including citations to future work). We particularly invite submissions (co-)authored by historians and futurologists.

For more information, please see http://nspw.org/2018/cfp.

FARES 2018 13th International Workshop on Frontiers in Availability, Reliability and Security, Hamburg, Germany, August 27-30, 2018. (Submission Due 15 April 2018) [posted here 2/5/18]
FARES establishes an in-depth academic platform to exchange novel theories, designs, applications and on-going research results among researchers and practitioners in different Computing Dependability aspects which emphasize the Practical Issues in Availability, Reliability and Security. Topics of interest comprise but are not limited to:
- Reliability Models and Failure Prevention
- Standards, Guidelines and Certification
- Dependability Requirement Engineering
- Intrusion Detection and Fraud Detection
- Database and Datawarehouse Security
- Dependability Modelling and Prediction
- Secure Enterprise Information System
- Trust Models and Trust Management
- Network/Software/Database Security
- Risk Planning, Analysis & Awareness
- Survivability of Computing Systems
- Authorization and Authentication
- Applied Tools and Applications
- Security and privacy issues
- Security Models / Methods
- Availability and Reliability
- Usability and Security
- Digital Forensics
- Grid Security

For more information, please see https://www.ares-conference.eu/workshops/fares-2018/.

GRAMSEC 2018 5th International Workshop on Graphical Models for Security, Co-located with CSF 2018, Oxford, UK, July 8, 2018. (Submission Due 15 April 2018) [posted here 3/5/18]
The use of graphical security models to represent and analyse the security of systems has gained an increasing research attention over the last two decades. Formal methods and computer security researchers, as well as security professionals from the industry and government, have proposed various graphical security models, metrics, and measurements. Graphical models are used to capture different security facets and address a range of challenges including security assessment, automated defence, secure services composition, security policy validation, and verification. For example, attack graphs, attack trees, attack-defence trees, and attack countermeasure trees represent possible ways of attacking and defending a system while misuse cases and mal-activity diagrams capture threats and abusive behaviour of users.

For more information, please see http://gramsec.uni.lu.

NISK 2018 11th Norwegian Information Security Conference, Longyearbyen, Svalbard, Norway, September 18-20, 2018. (Submission Due 17 April 2018) [posted here 2/26/18]
The 11th Norwegian Information Security Conference (NISK2018) will take place in Svalbard, Sep. 18-20, 2018. The annual NISK conference series aims to be the principal Norwegian venue for presenting new research and developments in the field of ICT security and privacy, and bringing together people from universities, industry, and public authorities. We invite national and international contributions in any aspect of ICT security and privacy. Submissions can be in the form of full papers, short papers and poster/demo presentation. All papers must be original and not simultaneously submitted to another journal or conference.

For more information, please see https://easychair.org/cfp/NISK2018.

PLLS 2018 2nd Workshop on the Protection of Long-Lived Systems, Parnu, Estonia, September 17-19, 2018. (Submission Due 25 April 2018) [posted here 2/19/18]
Original contributions on technical, legal, social and economical aspects of protecting systems that are intended to work or have been working during a long period of time are solicited for submission to PLLS 2018. Submissions are welcome on any topics related to long-term security.

For more information, please see http://plls2018.ttu.ee.

ICDF2C 2018 10th EAI International Conference on Digital Forensics & Cyber Crime, New Orleans, LA, USA, September 10-12, 2018. (Submission Due 30 April 2018) [posted here 1/29/18]
Cyberspace is becoming increasingly central to the basic function of modern society. Cybercrime and cyberwarfare have emerged as major threats to the integrity of digital information and to the functioning of cyber-controlled physical systems. Such threats have direct consequences for almost all individuals, businesses and organizations, government institutions, and civic processes. Digital forensics and cybercrime investigations are multidisciplinary areas that encompass law and law enforcement, computer science and engineering, IT operations, economics and finance, data analytics and criminal justice. ICDF2C brings together researchers and practitioners from all these areas in order to scientifically address the numerous challenges due to the rapid increase in the amount and variety of data under investigation, as well as the growing complexity of both the threats and the targeted systems.

For more information, please see http://d-forensics.org/.

WCTI 2018 International Workshop on Cyber Threat Intelligence, Held in conjunction with the 13th International Conference on Availability, Reliability and Security (ARES 2018), Hamburg, Germany, August 27-30, 2018. (Submission Due 30 April 2018) [posted here 2/19/18]
In order to effectively defend a system against malicious activities, information about the nature of the adversaries, their available skills and resources is essential. Without this information, we run the risk that the portfolio of countermeasures does not turn out to be adequate to thwart off cyber threats, or that the defender deploys unnecessary resources. Cyber Threat Intelligence is an emerging new discipline, which aims to develop methods and techniques to assemble information about compromises, extract information about the infrastructure and tools used, investigate adversarial techniques and practices and their evolution, structure and share this information and thus help detect and prevent future incidents. WCTI aims to bring together experts from academia, industry, government and law enforcement who are interested to advance the state of the art in cyber threat intelligence. The aim of the workshop is to present mature and early stage ideas, promote discussion and exchange, and build a community of researchers and practitioners in cyber threat intelligence.

For more information, please see https://www.ares-conference.eu/workshops/wcti-2018/.

May 2018

SP 2019 40th IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 20-22, 2019. (Submission Due first day of each month) [posted here 06/12/17]
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
- Access control and authorization
- Accountability
- Anonymity
- Application security
- Attacks and defenses
- Authentication
- Censorship resistance
- Cloud security
- Distributed systems security
- Economics of security and privacy
- Embedded systems security
- Forensics
- Hardware security
- Intrusion detection and prevention
- Malware and unwanted software
- Mobile and Web security and privacy
- Language-based security
- Network and systems security
- Privacy technologies and mechanisms
- Protocol security
- Secure information flow
- Security and privacy for the Internet of Things
- Security and privacy metrics
- Security and privacy policies
- Security architectures
- Usable security and privacy
This topic list is not meant to be exhaustive; S&P is interested in all aspects of computer security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.

Systematization of Knowledge Papers
As in past years, we solicit systematization of knowledge (SoK) papers that evaluate, systematize, and contextualize existing knowledge, as such papers can provide a high value to our community. Suitable papers are those that provide an important new viewpoint on an established, major research area, support or challenge long-held beliefs in such an area with compelling evidence, or present a convincing, comprehensive new taxonomy of such an area. Survey papers without such insights are not appropriate. Submissions will be distinguished by the prefix “SoK:” in the title and a checkbox on the submission form. They will be reviewed by the full PC and held to the same standards as traditional research papers, but they will be accepted based on their treatment of existing work and value to the community, and not based on any new research results they may contain. Accepted papers will be presented at the symposium and included in the proceedings.

Workshops
The Symposium is also soliciting submissions for co-located workshops. Further details on submissions can be found at https://www.ieee-security.org/TC/SP2018/workshops.html.

Ongoing Submissions
To enhance the quality and timeliness of the scientific results presented as part of the Symposium, and to improve the quality of our reviewing process, IEEE S&P now accepts paper submissions 12 times a year, on the first of each month. The detailed process can be found at the conference call-for-papers page.
.
For more information, please see https://www.ieee-security.org/TC/SP2019/cfpapers.html.

SciSec 2018 1st International Conference on Science of Cyber Security, Beijing, China, August 12-14, 2018. (Submission Due 1 May 2018) [posted here 12/4/17]
This new forum aims to catalyze the research collaborations between the relevant communities and disciplines that can work together to deepen our understanding of, and build a firm foundation for, the emerging Science of Cyber Security. Publications in this venue would distinguish themselves from others by taking or thinking from a holistic perspective about cyber security, rather than the building-block perspective. Each submission will be reviewed (double blind) by at least 3 reviewers. The program committee plans to select and award a Best Paper and a Best Student Paper. The post-conference proceedings will be published in Springer's Lecture Notes in Computer Science (LNCS) series. Areas of interest include:
- Cybersecurity Dynamics
- Cybersecurity Metrics and Their Measurements
- First-principle Cybersecurity Modeling and Analysis (e.g., Dynamical Systems, Control-Theoretic, and Game-Theoretic Modeling)
- Cybersecurity Data Analytics
- Big Data for Cybersecurity
- Artificial Intelligence for Cybersecurity
- Machine Learning for Cybersecurity
- Economics Approaches for Cybersecurity
- Social Sciences Approaches for Cybersecurity
- Statistical Physics Approaches for Cybersecurity
- Complexity Sciences Approaches for Cybersecurity
- Experimental Cybersecurity
- Macroscopic Cybersecurity
- Statistics Approaches for Cybersecurity
- Human Factors for Cybersecurity
- Compositional Security
- Biology-inspired Approaches for Cybersecurity

For more information, please see http://www.sci-cs.net/.

CANS 2018 17th International Conference on Cryptology and Network Security, Naples, Italy, September 30 - October 3, 2018. (Submission Due 1 May 2018) [posted here 2/5/18]
The annual International Conference on Cryptology and Network Security (CANS) focuses on current advances in all aspects of cryptology, data protection, and network and computer security. CANS 2018 is held in cooperation with the International Association of Cryptologic Research (IACR). High quality papers on unpublished research and implementation experiences are solicited for submission.

For more information, please see http://cans2018.na.icar.cnr.it/.

ACM-CCS 2018 25th ACM Conference on Computer and Communications Security, Toronto, Canada, October 15-19, 2018. (Submission Due 8 May 2018) [posted here 2/5/18]
The 25th ACM Conference on Computer and Communications Security (ACM CCS) seeks submissions presenting scientific innovations in all practical and theoretical aspects of computer and communications security and privacy. Papers should demonstrate their real-world impacts. Theoretic papers are expected to make a convincing case for the relevance of their techniques and findings to secure systems.

For more information, please see https://www.sigsac.org/ccs/CCS2018/papers.html.

STRIVE 2018 1st Workshop on Safety, securiTy, and pRivacy In automotiVe systEms, Co-located with SAFECOMP 2018, Vasteras, Sweden, September 18, 2018. (Submission Due 22 May 2018) [posted here 3/19/18]
The introduction of ICT systems into vehicles make them more prone to cyber-security attacks. Such attacks may impact on vehicles capability and, consequently, on the safety of drivers, passengers. The strong integration among dedicated ICT devices, the physical environment, and the networking infrastructure, leads to consider modern vehicles as Cyber-Physical Systems (CPS). This workshop aims at providing a forum for researchers and engineers in academia and industry to foster an exchange of research results, experiences, and products in the automotive domain from both a theoretical and practical perspective. Its ultimate goal is to envision new trends and ideas about aspects of designing, implementing, and evaluating innovative solutions for CPS with a particular focus on the new generation of vehicles. Indeed, the automotive domain presents several challenges in the fields of vehicular network, Internet of Things, Privacy, as well as Safety and Security methods and approaches. The workshop aims at presenting the advancement on the state of art in these fields and spreading their adoption in several scenarios involving main stockholders of the automotive domain.

For more information, please see http://www.iit.cnr.it/strive2018.

June 2018

SP 2019 40th IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 20-22, 2019. (Submission Due first day of each month) [posted here 06/12/17]
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
- Access control and authorization
- Accountability
- Anonymity
- Application security
- Attacks and defenses
- Authentication
- Censorship resistance
- Cloud security
- Distributed systems security
- Economics of security and privacy
- Embedded systems security
- Forensics
- Hardware security
- Intrusion detection and prevention
- Malware and unwanted software
- Mobile and Web security and privacy
- Language-based security
- Network and systems security
- Privacy technologies and mechanisms
- Protocol security
- Secure information flow
- Security and privacy for the Internet of Things
- Security and privacy metrics
- Security and privacy policies
- Security architectures
- Usable security and privacy
This topic list is not meant to be exhaustive; S&P is interested in all aspects of computer security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.

Systematization of Knowledge Papers
As in past years, we solicit systematization of knowledge (SoK) papers that evaluate, systematize, and contextualize existing knowledge, as such papers can provide a high value to our community. Suitable papers are those that provide an important new viewpoint on an established, major research area, support or challenge long-held beliefs in such an area with compelling evidence, or present a convincing, comprehensive new taxonomy of such an area. Survey papers without such insights are not appropriate. Submissions will be distinguished by the prefix “SoK:” in the title and a checkbox on the submission form. They will be reviewed by the full PC and held to the same standards as traditional research papers, but they will be accepted based on their treatment of existing work and value to the community, and not based on any new research results they may contain. Accepted papers will be presented at the symposium and included in the proceedings.

Workshops
The Symposium is also soliciting submissions for co-located workshops. Further details on submissions can be found at https://www.ieee-security.org/TC/SP2018/workshops.html.

Ongoing Submissions
To enhance the quality and timeliness of the scientific results presented as part of the Symposium, and to improve the quality of our reviewing process, IEEE S&P now accepts paper submissions 12 times a year, on the first of each month. The detailed process can be found at the conference call-for-papers page.
.
For more information, please see https://www.ieee-security.org/TC/SP2019/cfpapers.html.

July 2018

SP 2019 40th IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 20-22, 2019. (Submission Due first day of each month) [posted here 06/12/17]
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
- Access control and authorization
- Accountability
- Anonymity
- Application security
- Attacks and defenses
- Authentication
- Censorship resistance
- Cloud security
- Distributed systems security
- Economics of security and privacy
- Embedded systems security
- Forensics
- Hardware security
- Intrusion detection and prevention
- Malware and unwanted software
- Mobile and Web security and privacy
- Language-based security
- Network and systems security
- Privacy technologies and mechanisms
- Protocol security
- Secure information flow
- Security and privacy for the Internet of Things
- Security and privacy metrics
- Security and privacy policies
- Security architectures
- Usable security and privacy
This topic list is not meant to be exhaustive; S&P is interested in all aspects of computer security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.

Systematization of Knowledge Papers
As in past years, we solicit systematization of knowledge (SoK) papers that evaluate, systematize, and contextualize existing knowledge, as such papers can provide a high value to our community. Suitable papers are those that provide an important new viewpoint on an established, major research area, support or challenge long-held beliefs in such an area with compelling evidence, or present a convincing, comprehensive new taxonomy of such an area. Survey papers without such insights are not appropriate. Submissions will be distinguished by the prefix “SoK:” in the title and a checkbox on the submission form. They will be reviewed by the full PC and held to the same standards as traditional research papers, but they will be accepted based on their treatment of existing work and value to the community, and not based on any new research results they may contain. Accepted papers will be presented at the symposium and included in the proceedings.

Workshops
The Symposium is also soliciting submissions for co-located workshops. Further details on submissions can be found at https://www.ieee-security.org/TC/SP2018/workshops.html.

Ongoing Submissions
To enhance the quality and timeliness of the scientific results presented as part of the Symposium, and to improve the quality of our reviewing process, IEEE S&P now accepts paper submissions 12 times a year, on the first of each month. The detailed process can be found at the conference call-for-papers page.
.
For more information, please see https://www.ieee-security.org/TC/SP2019/cfpapers.html.

ISDDC 2018 International Conference on Intelligent, Secure and Dependable Systems in Distributed and Cloud Environments, Vancouver, BC, Canada, November 28-30, 2018. (Submission Due 20 July 2018) [posted here 3/19/18]
This conference solicits papers addressing issues related to the design, analysis, and implementation, of dependable and secure infrastructures, systems, architectures, algorithms, and protocols that deal with network computing, mobile/ubiquitous systems, cloud systems, and IoT systems.

For more information, please see http://www.isddc.org/2018/.

Archival Journals Regularly Specializing in Security and Privacy

Journal of Privacy Technology (JOPT),   Editor-in-Chief:  Latanya Sweeney
This online-only Journal, started in 2004 and  operated by Carnegie Mellon University, is a forum for the publication of original current research in privacy technology. It encourages the submission of any material dealing primarily with the technological aspects of privacy or with the privacy aspects of technology, which may include analysis of the interaction between policy and technology or the technological implications of legal decisions.  More information can be found at http://www.jopt.org/.

IEEE Security and Privacy Magazine,   Editor-in-Chief: Shari Lawrence Pfleeger
IEEE Security & Privacy provides a unique combination of research articles, case studies, tutorials, and regular departments covering diverse aspects of information assurance such as legal and ethical issues, privacy concerns, tools to help secure information, analysis of vulnerabilities and attacks, trends and new developments, pedagogical and curricular issues in educating the next generation of security professionals, secure operating systems and applications, security issues in wireless networks, design and test strategies for secure and survivable systems, and cryptology.  More information can be found at http://www.computer.org/portal/web/computingnow/securityandprivacy.

ACM Transactions on Information and System Security,   Editor-in-Chief: Gene Tsudik
ACM invites submissions for its Transactions on Information and System Security, inaugurated in November 1998. TISSEC publishes original archival-quality research papers and technical notes in all areas of information and system security including technologies, systems, applications, and policies. Papers should have practical relevance to the construction, evaluation, application, or operation of secure systems. Theoretical papers will be accepted only if there is convincing argument for the practical significance of the results. Theory must be justified by convincing examples illustrating its application. More information is given on the journal web page at http://www.acm.org/tissec.

IEEE Transactions on Dependable and Secure Computing,   Editor-in-Chief: Ravi Sandhu
The IEEE Transactions on Dependable and Secure Computing publishes archival research results related to research into foundations, methodologies, and mechanisms that support the achievement—through design, modeling, and evaluation—of systems and networks that are dependable and secure to the desired degree without compromising performance. The focus will also include measurement, modeling, and simulation techniques, and foundations for jointly evaluating, verifying, and designing for performance, security, and dependability constraints. More information is given on the journal web page at http://www.computer.org/portal/web/tdsc.

The Springer Series on ADVANCES IN INFORMATION SECURITY
The purpose of the Advances in Information Security book series is to establish the state of the art and set the course for future research in information security. The scope of this series includes not only all aspects of computer, network security, and cryptography, but related areas, such as fault tolerance and software assurance. The series serves as a central source of reference for information security research and developments. The series aims to publish thorough and cohesive overviews on specific topics in Information Security, as well as works that are larger in scope than survey articles and that will contain more detailed background information. The series also provides a single point of coverage of advanced and timely topics and a forum for topics that may not have reached a level of maturity to warrant a comprehensive textbook. Prospective Authors or Editors: If you have an idea for a book that would fit in this series, we would welcome the opportunity to review your proposal. Should you wish to discuss any potential project further or receive specific information regarding book proposal requirements, please contact Professor Sushil Jajodia (jajodia@gmu.edu,703-993-1653).
 
Journal of Computer Security,   Editor-in-Chief: John Mitchell and Pierangela Samarati
JCS is an archival research journal for significant advances in computer security. Subject areas include architecture, operating systems, database systems, networks, authentication, distributed systems, formal models, verification, algorithms, mechanisms, and policies. All papers must be submitted online at http://www.iospress.nl/journal/journal-of-computer-security/. More information is given on the journal web page at http://jcs.stanford.edu/.
 
Computers & Security,   Editor-in-Chief: Eugene H. Spafford
Computers & Security aims to satisfy the needs of managers and experts involved in computer security by providing a blend of research developments, innovations, and practical management advice. Original submissions on all computer security topics are invited, particularly those of practical benefit to the practitioner. All papers must be submitted online at http://ees.elsevier.com/cose/. More information can be found at http://www.elsevier.com/locate/issn/01674048.
 
International Journal of Information Security,   Editors-in-Chief: D. Gollmann; J. Lopez; E. Okamoto
The International Journal of Information Security, IJIS, aims to provide prompt publication of important technical work in information security, attracting any person interested in communications, commerce, banking, medicine, or other areas of endeavor affected by information security. Any research submission on theory, applications, and implementations of information security is welcomed. This includes, but is not limited to, system security, network security, content protection, applications and foundations of information security. More information is given on the journal web page at http://www.springer.com/computer/security+and+cryptology/journal/10207.
 
International Journal of Network Security,   Editors-in-Chief: Min-Shiang Hwang
International Journal of Network Security is an international official journal of Science Publications, publishing original articles, reviews and short communications of a high scientific and technology in network security. Subjects covered include: access control, computer security, cryptography, communications security, data security, database security, electronic commerce security, information security, multimedia security, and network security. Authors are strongly encouraged to submit their papers electronically by using online manuscript submission at http://ijns.nchu.edu.tw/, or submit their Word, ps or pdf file to the editor-in-chief (via Email: mshwang@isrc.nchu.edu.tw): Min-Shiang Hwang, at the Department of Management Information Systems, National Chung Hsing University, Taiwan, R.O.C.  More information can be found at http://ijns.femto.com.tw/.
 
International Journal of Security and Networks,   Editors-in-Chief: Yang Xiao
International Journal of Security and Networks is an archival research journal for significant advances in network security. Subject areas include attack models, security mechanisms, security services, authentication, authorization, access control, multicast security, data confidentiality, data integrity, non-repudiation, forensics, privacy protection, secure protocols, formal analyses, intrusion detection, key management, trust establishment, revocation of malicious parties, security policies, fraudulent usage, dependability and reliability, prevention of traffic analysis, network security performance evaluation, tradeoff analysis between performance and security, security standards, etc. All papers must be submitted online at http://www.inderscience.com/ijsn/. More information is given on the journal web page at http://www.inderscience.com/ijsn/.
 
International Journal of Critical Infrastructure Protection,   Editors-in-Chief: Sujeet Shenoi
International Journal of Critical Infrastructure Protection's primary aim is to publish high quality scientific and policy papers in all areas of critical infrastructure protection. Of particular interest are articles that weave science, technology and policy to craft sophisticated yet practical solutions that will secure information, computer and network assets in the various critical infrastructure sectors. All papers must be submitted online at http://www.elsevier.com/locate/ijcip. More information is given on the journal web page at http://www.elsevier.com/locate/ijcip.
 
IEEE Transactions on Information Forensics and Security,   Editors-in-Chief: C.-C. Jay Kuo
IEEE Transactions on Information Forensics and Security aims to provide a unified locus for archival research on the fundamental contributions and the mathematics behind information forensics, information security, surveillance, and systems applications that incorporate these features. Authors are strongly encouraged to submit their papers electronically to the online manuscript system, Manuscript Central, via sps-ieee.manuscriptcentral.com.  More information can be found at http://www.ieee.org/organizations/society/sp/tifs.html.
 
EURASIP Journal on Information Security,   Editors-in-Chief: Stefan Katzenbeisser
EURASIP Journal on Information Security aims to bring together researchers and practitioners dealing with the general field of information security, with a particular emphasis on the use of signal processing tools in adversarial environments. As such, it addresses all works whereby security is achieved through a combination of techniques from cryptography, computer security, machine learning and multimedia signal processing. Application domains lie, for example, in secure storage, retrieval and tracking of multimedia data, secure outsourcing of computations, forgery detection of multimedia data, or secure use of biometrics. The journal also welcomes survey papers that give the reader a gentle introduction to one of the topics covered as well as papers that report large-scale experimental evaluations of existing techniques. Pure cryptographic papers are outside the scope of the journal. The journal also welcomes proposals for Special Issues. All papers must be submitted online at http://jis.eurasipjournals.com/manuscript.  More information can be found at http://jis.eurasipjournals.com.