Cipher
Calls for Papers



IEEE Computer Society's Technical Committee on Security and Privacy


 

Past Conferences and Journal Special Issues

Last Modified:9/27/21

Note: Please contact cipher-cfp@ieee-security.org by email if you have any questions..

Contents

 

Past Conferences and Other Announcements - 2021

SEED 2021 IEEE International Symposium on Secure and Private Execution Environment Design, Virtual, September 20-21, 2021. [posted here 5/3/21]
The IEEE International Symposium on Secure and Private Execution Environment Design (SEED) is a forum which brings together researchers from the computer architecture and computer security communities into one venue that focuses on the design of architectural and system primitives which provide secure and private execution environments for applications, containers, or virtual machines. SEED primarily focuses on research topics spanning across the boundaries of computer architecture, systems, and security. Papers are solicited on a range of topics, including (but not limited to):
- Architecture, operating systems, and programming models and language for supporting secure and private execution
- Novel Designs for secure and private execution environments for GPUs, accelerators, and FPGAs
- Architectural support for new security primitives
- Novel cryptographic hardware designs for secure and private execution
- Models and analysis of performance-security trade-offs in the design of a secure execution environment
- Evaluation of security vulnerabilities in post-Moore’s Law technologies, e.g. persistent memory, quantum computing
- Demonstration and mitigation of architectural side channels, covert channels and other security vulnerabilities
- Metrics for measuring architecture-related security vulnerabilities
- Compiler and code generation techniques for mitigating architecture-induced side and covert channels and other vulnerabilities

For more information, please see https://seed-symposium.org/.

EuroSP Workshops 2021 6th IEEE EuroS&P Symposium, Vienna, Austria, September 7-11, 2021. [posted here 12/7/20]
Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field. Following this story of success, in 2016 IEEE initiated the European Symposium on Security and Privacy (EuroS&P), which is organized every year in a European city. Pre-conference workshops will take place on Tuesday, September 7, 2021, and post-conference workshops on Saturday, September 11, 2021. A workshop associated with IEEE EuroS&P can be a half-, a full or two days (but then split in a pre- and a post-conference part) in length. Each workshop should provide a forum to address a specific topic at the forefront of security and privacy research. If proceedings are planned, the default option offered is publication through IEEE Xplore in a volume accompanying the main IEEE EuroS&P 2021 proceedings.

Workshop registration will be done together with the main conference, allowing workshop-only registrations as well. Support for accepted workshops includes rooms, coffee breaks, lunches, and at least one free registration for the workshop. Other expenses must be covered by the individual workshops.

For more information, please see https://www.ieee-security.org/TC/EuroSP2021/cfw.html.

SecureComm 2021 17th EAI International Conference on Security and Privacy in Communication Networks, Canterbury, Great Britain, September 6 - 9, 2021. [posted here 3/8/21]
SecureComm 2021 is calling for high-quality research contributions in ALL areas of secure communications and networking, including those addressing interdisciplinary challenges in different application domains. Topics in less related areas will be considered only if a clear connection to secure communication/networking is demonstrated in the title or the abstract. Topics of interest include, but are not limited to the following:
- Network security and privacy (for all types of networks such as wired, wireless, mobile, hybrid, sensor, vehicular, satellite, 5G, 6G, ad hoc, peer-to-peer, and software-defined networks)
- Attacks on telecommunications and networking (e.g., malware, botnets, DoS, MitM, relay attacks, side channel attacks, phishing/pharming, DNS poisoning/hijacking, address spoofing, cybersquatting)
- Security protocols at all network layers and for different applications (e.g., for secure routing, naming/addressing, network management, remote authentication and attestation)
- Physical layer security (e.g., jamming, GPS spoofing)
- Systems security with a strong secure communication and networking element (e.g., security in cloud, edge and fog computing, IoT, RFID, cyber-physical sysytems, teleconferencing)
- Network intrusion detection and prevention, firewalls, packet filters
- Web and mobile security & privacy
- Anonymous communications and other forms of privacy-enhancing or privacy-aware communications (e.g., Tor, darknet)
- Distributed ledger technologies (blockchain and cryptocurrencies)
- Internet censorship and countermeasures
- Resilience of computer networks and critical infrastructures
- Visualisation of secure communications and networking
- Cyber (both offensive and defensive) deception related to secure communications and networking (e.g., honeypots / honeytokens, cyber fraud)
- False information online including mis-, dis- and mal-information
- Moving target defence
- Information hiding (steganography, steganalysis, and digital watermarking)
- Privacy-preserving computing in secure communication and networking
- Cryptographic systems for secure communications and networking (e.g., key management, multi-party computing, broadcast encryption, sectre sharing schemes)
- Quantum key distribution and other quantum-based secure communications
- Network, internet and cloud forensics
- Cyber threat intelligence and cyber incident responses
- Cybercrime investigation and attribution
- Data leakage/loss prevention/protection (DLP)
- Secure communication and networking applications (e.g., industry 4.0, energy, smart cities, transportation, water, logistics, waste)
- Security and privacy of contact tracing and other COVID-19 related digital interventions with a core element on telecommunications or networking
- Socio-technical aspects of secure communications and networking (e.g., usability, human behaviours, legal issues, cybercrime, economics)

For more information, please see https://securecomm.eai-conferences.org/2021/.

IWCC 2021 10th International Workshop on Cyber Crime, Held in conjunction with the 16th International Conference on Availability, Reliability and Security (ARES 2021), Virtual, August 17-20, 2021. [posted here 4/19/21]
Today's world's societies are becoming more and more dependent on online services - where commercial activities, business transactions and government services are realized. This tendency has been especially visible during the COVID-19 epidemy. As a consequence, it has led to the fast development of new cyber threats and numerous information security issues which are exploited by cyber criminals. The inability to provide trusted secure services in contemporary computer network technologies has a tremendous socio-economic impact on global enterprises as well as individuals. Moreover, the frequently occurring international frauds impose the necessity to conduct the investigation of facts spanning across multiple domains and countries. Such examination is often subject to different jurisdictions and legal systems. A good illustration of the above being the Internet, which has made it easier to perpetrate traditional crimes. It has acted as an alternate avenue for the criminals to conduct their activities, and launch attacks with relative anonymity. The increased complexity of the communications and the networking infrastructure is making investigation of the crimes difficult. Traces of illegal digital activities are difficult to analyze due to large volumes of data. Nowadays, the digital crime scene functions like any other network, with dedicated administrators functioning as the first responders. This poses new challenges for law enforcement policies and forces the computer societies to utilize digital forensics to combat the increasing number of cybercrimes. Forensic professionals must be fully prepared in order to be able to provide court admissible evidence. To make these goals achievable, forensic techniques should keep pace with new technologies. The aim of this workshop is to bring together the research outcomes provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field of digital forensics. We strongly encourage prospective authors to submit articles presenting both theoretical approaches and practical case reviews, including work-in-progress reports.

For more information, please see https://www.ares-conference.eu/workshops/iwcc-2021/.

BASS 2021 4th International Workshop on Behavioral Authentication for System Security, Held in conjunction with the 16th International Conference on Availability, Reliability and Security (ARES 2021), Virtual, August 17-20, 2021. [posted here 4/5/2021]
Behavioral features are getting in the last years an increasing attention from both IT research and industrial world. Human behavioral aspects are extremely valuable pieces of information, exploited by companies to profile current or potential customers, in order to anticipate their preferences and present custom offers. Runtime behavioral analysis is being applied with increasing success for continuous and silent user authentication, and is considered an enabler for the seamless authentication paradigm in several environments and devices. Furthermore, behavioral analysis is posing itself as a valuable alternative to signature-based approaches to identify anomalies, intrusions, security attacks and system malfunctioning. These approaches are in fact known to be flexible, self-learning and able to consider multi-level and multi-domain features, related to software execution, system status, user interaction and current context. BASS aims at attracting innovative contributions from both industry and academia related to all aspects of human, system or software behavioral analysis for IT security. The workshop solicits submission on both theoretical aspects and practical applications of behavior analysis, behavior-based identification and authentication, profiling and privacy and security aspects related to recording and exploitation of behavioral features.

For more information, please see https://www.ares-conference.eu/workshops/bass-2021/.

CUING 2021 5th International Workshop on Criminal Use of Information Hiding, Held in conjunction with the 16th International Conference on Availability, Reliability and Security (ARES 2021), Vienna, Austria, August 17 – 20, 2021. [posted here 3/8/21]
With the constant rise of the number of Internet users, available bandwidth and an increasing number of services shifting into the connected world, criminals are increasingly active in the virtual world. With improving defensive methods cybercriminals have to utilize more and more sophisticated ways to perform their malicious activities. While protecting the privacy of users, many technologies used in current malware and network attacks have been abused in order to allow criminals to carry out their activities undetected. This poses a lot of new challenges for digital forensics analysts, academics, law enforcement agencies (LEAs), and security professionals. The aim of the Third International Workshop on Criminal Use of Information Hiding (CUIng) is to bring together researchers, practitioners, law enforcement representatives, and security professionals in the area of analysis of information hiding. However data hiding is understood here in a wider manner than in the academic world i.e. all techniques that pertain to camouflaging/masking/hiding various types of data (e.g. identities, behavior, communication, etc.) are included here. This means not only digital steganography/covert channels but also obfuscation/anti-forensics techniques and even underground networks (darknets) or activities related to behavior impersonation or mimicking. This will allow to present a more complete picture on novel research regarding the use of data and communication hiding methods in criminal environments and discuss ideas for fighting misuse of privacy enhancing technologies. Moreover, this year the CUING workshop is co-organized with the SIMARGL (Secure Intelligent Methods for Advanced RecoGnition of malware and stegomalware) H2020 project.

For more information, please see http://www.ares-conference.eu.

ENS 2021 4th International Workshop on Emerging Network Security, Held in conjunction with the 16th International Conference on Availability, Reliability and Security (ARES 2021), Vienna, Austria, August 17 – 20, 2021. [posted here 3/8/21]
With the great success and development of 5G & beyond systems and other emerging concepts (e.g. 6G) a continued effort toward rich ubiquitous communication infrastructure, promising wide range of high-quality services is desired. It is envisioned that communication in emerging networks will offer significantly greater data bandwidth and almost infinite capability of networking resulting in unfaltering user experiences for, among others: virtual/augmented reality, massive content streaming, telepresence, user-centric computing, crowded area services, smart personal networks, Internet of Things (IoT), smart buildings and smart cities. The communication in 5G networks and beyond is currently in the center of attention of industry, academia, and government worldwide. Emerging network concepts drive many new requirements for different network capabilities. As future networks aim at utilizing many promising network technologies, such as Software Defined Networking (SDN), Network Functions Virtualization (NFV), Information Centric Network (ICN), Network Slicing or Cloud Computing and supporting a huge number of connected devices integrating above mentioned advanced technologies and innovating new techniques will surely bring tremendous challenges for security, privacy and trust. Therefore, secure network architectures, mechanisms, and protocols are required as the basis for emerging networks to address these issues and follow security-by-design approach. Finally, since in current and future networks even more user data and network traffic will be transmitted, big data security solutions should be considered in order to address the magnitude of the data volume and ensure data security and privacy. From this perspective, the ENS 2021 workshop aims at collecting the most relevant ongoing research efforts in emerging network security field. It also serves as a forum for 5G & beyond projects in order to disseminate their security-related results and boost cooperation, also foster development of the 5G and beyond Security Community made of 5G security experts and practitioners who pro-actively discuss and share information to collectively progress and align on the field. Last but not least it also aims to bridge 5G & Beyond community with other communities (e.g. AI) that are key to support full attainment of 5G & Beyond but also 6G promises and so for those technologies to release their full potential.

For more information, please see http://www.ares-conference.eu.

USENIX Security 2021 30th USENIX Security Symposium, Vancouver, B.C., Canada, August 11–13, 2021. [posted here 7/6/20]
USENIX Security brings together researchers, practitioners, system administrators, system programmers, and others to share and explore the latest advances in the security and privacy of computer systems and networks. All researchers are encouraged to submit papers covering novel and scientifically significant practical works in computer security. The Symposium will span three days with a technical program including refereed papers, invited talks, posters, panel discussions, and Birds-of-a-Feather sessions. Co-located events will precede the Symposium on August 9 and 10. Please note that the USENIX Security Symposium moved to multiple submission deadlines in 2019 and included changes to the review process and submission policies.

For more information, please see https://www.usenix.org/conference/usenixsecurity21/call-for-papers.

CSET 2021 14th Cyber Security Experimentation and Test Workshop, Virtual, August 9, 2021. [posted here 1/3/21]
For 13 years, the Workshop on Cyber Security Experimentation and Test (CSET) has been an important and lively space for presenting research on and discussing “meta” cybersecurity topics related to reliability, validity, reproducibility, transferability, ethics, and scalability—in practice, in research, and in education. Submissions are particularly encouraged to employ a scientific approach to cybersecurity and/or demonstrably grow community resources. CSET was traditionally sponsored by USENIX. In 2020, USENIX Association decided to discontinue their support of all workshops (including CSET) due to pandemic effects on USENIX financial revenue. We are committed to continuing the CSET Workshop independently for 2021 and hope that we may rejoin USENIX in the future. We plan to hold the workshop virtually at the time when it would originally have been held—on Monday, August 9, preceding USENIX Security Symposium 2021.

For more information, please see https://cset21.isi.edu/.

CSR 2021 IEEE International Conference on Cyber Security and Resilience, Virtual, July 26-28, 2021. [posted here 11/23/20]
The technological and industrial revolution brought by complex Cyber-Physical Systems (CPSs) comes with new threats and cyber-attacks that exploit their inherent complexity and heterogeneity. Systems under attack, should exhibit cyber resilience, i.e. a mixture of strategies, methods, and techniques to support complex CPS adaptive capacity during cyber-attacks. The conference focuses on theoretical and practical aspects of the security, privacy, trust, and resilience of networks, systems, and services as well as novel ways for dealing with their vulnerabilities and mitigating sophisticated cyber-attacks.

For more information, please see https://www.ieee-csr.org/.

IoTSPT-ML 2021 11th International Workshop on Security, Privacy, Trust, and Machine Learning for Internet of Things, Held in conjunction with the 30th International Conference on Computer Communications and Networks (ICCCN 2021), Athens, Greece, July 22, 2021. [posted here 1/3/21]
Internet of Things (IoT) has emerged as the next big technological revolution in computing in recent years with the potential to transform every sphere of human life. With an expanding network of interconnected Internet-enabled devices, IoT devices are used in a range of applications from connected cars, smart homes, healthcare, smart retail, to supply-chain management. The rise of this transformative technology is however deeply mired with security and privacy concerns. The large influx of connected devices in the market introduces new vulnerabilities and opens new avenues for security attacks. The massive scale and variety of these devices also make it challenging for the manufacturers to design and implement manageable security and privacy solutions resulting in devices shipped without adequate security controls in place. Traditional security, privacy and trust-based solutions are also found to be inefficient against the various constraints of the IoT environment. In the IoT ecosystem, where devices are constantly generating increased volume of big of data, machine-learning algorithms can be useful to perform intelligent processing, automated data analysis and provide meaningful interpretations and predictions to support smart and secure IoT applications. Machine learning techniques that enable the IoT devices to learn and adapt to various threats dynamically will be critical to building secure IoT systems. Use of machine learning for IoT security is especially very promising to detect any outliers to normal activity in the system. This workshop aims to promote discussions of research and relevant activities in the models and design of secure, privacy-preserving, or trust architectures, data analyses and fusion platforms, protocols, algorithms, services, and applications for next generation IoT systems. We especially encourage security and privacy solutions that employ innovative machine learning techniques to tackle the issues of data volume and variety problems that are systemic in IoT platforms.

For more information, please see https://sites.google.com/uw.edu/iotspt-ml2021.

DBSec 2021 35th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, Virtual, July 19 – 20, 2021. [posted here 2/22/21]
DBSec is an annual international conference covering research in data and applications security and privacy. The conference seeks submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of data protection, privacy, and applications security.

For more information, please see https://dbsec2021.ucalgary.ca.

ACM WiSec 2021 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Virtual, June 28 - July 1, 2021. [posted here 2/1/21]
ACM WiSec is the leading ACM and SIGSAC conference dedicated to all aspects of security and privacy in wireless and mobile networks and their applications. In addition to the traditional ACM WiSec topics of physical, link, and network layer security, we welcome papers focusing on the increasingly diverse range of mobile or wireless applications such as Internet of Things, Cyber-Physical Systems, as well as the security and privacy of mobile software platforms, usable security and privacy, biometrics, and cryptography. The conference welcomes both theoretical as well as systems contributions. Topics of interest include, but are not limited to:
- Cryptographic primitives for wireless and mobile security
- Data-driven security attacks and countermeasures
- Economics of mobile security and privacy
- Jamming attacks and defenses
- Key management (agreement or distribution) for wireless or mobile systems
- Lightweight cryptography primitives and protocols
- Mobile malware and platform security
- NFC and smart payment applications
- Next generation cellular network fraud and security
- Physical tracking security and privacy
- Resilience and dependability for mobile and wireless networks
- Reverse engineering of and tampering with mobile applications
- Security and privacy for cognitive radio and dynamic spectrum access systems
- Security and privacy for mobile applications (e.g., mobile sensing systems)
- Security and privacy for smart devices (e.g., smartphones)
- Secure localization and location privacy
- Security protocols for wireless networking
- Side-channel and fault attacks on smart devices
- Side-channel attacks on mobile and wearable systems
- Theoretical and formal approaches for wireless and mobile security
- Usable mobile security and privacy
- Vehicular networks security (e.g., drones, automotive, avionics, autonomous driving)
- Wireless and mobile privacy and anonymization techniques
- Wireless or mobile security for cyber-physical systems (e.g, healthcare, smart grid) and IoT systems
- Wireless network security for critical infrastructures

For more information, please see https://sites.nyuad.nyu.edu/wisec21/.

CSF 2021 34th IEEE Computer Security Foundations Symposium, Virtual, June 21-25, 2021. [posted here 7/20/20]
The Computer Security Foundations Symposium (CSF) is an annual conference for researchers in computer security, to examine current theories of security, the formal models that provide a context for those theories, and techniques for verifying security. It was created in 1988 as a workshop of the IEEE Computer Society's Technical Committee on Security and Privacy, in response to a 1986 essay by Don Good entitled “The Foundations of Computer Security—We Need Some.” The meeting became a “symposium” in 2007, along with a policy for open, increased attendance. Over the past two decades, many seminal papers and techniques have been presented first at CSF. For more details on the history of the symposium, visit CSF's home. The program includes papers, panels, and a poster session. Topics of interest include access control, information flow, covert channels, cryptographic protocols, database security, language-based security, authorization and trust, verification techniques, integrity and availability models, and broad discussions concerning the role of formal methods in computer security and the nature of foundational research in this area.

For more information, please see https://www.ieee-security.org/TC/CSF2021/.

Cloud S&P 2021 3rd Workshop on Cloud Security and Privacy, Held in conjunction with ACNS 2021, Kamakura, Japan, June 21-24, 2021. [posted here 1/25/21]
CLOUD S&P aims to provide a platform for researchers and practitioners to present and discuss a wide-range of security and privacy issues and their solutions to ensure better protection in a cloud ecosystem. This workshop invites submissions on new attacks and solutions on various cloud-centric technologies, as well as short surveys and case studies that shed light on the security implications of clouds. Topics of interest include, but are not limited to:
- Access Control in Clouds
- Virtual Network Security
- Privacy-Enhanced Technologies for Clouds
- Data Protection in Clouds
- Trusted Computing in Clouds
- Cloud Forensics
- Cloud Security Auditing
- Identity Management in Clouds
- Risk Analysis for Clouds
- SDN/NFV Security
- Security and Privacy of Federated Clouds and Edge Computing
- Security and Privacy of Fog Computing
- Security and Privacy of Big Data

For more information, please see http://cloudsp2021.encs.concordia.ca/.

SecMT 2021 International Workshop on Security in Mobile Technologies, Held in conjunction with ACNS 2021, Kamakura, Japan, June 21-24, 2021. [posted here 12/28/20]
Despite being small computing devices, smartphones offer a wide range of functionalities and services to their users, which are currently encountered to be more than one third of the world population. This range of features introduces new security and privacy threats, which expose users to serious damages. Even though research in mobile security has been active over the past 10 years, as long as the mobile technology is used, new challenges will always come up. The purpose of this workshop is to bring researchers, hardware and software developers, as well as practitioners and policy makers, to explore the latest advances in the security and privacy for mobile devices. Topics of interest include, but are not limited to:
- Mobile network security
- Mobile operating system security
- Side-channel attacks on mobile devices
- Mobile authentication
- Mobile transactions security
- Software vulnerabilities in mobile devices
- Hardware vulnerabilities in mobile devices
- Mobile applications security
- Mobile malware

For more information, please see https://spritz.math.unipd.it/events/2021/ACNS_Workshop/index.html.

CPSS 2021 7th ACM Cyber-Physical System Security Workshop, Held in conjunction with ACM AsiaCCS 2021, Hong Kong, China, June 7, 2021. [posted here 12/14/20]
Cyber-Physical Systems (CPS) of interest to this workshop consist of large-scale interconnected systems of heterogeneous components interacting with their physical environments. There exist a multitude of CPS devices and applications deployed to serve critical functions in our lives thus making security an important non-functional attribute of such systems. This workshop will provide a platform for professionals from academia, government, and industry to discuss novel ways to address the ever-present security challenges facing CPS. We seek submissions describing theoretical and practical solutions to security challenges in CPS. Submissions pertinent to the security of embedded systems, IoT, SCADA, smart grid, and other critical infrastructure are welcome. Topics of interest include, but are not limited to:
- Attack detection for CPS
- Authentication and access control for CPS
- Autonomous vehicle security
- Availability and auditing for CPS
- Blockchain for CPS security
- Data security and privacy for CPS
- Digital twins for CPS
- Embedded systems security
- Formal methods in CPS
- Industrial control system security
- IoT security
- Legacy CPS system protection
- Lightweight crypto and security
- Maritime cyber security
- Recovery from cyber attacks
- Security and risk assessment for CPS
- Security architectures for CPS
- Security by design for CPS
- Smart grid security
- Threat modeling for CPS
- Transportation system security
- Vulnerability analysis for CPS
- Wireless sensor network security

For more information, please see https://spritz.math.unipd.it/events/2021/CPSS/index.html.

OID 2021 Open Identity Summit, Copenhagen, Denmark, June 1 - 2, 2021. [posted here 2/22/21]
The aim of Open Identity Summit 2021 is to link practical experiences and requirements with academic innovations. Focus areas will be Research and Applications in the area of Identity Management, Trust Services, Open Source, Internet of Things, Distributed Ledgers and Cloud Computing. Open standards and interfaces as well as open source technologies play a central role in the current identity management landscape as well as in emerging future scenarios in the area of electronic identification and trust services for electronic transactions. Reliable identity management is an essential building block for many applications and services such as innovative payment services, digital manufacturing, and other innovative applications in the area of e-health, e-government, distributed ledgers, cloud computing, data management for artificial intelligence, and the internet of things. While there are already plenty of successful applications in which those techniques are applied to safeguard authenticity, integrity and confidentiality, there are still many closely related areas, which demand further research. These include technical solutions that provide higher levels of transparency, intervenability and accountability. We invite stakeholders and technical experts from public administration, industry, science and academia to propose contributions to the program of the workshop.

For more information, please see https://oid2021.compute.dtu.dk/.

SADFE 2021 6th International Workshop on Traffic Measurements for Cybersecurity, Held in conjunction with IEEE S&P 2021, Virtual event, May 27, 2021. [posted here 12/7/20]
The SADFE (Systematic Approaches to Digital Forensic Engineering) International Workshop brings together researchers and practitioners focused on the state-of-the-art and emerging topics of interest in digital forensics. The workshop promotes systematic approaches to digital forensic investigation on the vulnerabilities of today’s cyber systems and networks, digital exploitation and manipulation, and on the emerging methods for how to detect, track, and prevent digital threats. SADFE embraces Digital Forensic Engineering (DFE) advancement as a disciplined and holistic scientific practice.

Namely, the workshop focuses on the topics of AI-generated falsified media (e.g. DeepFakes), cloud forensics, emerging and non-traditional methods (e.g. digital currency forensics, contact tracing, digital evidence management and analysis), forensics of embedded and non-traditional forensics, and related legal, ethical and technical challenges.

The 2021 SADFE Workshop is calling for paper and poster submissions as well as panel proposals in the broad field of Digital Forensics from both practitioner and researcher perspectives. With the dynamic change and rapid expansion of the types of electronic devices, networked applications, and investigation challenges, systematic approaches for automating the process of gathering, analyzing and presenting digital evidence are in unprecedented demand. The SADFE Workshop aims to promote solutions to these and related problems.

For more information, please see http://sadfe.org/Sadfe21/callforpapers21.html.

WTMC 2021 6th International Workshop on Traffic Measurements for Cybersecurity, Held in conjunction with IEEE S&P 2021, Virtual event, May 27, 2021. [posted here 11/9/20]
Current communication networks are increasingly becoming pervasive, complex, and ever-evolving due to factors like enormous growth in the number of network users, continuous appearance of network applications, increasing amount of data transferred, and diversity of user behaviors. Understanding and measuring traffic in such networks is a difficult yet vital task for network management but recently also for cybersecurity purposes. Network traffic measuring and monitoring can, for example, enable the analysis of the spreading of malicious software and its capabilities or can help to understand the nature of various network threats including those that exploit users’ behavior and other user’s sensitive information. On the other hand network traffic investigation can also help to assess the effectiveness of the existing countermeasures or contribute to building new, better ones. Recently, traffic measurements have been utilized in the area of economics of cybersecurity e.g. to assess ISP "badness" or to estimate the revenue of cybercriminals. The aim of this workshop is to bring together the research accomplishments provided by researchers from academia and the industry. The other goal is to show the latest research results in the field of cybersecurity and understand how traffic measurements can influence it. We encourage prospective authors to submit related distinguished research papers on the subject of both: theoretical approaches and practical case reviews. This workshop presents some of the most relevant ongoing research in cybersecurity seen from the traffic measurements perspective. The workshop will be accessible to both non-experts interested in learning about this area and experts interested in hearing about new research and approaches. Topics of interest include but are not limited to:
- Measurements for network incidents response, investigation, and evidence handling
- Measurements of cyber attacks (e.g. DDoS, botnet, malware, and phishing campaigns)
- Measurements for security of web-based applications and services (e.g. social networking)
- Measurements for network anomalies detection
- Measurements for economics of cybersecurity and privacy
- Measurements of security and privacy for the Internet of Things
- Measurements of Internet censorship
- Measurement studies describing the impacts of regulations on cybersecurity and users' privacy (e.g. GDPR)
- Network traffic analysis to discover the nature and evolution of the cybersecurity threats
- Measurements of cyber-physical systems security
- Measurements for assessing the effectiveness of the threats detection/prevention methods and countermeasures
- Novel passive, active and hybrid measurements techniques for cybersecurity purposes
- Traffic classification and topology discovery tools for monitoring the evolving status of the network from the cybersecurity perspective
- Correlation of measurements across multiple layers, protocols or networks for cybersecurity purposes
- Machine learning and data mining for analysis of network traffic measurements for cybersecurity
- Novel approaches for large-scale measurements for cybersecurity (e.g. crowd-sourcing)
- Novel visualization approaches to detect network attacks and other threats
- Analysis of network traffic to provide new insights about network structure and behavior from the security perspective
- Measurements of network protocol and applications behavior and its impact on cybersecurity and users' privacy
- Vulnerability notifications
- Measurements for new cybersecurity settings
- Ethical issues in measurements for cybersecurity
- Reappraisal of previous empirical findings

For more information, please see https://wtmc.info.

SafeThings 2021 5th IEEE Workshop on the Internet of Safe Things, Held in conjunction with IEEE S&P 2021, Virtual event, May 27, 2021. [posted here 11/9/20]
As traditionally segregated systems are brought online for next-generation connected applications, we have an opportunity to significantly improve the safety of legacy systems. For instance, insights from data across systems can be exploited to reduce accidents, improve air quality and support disaster events. Cyber-physical systems (CPS) also bring new risks that arise due to the unexpected interaction between systems. These safety risks arise because of information that distracts users while driving, software errors in medical devices, corner cases in data-driven control, compromised sensors in drones or conflicts in societal policies. Accordingly, the Workshop on the Internet of Safe Things (or SafeThings, for brevity) seeks to bring researchers and practitioners that are actively exploring system design, modeling, verification, authentication approaches to provide safety guarantees in the Internet of Things (IoT). The workshop welcomes contributions that integrate hardware and software systems provided by disparate vendors, particularly those that have humans in the loop. As safety is inherently linked with security and privacy, we also seek contributions in these areas that address safety concerns. With the SafeThings workshop, we seek to develop a community that systematically dissects the vulnerabilities and risks exposed by these emerging CPSes, and create tools, algorithms, frameworks, and systems that help in the development of safe systems.

The scope of SafeThings includes safety topics as it relates to an individual’s health (physical, mental), society (air pollution, toxicity, disaster events), or the environment (species preservation, global warming, oil spills). The workshop considers safety from a human perspective, and thus, does not include topics such as thread safety or memory safety in its scope.

Topics of interest include, but are not limited to, the following categories:
- Verification of safety in IoT/CPS platforms
- Authentication in IoT/CPS settings
- Adversarial machine learning and testing of IoT/CPS systems
- Secure perception, localization, and planning in autonomous systems (e.g., autonomous vehicles and drones)
- Sensors/analog and network protocol security in IoT/CPS systems
- Compliance with legal, health, and environmental policies
- Conflict resolution between IoT applications
- Secure connectivity and updates in IoT/CPS
- Secure integration of hardware and software systems
- Privacy challenges in IoT/CPS settings
- Privacy preserving data sharing and analysis
- Resiliency against attacks and faults
- Safety in human-in-the-loop systems
- Support for IoT/CPS development - debugging tools, emulators, testbeds
- Usable security and privacy for IoT/CPS platforms
- Smart homes, smart buildings and smart city security and privacy issues

For more information, please see https://www.ieee-security.org/TC/SP2021/SPW2021/safethings2021.

SP 2021 42nd IEEE Symposium on Security and Privacy, Virtual (San Francisco, CA, USA), May 23-27, 2021. (Submission Due 5 March 2020, 4 June 2020, 3 September 2020, and 3 December 2020) [posted here 5/25/20]
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
- Access control and
- Anonymity
- Application security
- Attacks and defenses
- Authentication
- Blockchains and distributed ledger security
- Censorship resistance
- Cloud security
- Cyber physical systems security
- Distributed systems security
- Economics of security and privacy
- Embedded systems security
- Forensics
- Hardware security
- Intrusion detection and prevention
- Malware and unwanted software
- Mobile and Web security and privacy
- Language-based security
- Machine learning and AI security
- Network and systems security
- Privacy technologies and mechanisms
- Protocol security
- Secure information flow
- Security and privacy for the Internet of Things
- Security and privacy metrics
- Security and privacy policies
- Security architectures
- Usable security and privacy
- Trustworthy computing
- Web security

This topic list is not meant to be exhaustive; SP is interested in all aspects of computer security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.

Systematization of Knowledge Papers: As in past years, we solicit systematization of knowledge (SoK) papers that evaluate, systematize, and contextualize existing knowledge, as such papers can provide a high value to our community. Suitable papers are those that provide an important new viewpoint on an established, major research area, support or challenge long-held beliefs in such an area with compelling evidence, or present a convincing, comprehensive new taxonomy of such an area. Survey papers without such insights are not appropriate and may be rejected without full review. Submissions will be distinguished by the prefix “SoK:” in the title and a checkbox on the submission form. They will be reviewed by the full PC and held to the same standards as traditional research papers, but they will be accepted based on their treatment of existing work and value to the community, and not based on any new research results they may contain. Accepted papers will be presented at the symposium and included in the proceedings.

Quarterly Submissions: Based on the experience in the past two years, the reviewing process for IEEE SP is changed to a quarterly submission model. Within 2.5 months of submission, author notifications of Accept/Revise/Reject decisions will be sent out. For each submission, one of the following decisions will be made:

  • Accept: Papers in this category will be accepted for publication in the proceedings and presentation at the conference, possibly after making minor changes with the oversight of a shepherd. Within one month of acceptance, all accepted papers must submit a camera-ready copy incorporating reviewer feedback. The papers will immediately be published, open access, in the Computer Society’s Digital Library, and they may be cited as “To appear in the IEEE Symposium on Security & Privacy, May 2021”.
  • Revise: A limited number of papers will be invited to submit a revision; such papers will receive a specific set of expectations to be met by that revision. Authors can submit a revised paper to the next two quarterly submission deadlines after the notification. The authors should clearly explain in a well-marked appendix how the revisions address the comments of the reviewers. The revised paper will then be re-evaluated, and either accepted or rejected.
  • Reject: Papers in this category are declined for inclusion in the conference. Rejected papers must wait for one year, from the date of original submission, to resubmit to IEEE S&P. A paper will be judged to be a resubmit (as opposed to a new submission) if the paper is from the same or similar authors, and a reviewer could write a substantially similar summary of the paper compared with the original submission. As a rule of thumb, if there is more than 40% overlap between the original submission and the new paper, it will be considered a resubmission.
All papers accepted by February 21, 2021 will appear in the proceedings of the symposium in May 2021 and invited to present their work. These include papers that were submitted in December 2020 and were accepted without revision, or papers that were submitted by June 2020, got the Revise decision, and resubmitted the revised paper in December.

For more information, please see https://www.ieee-security.org/TC/SP2021/cfpapers.html.

IEEE SP/SPW 2021 IEEE Security and Privacy Workshops, Held in conjunction with the 42nd IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 23-27, 2021. (Workshop Proposal Submission Due 2 October 2020) [posted here 9/7/20]
There will be some interaction in deciding upon and setting up a workshop, but the initial proposal should already contain a considerable amount of information. A workshop proposal template is available online at the IEEE S&P ÒCall for WorkshopsÓ website (https://www.ieee-security.org/TC/SP2021/cfworkshops.html), providing instructions and a more detailed description of information to include in proposals:
- Workshop organizers
- Workshop length
- Technical proposal
- Topics to be addressed
- Importance of these topics
- Preliminary call for papers/posters/contributions
- Preliminary program committee
- Proposed review process
- Expected number of participants
- Publication policy
- Workshop planning schedule
- Publicity plan
- Special meeting logistics requirements

For more information, please see https://www.ieee-security.org/TC/SP2021/cfworkshops.html.

CODASPY 2021 11th ACM Conference on Data and Application Security and Privacy, Baltimore-Washington, DC Area, USA, March 22-24, 2021. [posted here 8/1/20]
Data and applications security and privacy has rapidly expanded as a research field with many important challenges to be addressed. The goal of the ACM Conference on Data and Applications Security (CODASPY) is to discuss novel, exciting research topics in data and application security and privacy, and to lay out directions for further research and development in this area. The conference seeks submissions from diverse communities, including corporate and academic researchers, open-source projects, standardization bodies, governments, system and security administrators, software engineers and application domain experts. Topics of interest include, but are not limited to:
- Application-layer security policies
- Access control for applications
- Access control for databases
- Data-dissemination controls
- Data forensics
- Data leak detection and prevention
- Enforcement-layer security policies
- Privacy-preserving techniques
- Private information retrieval
- Search on protected/encrypted data
- Secure auditing
- Secure collaboration
- Secure data provenance
- Secure electronic commerce
- Secure information sharing
- Secure knowledge management
- Secure multiparty computation
- Secure software development
- Securing data/apps on untrusted platforms
- Securing the semantic web
- Security and privacy in GIS/spatial data
- Security and privacy in healthcare
- Security and privacy in the Internet of Things
- Security policies for databases
- Social computing security and privacy
- Social networking security and privacy
- Trust metrics for applications, data, and users
- Usable security and privacy
- Web application security

For more information, please see http://www.codaspy.org/2021/.

NDSS 2021 Network and Distributed System Security Symposium, San Diego, CA, USA, February 21-24, 2021. [posted here 4/20/20]
The Network and Distributed System Security Symposium (NDSS) is a top venue that fosters information exchange among researchers and practitioners of computer, network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of practical security technologies.

Technical papers and panel proposals are solicited. Authors are encouraged to write the abstract and introduction of their paper in a way that makes the results accessible and compelling to a general computer-security researcher. All submissions will be reviewed by the Program Committee and accepted submissions will be published by the Internet Society in the Proceedings of NDSS 2021. The Proceedings will be made freely accessible from the Internet Society web pages. Furthermore, permission to freely reproduce all or parts of papers for noncommercial purposes is granted provided that copies bear the Internet Society notice included in the first page of the paper. The authors are therefore free to post the camera-ready versions of their papers on their personal pages and within their institutional repositories. Reproduction for commercial purposes is strictly prohibited and requires prior consent.

NDSS will have two review cycles in 2021: a Summer submission perios and a fall submission period. The full list of important dates for each session is listed below. All submissions must be received by 11:59 PM AoE (UTC-12) on the day of the corresponding deadline.

For more information, please see https://www.ndss-symposium.org/ndss-2021/call-for-papers/.

IFIP119-DF 2021 17th Annual IFIP WG 11.9 International Conference on Digital Forensics, SRI International, Arlington, Virginia, USA, February 1-2, 2021. [posted here 7/6/20]
The IFIP Working Group 11.9 on Digital Forensics (www.ifip119.org) is an active international community of scientists, engineers and practitioners dedicated to advancing the state of the art of research and practice in digital forensics. The Seventeenth Annual IFIP WG 11.9 International Conference on Digital Forensics will provide a forum for presenting original, unpublished research results and innovative ideas related to the extraction, analysis and preservation of all forms of electronic evidence. Papers and panel proposals are solicited. All submissions will be refereed by a program committee comprising members of the Working Group. Papers and panel submissions will be selected based on their technical merit and relevance to IFIP WG 11.9. The conference will be limited to approximately 50 participants to facilitate interactions between researchers and intense discussions of critical research issues. Keynote presentations, revised papers and details of panel discussions will be published as an edited volume – the seventeenth volume in the well-known Research Advances in Digital Forensics book series (Springer, Cham, Switzerland) during the summer of 2021. Technical papers are solicited in all areas related to the theory and practice of digital forensics. Areas of special interest include, but are not limited to:
- Theories, techniques and tools for extracting, analyzing and preserving digital evidence
- Enterprise and cloud forensics
- Embedded device forensics
- Internet of Things forensics
- Social media forensics
- Multimedia forensics
- Digital forensic processes and workflow models
- Digital forensic case studies
- Legal, ethical and policy issues related to digital forensics

For more information, please see http://www.ifip119.org/Conferences/.