Cipher Upcoming Conferences
Cipher
Calls for Papers



IEEE Computer Society's Technical Committee on Security and Privacy


 


Calls for Papers

Last Modified:3/25/19

Upcoming Conferences and Workshops

Note: The submission date has passed.

March 2019

CODASPY 2019 9th ACM Conference on Data and Application Security and Privacy, Dallas, TX, USA, March 25-27, 2019. [posted here 8/6/18]
CODASPY has had eight successful years and the goal of the conference is to discuss novel, exciting research topics in data and application security and privacy, and to lay out directions for further research and development in this area. The conference seeks submissions from diverse communities, including corporate and academic researchers, open-source projects, standardization bodies, governments, system and security administrators, software engineers and application domain experts. Topics of interest include, but are not limited to:
- Application-layer security policies
- Access control for applications
- Access control for databases
- Data-dissemination controls
- Data forensics
- Data leak detection and prevention
- Enforcement-layer security policies
- Privacy-preserving techniques
- Private information retrieval
- Search on protected/encrypted data
- Secure auditing
- Secure collaboration
- Secure data provenance
- Secure electronic commerce
- Secure information sharing
- Secure knowledge management
- Secure multiparty computation
- Secure software development
- Securing data/apps on untrusted platforms
- Securing the semantic web
- Security and privacy in GIS/spatial data
- Security and privacy in healthcare
- Security and privacy in the Internet of Things
- Security policies for databases
- Social computing security and privacy
- Social networking security and privacy
- Trust metrics for applications, data, and users
- Usable security and privacy
- Web application security

For more information, please see http://www.codaspy.org.

IWSPA 2019 5th International Workshop on Security and Privacy Analytics, Co-located with ACM CODASPY 2019, Dallas, TX, USA, March 27, 2019. [posted here 10/22/18]
Increasingly, sophisticated techniques from machine learning, data mining, statistics and natural language processing are being applied to challenges in security and privacy fields. However, experts from these areas have no medium where they can meet and exchange ideas so that strong collaborations can emerge, and cross-fertilization of these areas can occur. Moreover, current courses and curricula in security do not sufficiently emphasize background in these areas and students in security and privacy are not emerging with deep knowledge of these topics. Hence, we propose a workshop that will address the research and development efforts in which analytical techniques from machine learning, data mining, natural language processing and statistics are applied to solve security and privacy challenges ("security analytics"). Submissions of papers related to methodology, design, techniques and new directions for security and privacy that make significant use of machine learning, data mining, statistics or natural language processing are welcome. Furthermore, submissions on educational topics and systems in the field of security analytics are also highly encouraged.

For more information, please see https://sites.google.com/view/iwspa-2019/home.

April 2019

HotSoS 2019 6th Symposium and Bootcamp on the Science of Security, Nashville, Tennessee, USA, April 2-3, 2019. [posted here 12/10/18]
This symposium solicits original and solid scientific work in security and privacy which examines the scientific foundations of trustworthy systems for security and privacy, and it can be generalized across multiple domains with quantifiable evidence for advancing security objectives. The symposium program will include invited talks, refereed papers, panels, tutorials, and posters. The poster session will include a poster competition on developing security metrics. The papers will appear in the conference proceedings to be published by ACM Press. We invite submissions on any topic related to science of security that aligns with the conference scope and goals listed above. HoTSoS 2019 will highlight the following themes:
- Resilient Architectures for designing and analyzing system architectures that deliver required service in the face of compromised components, - Scalability and Composability for automating the construction of provably secure systems from components with known security properties, - Policy Governed Secure Collaboration for handling data across different domains of authority while ensuring security and privacy, - Security-Metrics-Driven Development and Evaluation for guiding choice-making in security engineering and response by assuring or predicting the security properties of cyber systems, - Understanding and Accounting for Human Behavior, including modeling users, operators, and adversaries, to for enabling the design, modeling, and analysis of systems with specified security properties, - Privacy Policy Enforcement for enabling the use (i.e., collect, store, and share) of data in accordance with requirements, and - Foundations for the security of cyber-physical systems security and resilience, including applications to the Internet of Things.

For more information, please see https://cps-vo.org/group/hotsos.

SPW 2019 27th International Workshop on Security Protocols, Cambridge, UK, April 10-12, 2019. [posted here 12/10/18]
The theme of the 2019 workshop is "security protocols for humans". Getting protocol details right is critical in the presence of a malicious adversary, but so is understanding the context in which a protocol is deployed: protocols are components of larger systems that human beings put their trust in. How can we design protocols to expose meaningful information about state and functionality to their users? What are the consequences when we donít? How can we bridge the gap between technical definitions of protocol correctness and users' security expectations? Note: this theme is not intended to restrict the topic of your paper, but to help provide a particular perspective and focus to the discussions. Our intention is to stimulate discussion likely to lead to conceptual advances, or to promising new lines of investigation, rather than to consider finished work.

For more information, please see https://www.cl.cam.ac.uk/events/spw/2019.

May 2019

ACM WiSec 2019 12th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Miami beach, FL, USA, May 15-17, 2019. [posted here 11/19/18]
ACM WiSec is the leading ACM and SIGSAC conference dedicated to all aspects of security and privacy in wireless and mobile networks and their applications. In addition to the traditional ACM WiSec topics of physical, link, and network layer security, we welcome papers focusing on the increasingly diverse range of mobile or wireless applications such as Internet of Things, and Cyber-Physical Systems, as well as the security and privacy of mobile software platforms, usable security and privacy, biometrics, and cryptography. The conference welcomes both theoretical as well as systems contributions. Topics of interest include, but are not limited to:
- Security protocols for wireless networking
- Security & privacy for smart devices (e.g., smartphones)
- Security of mobile applications for smartphones and wearables
- Wireless and mobile privacy and anonymity
- Secure localization and location privacy
- Cellular network fraud and security
- Jamming attacks and defenses
- Key management (agreement or distribution) for wireless or mobile systems
- Theoretical and formal approaches for wireless and mobile security
- Physical layer and Information-theoretic security schemes for wireless systems
- Cryptographic primitives for wireless and mobile security
- NFC and smart payment applications
- Security and privacy for mobile sensing systems
- Wireless or mobile security for Cyber-Physical Systems (e.g, healthcare, smart grid, or IoT applications)
- Vehicular networks security (e.g., drones, automotive, avionics, autonomous driving)
- Physical tracking security and privacy
- Usable mobile security and privacy
- Economics of mobile security and privacy
- Mobile malware and platform security
- Security for cognitive radio and dynamic spectrum access systems

For more information, please see https://wisec19.fiu.edu/.

SP 2019 40th IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 20-22, 2019. (Submission Due first day of each month) [posted here 06/12/17]
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
- Access control and authorization
- Accountability
- Anonymity
- Application security
- Attacks and defenses
- Authentication
- Censorship resistance
- Cloud security
- Distributed systems security
- Economics of security and privacy
- Embedded systems security
- Forensics
- Hardware security
- Intrusion detection and prevention
- Malware and unwanted software
- Mobile and Web security and privacy
- Language-based security
- Network and systems security
- Privacy technologies and mechanisms
- Protocol security
- Secure information flow
- Security and privacy for the Internet of Things
- Security and privacy metrics
- Security and privacy policies
- Security architectures
- Usable security and privacy
This topic list is not meant to be exhaustive; S&P is interested in all aspects of computer security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.

Systematization of Knowledge Papers
As in past years, we solicit systematization of knowledge (SoK) papers that evaluate, systematize, and contextualize existing knowledge, as such papers can provide a high value to our community. Suitable papers are those that provide an important new viewpoint on an established, major research area, support or challenge long-held beliefs in such an area with compelling evidence, or present a convincing, comprehensive new taxonomy of such an area. Survey papers without such insights are not appropriate. Submissions will be distinguished by the prefix ìSoK:î in the title and a checkbox on the submission form. They will be reviewed by the full PC and held to the same standards as traditional research papers, but they will be accepted based on their treatment of existing work and value to the community, and not based on any new research results they may contain. Accepted papers will be presented at the symposium and included in the proceedings.

Workshops
The Symposium is also soliciting submissions for co-located workshops. Further details on submissions can be found at https://www.ieee-security.org/TC/SP2018/workshops.html.

Ongoing Submissions
To enhance the quality and timeliness of the scientific results presented as part of the Symposium, and to improve the quality of our reviewing process, IEEE S&P now accepts paper submissions 12 times a year, on the first of each month. The detailed process can be found at the conference call-for-papers page.
.
For more information, please see https://www.ieee-security.org/TC/SP2019/cfpapers.html.

WTMC 2019 4th International Workshop on Traffic Measurements for Cybersecurity, Held in conjunction with 40th IEEE Symposium on Security and Privacy (SP 2019), San Francisco, California, USA, May 23, 2019. [posted here 12/3/18]
Current communication networks are increasingly becoming pervasive, complex, and ever-evolving due to factors like enormous growth in the number of network users, continuous appearance of network applications, increasing amount of data transferred, and diversity of user behaviors. Understanding and measuring traffic in such networks is a difficult yet vital task for network management but recently also for cybersecurity purposes. Network traffic measuring and monitoring can, for example, enable the analysis of the spreading of malicious software and its capabilities or can help to understand the nature of various network threats including those that exploit usersí behavior and other userís sensitive information. On the other hand network traffic investigation can also help to assess the effectiveness of the existing countermeasures or contribute to building new, better ones. Recently, traffic measurements have been utilized in the area of economics of cybersecurity e.g. to assess ISP ìbadnessî or to estimate the revenue of cyber criminals. The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field of cybersecurity and understand how traffic measurements can influence it. We encourage prospective authors to submit related distinguished research papers on the subject of both: theoretical approaches and practical case reviews. This workshop presents some of the most relevant ongoing research in cybersecurity seen from the traffic measurements perspective. The workshop will be accessible to both non-experts interested in learning about this area and experts interesting in hearing about new research and approaches.

For more information, please see http://wtmc.info/index.html.

Safethings 2019 IEEE Workshop on the Internet of Safe Things, Held in conjunction with the 40th IEEE Symposium on Security and Privacy (SP 2019), San Francisco, California, USA, May 23, 2019. [posted here 12/17/18]
The Internet of Things (IoT) has become increasingly popular and innovative. With the rise of connected devices, we have an opportunity to significantly improve the safety of legacy systems. For instance, insights from data across systems can be exploited to reduce accidents, improve air quality and support disaster events. IoT based cyber-physical systems (CPS) also bring new risks that arise due to the unexpected interaction between systems and the larger number of attack vectors on these systems. These safety risks can arise in the context of use of medical devices, smart home appliance control, smart car design or conflicts in policy execution at a societal scale. The Internet of Safe Things workshop seeks to bring together researchers to create solutions for the development of safe cyber-physical systems. As safety is inherently linked with the security and privacy of a system, we also seek contributions in these areas that address safety concerns. We seek to develop a community that systematically dissects the vulnerabilities and risks exposed by these emerging CPSes, and creates tools, algorithms, frameworks, and systems that help in the development of safe systems. We seek contributions across domains - autonomous vehicles, smart homes, medical devices, smart grid; and across disciplines - systems, control, human-computer interaction, security, reliability, machine learning, and verification.

For more information, please see https://www.ieee-security.org/TC/SPW2019/SafeThings/.

June 2019

SACMAT 2019 24th ACM Symposium on Access Control Models and Technologies, Toronto, Canada, June 4-6, 2019. [posted here 10/15/18]
The organizing committee of the 24th ACM Symposium on Access Control Models and Technologies (SACMAT 2019) invites contributions in all aspects of access control. The symposium will provide participants the opportunity to present work at different levels of development, from early work on promising ideas to fully developed technical results as well as system demonstrations. Papers offering novel research contributions are solicited for submission. Accepted papers will be presented at the symposium and published by the ACM in the symposium proceedings. In addition to the regular research track, this year SACMAT will again host a special track -- ìBlue Sky/Vision Trackî. Researchers are invited to submit papers describing promising new ideas and challenges of interest to the community as well as access control needs emerging from other fields. We are particularly looking for potentially disruptive and new ideas which can shape the research agenda for the next 10 years. We encourage submissions that present ideas that may have not been completely developed and experimentally evaluated. Submissions to the regular track covering any relevant area of access control are welcomed. Areas include, but are not limited to, the following:
- Access control for edge computing
- Applications
- Applied machine learning for access management
- Attribute-based systems
- Authentication
- Big data
- Biometrics
- Blockchain
- Cloud computing and network access control management
- Cryptographic approaches
- Cyber attacks and network dynamics
- Cyber-physical systems and Internet of Things (IoT)
- Databases and data management
- Data protection on untrusted infrastructure
- Design methodology
- Distributed and mobile systems
- Economic models and game theory
- Enforcement mechanisms
- Hardware enhanced security
- Identity management
- Identification of and protection from data leakage
- Mechanisms, systems, and tools
- Models and extensions
- Obligations
- Privacy-aware access control
- Policy engineering and analysis
- Requirements
- Risk and uncertainty
- Safety analysis
- Theoretical foundations
- Trust management
- Usability

For more information, please see http://www.sacmat.org/.

CNS 2019 IEEE Conference on Communications and Network Security, Washington, D.C., USA, June 10-12, 2019. [posted here 11/19/18]
The IEEE Conference on Communications and Network Security (CNS) is a premier forum for cyber security researchers, practitioners, policy makers, and users to exchange ideas, techniques and tools, raise awareness, and share experiences related to all practical and theoretical aspects of communications and network security. The conference seeks submissions from academia, government, and industry presenting novel research results in communications and network security. Particular topics of interest include, but are not limited to:
- Anonymity and privacy technologies
- Censorship countermeasures and privacy
- Combating cyber-crime (anti-spam, anti-phishing, anti-fraud techniques, etc.)
- Computer and network forensics
- Cyber deterrence strategies
- Game-theoretic security technologies
- Implementation and evaluation of networked security systems
- Information-theoretic security
- Intrusion detection, prevention, and response
- Key management, public key infrastructures, certification, revocation, and authentication
- Malware detection and mitigation
- Security metrics and models
- Physical-layer and cross-layer security technologies
- Security and privacy for big data
- Security and privacy for data and network outsourcing services
- Security and privacy for mobile and wearable devices
- Security and privacy in cellular networks
- Security and privacy in cloud and edge computing
- Internet Security: protocols, standards, measurements
- Security and privacy in crowdsourcing
- Security and privacy in cyber-physical systems
- Security and privacy in emerging wireless technologies and applications (dynamic spectrum sharing, cognitive radio networks, millimeter wave communications, MIMO systems, smart/connected vehicles, UAS, etc.)
- Security and privacy in peer-to-peer and overlay networks
- Security and privacy in WiFi, ad hoc, mesh, sensor, vehicular, body-area, disruption/delay tolerant, and social networks.
- Security and privacy in smart cities, smart and connected health, IoT, and RFID systems
- Security for critical infrastructures (smart grids, transportation systems, etc.)
- Security for future Internet architectures and designs
- Security for software-defined and data center networks
- Security in machine learning
- Social, economic, and policy issues of trust, security, and privacy
- Traffic analysis
- Usable security and privacy
- Web, e-commerce, m-commerce, and e-mail security

For more information, please see http://cns2019.ieee-cns.org/.

SSIoT 2019 1st IEEE EuroS&P Workshop on Software Security for Internet of Things, Co-located with IEEE EuroS&P 2019, Stockholm, Sweden, June 16, 2019. [posted here 1/14/19]
The Internet of Things (IoT), connecting large numbers of small embedded devices to the internet, is currently being deployed in critical infrastructures, factories, hospitals, smart buildings, and so on. Compromised or faulty IoT components and systems can cause catastrophic damage to individuals, companies, and society. However, existing software for IoT has not been designed with security as a main objective, but rather to cope with constrained memory, power, processing, and bandwidth resources. Consequently, techniques are needed by which software for IoT can achieve a highest level of security and safety. Such techniques are getting mature for other domains, in particular for mainstream computing systems, but IoT devices feature peculiar characteristics that hinder employing conventional software security techniques. There is a great push to bring advanced software security to IoT. At the same time, a targeted scientific IoT software security forum for discussions, publications and networking is currently lacking. The IEEE Workshop on Software Security for IoT (SSIoT) 2019 is the first international conference focusing primarily on the software security for the Internet of Things (IoT). SSIoT aims to provide a forum for exploring and evaluating ideas on bringing secure software to IoT and a venue to publish novel research ideas on this topic. SSIoT strongly encourages proposals of new, speculative ideas, evaluations of new or known techniques in practical settings, and discussions of emerging threats and important problems. We are especially interested in position papers that are radical, forward-looking, and likely to lead to lively and insightful discussions that will influence future research on IoT security.

For more information, please see http://www.cse.chalmers.se/~russo/ssiot19/.

EuroSP 2019 4th IEEE European Symposium on Security and Privacy, Stockholm, Sweden, June 17-19, 2019. [posted here 7/16/18]
Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field. Following this story of success, IEEE initiated the European Symposium on Security and Privacy (EuroS&P), which is organized every year in a European city. It is a premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in security or privacy. The emphasis is on building or attacking real systems, even better if actually deployed, rather than presenting purely theoretical results. Papers may present advances in the design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Papers that shed new light on past results by means of sound theory or thorough experimentation are also welcome. Topics of interest include:
- Access control
- Accountability
- Anonymity
- Application security
- Attacks and defenses
- Authentication
- Blockchain
- Censorship and censorship-resistance
- Cloud security
- Cryptography with applied relevance to security and privacy
- Distributed systems security
- Embedded systems security
- Forensics
- Formal methods for security
- Hardware security
- Human aspects of security and privacy
- Intrusion detection
- IoT security and privacy
- Language-based security
- Malware
- Metrics
- Mobile security and privacy
- Network security
- Privacy-preserving systems
- Protocol security
- Secure information flow
- Security and privacy policies
- Security architectures
- Security usability
- System security
- Web security and privacy

For more information, please see https://www.ieee-security.org/TC/EuroSP2019/.

DIMVA 2019 16th International Conference on Detection of Intrusions and Malware & Vulnerability Assessment, Gothenburg, Sweden, June 19-20, 2019. [posted here 12/1/18]
The annual DIMVA conference serves as a premier forum for advancing the state of the art in the broader areas of intrusion detection, malware analysis, and vulnerability assessment. Each year, DIMVA brings together international experts from academia, industry, and government to present and discuss novel research in these areas. DIMVA is organized by the special interest group Security - Intrusion Detection and Response (SIDAR) of the German Informatics Society (GI). DIMVA solicits submissions of high-quality, original scientific papers presenting novel research on malware analysis, intrusion detection, vulnerability assessment, and related systems security topics.

For more information, please see https://www.dimva2019.org/.

July 2019

CPSS 2019 5th ACM Cyber-Physical System Security Workshop, Held in conjunction with ACM AsiaCCS 2019, Auckland, New Zealand, July 8, 2019. [posted here 12/10/18]
Cyber-Physical Systems (CPS) of interest to this workshop consist of large-scale interconnected systems of heterogeneous components interacting with their physical environments. There exist a multitude of CPS devices and applications deployed to serve critical functions in our lives thus making security an important non-functional attribute of such systems. This workshop will provide a platform for professionals from academia, government, and industry to discuss novel ways to address the ever-present security challenges facing CPS. We seek submissions describing theoretical and practical solutions to security challenges in CPS. Submissions pertinent to the security of embedded systems, IoT, SCADA, smart grid, and other critical infrastructure are welcome.

For more information, please see http://jianying.space/cpss/CPSS2019/.

DBSec 2019 33rd Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, Charleston, SC, USA, July 15-17, 2019. [posted here 12/17/18]
DBSec is an annual international conference covering research in data and applications security and privacy. The conference seeks submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of data protection, privacy, and applications security. Topics of interest include, but are not limited to:
- access control
- anonymity
- applied cryptography in data security
- authentication
- big data security
- data and system integrity
- data protection
- database security
- digital rights management
- distributed and decentralised security
- identity management
- intrusion detection
- knowledge discovery and privacy
- methodologies for data and application security
- network security
- organisational and social aspects of security
- privacy
- secure cloud computing
- secure distributed systems
- secure information integration
- security and privacy in crowdsourcing
- security and privacy in IT outsourcing
- security and privacy in the Internet of Things
- security and privacy in location-based services
- security and privacy in P2P scenarios and social networks
- security and privacy in pervasive/ubiquitous computing
- security and privacy policies
- security management and audit
- security metrics
- threats, vulnerabilities, and risk management
- trust and reputation systems
- trust management
- Web security
- wireless and mobile security

For more information, please see https://dbsec2019.cse.sc.edu/.

PET 2019 19th Privacy Enhancing Technologies Symposium, Stockholm, Sweden, July 16–20, 2019. [posted here 09/17/18]
The annual Privacy Enhancing Technologies Symposium (PETS) brings together privacy experts from around the world to present and discuss recent advances and new perspectives on research in privacy technologies. Papers undergo a journal-style reviewing process and accepted papers are published in the journal Proceedings on Privacy Enhancing Technologies (PoPETs). PoPETs, a scholarly, open access journal for timely research papers on privacy, has been established as a way to improve reviewing and publication quality while retaining the highly successful PETS community event. PoPETs is published by De Gruyter Open, the world's second largest publisher of open access academic content, and part of the De Gruyter group, which has over 260 years of publishing history. PoPETs does not have article processing charges (APCs) or article submission charges. Submitted papers to PETS/PoPETs should present novel practical and/or theoretical research into the design, analysis, experimentation, or fielding of privacy-enhancing technologies. Authors can submit papers to PoPETs four times a year, every three months, and are notified of the decisions about two months after submission. In addition to accept and reject decisions, papers may receive resubmit with major revisions decisions, in which case authors are invited to revise and resubmit their article to one of the following two issues. We endeavor to assign the same reviewers to revised versions. Papers accepted for an issue in the PoPETS 2019 volume must be presented at the symposium PETS 2019.

For more information, please see https://petsymposium.org/cfp19.php.

August 2019

USENIX-Security 2019 28th USENIX Security Symposium, Santa Clara, CA, USA, August 14-16, 2019. (Submission Due 15 November 2018, 15 February 2019) [posted here 10/15/18]
The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the security and privacy of computer systems and networks. The USENIX Security Symposium is moving to multiple submission deadlines for USENIX Security í19. This change includes changes to the review process and submission policies. Detailed information is available on the USENIX Security Publication Model Changes web page at www.usenix. org/conference/usenixsecurity19/publication-model-change. All researchers are encouraged to submit papers covering novel and scientifically significant practical works in computer security. There will be two quarterly submission deadlines for USENIX Security í19. The fall quarter submissions deadline is Thursday, November 15, 2018, 5:00 pm PST. The winter quarter submissions deadline is Friday, February 15, 2019, 5:00 pm PST. The Symposium will span three days with a technical program including refereed papers, invited talks, posters, panel discussions, and Birds-of-a-Feather sessions. Co-located events will precede the Symposium on August 12 and 13.

For more information, please see https://www.usenix.org/conference/usenixsecurity19.