Cipher Upcoming Conferences
Cipher
Calls for Papers



IEEE Computer Society's Technical Committee on Security and Privacy


 


Calls for Papers

Last Modified:09/18/17

Upcoming Conferences and Workshops

Note: The submission date has passed.

September 2017

FDTC 2017 14th Workshop on Fault Diagnosis and Tolerance in Cryptography, Taipei, Taiwan, September 25, 2017. [posted here 04/17/17]
Fault injection is one of the most exploited means for extracting confidential information from embedded devices and for compromising their intended operation. Therefore, research on developing methodologies, techniques, architectures and design tools for robust cryptographic systems (both hardware and software), and on protecting them against both accidental faults and intentional attacks is essential. Of particular interest are models and metrics for quantifying the protection of systems and protocols against malicious injection of faults and to estimate the leaked confidential information. FDTC is the reference event in the field of fault analysis, attacks and countermeasures. Topics of interest include but are not limited to:
- Fault injection and exploitation: mechanisms (e.g., using lasers, electromagnetic induction, or clock / power supply manipulation), attacks on cryptographic devices (HW and SW) or protocols, combined implementation attacks
- Countermeasures: Fault resistant hardware / implementations of cryptographic algorithms, countermeasures to detect fault injections, techniques providing fault tolerance (inherent reliability), fault resistant protocols, measures to prevent fault injection (e.g., physical protection, fault diagnosis)
- Models and metrics for fault attack analysis: metrics for fault attacks robustness and the leaked information, models of fault injection, modeling and analysis (e.g., modeling the reliability of systems or protocols)
- Fault attack resistant architectures: fault attack resistant processor designs, fault attack resistant hardware, fault attack resistant software
- Design tools supporting analysis of fault attacks and countermeasures: early estimation of fault attack robustness, automatic applications of fault countermeasures, fault attacks and reliability
- Case studies of attacks, fault diagnosis, and tolerance techniques

For more information, please see http://conferenze.dei.polimi.it/FDTC17/index.html.

WISTP 2017 11th International Conference on Information Security Theoryand Practice, Crete, Greece, September 28-29, 2017. [posted here 05/29/17]
The 11th WISTP International Conference on Information Security Theory and Practice (WISTP'2017) seeks original submissions from academia and industry presenting novel research on all theoretical and practical aspects of security and privacy, as well as experimental studies of fielded systems, the application of security technology, the implementation of systems, and lessons learned. We encourage interdisciplinary contributions bringing law, business, and policy perspectives on security issues. Submissions with regards to the security of future ICT technologies, such as cyber-physical systems, cloud services, data science and the Internet of Things are particularly welcome.

For more information, please see http://www.wistp.org.

October 2017

CPS-Sec 2017 IEEE International Workshop on Cyber-Physical Systems Security, Held in Conjunction with the IEEE Conference on Communications and Network Security (CNS 2017), Las Vegas, NV, USA, October 9-11, 2017. [posted here 06/19/17]
The CPS-Sec Workshop will primarily focus on the security and privacy aspects of Cyber-Physical Systems and Internet of Things. The workshop will include papers (both novel and work-in-progress submissions), invited talks, panels, and discussions to facilitate the exchange of research ideas in a community environment. We are sure that the CPS-Sec workshop will greatly benefit from your contributions.

For more information, please see http://cns2017.ieee-cns.org/workshop/cps-sec-international-workshop-cyber-physical-systems-security.

LASER 2017 Workshop on Learning from Authoritative Security Experiment Results, Arlington, VA, USA, October 18-19, 2017. [posted here 06/12/17]
The LASER workshop series focuses on learning from and improving cybersecurity experimental results. It explores both positive and negative results, the latter of which are not often published. LASER's overarching goal is to foster a dramatic change in the paradigm of cyber security research and experimentation, improving the overall quality of practiced science. This year, LASER's goal will be to improve the rigor and quality of security experimentation by providing a venue where cybersecurity researchers can discuss experimental methods and present research that exemplifies sound scientific practice. We particularly encourage papers in three areas:
- Well-designed security experiments, with positive or negative results.
- Experimental techniques that help address common sources of error.
- Replications (successful or failed) of previously published experiments.

For more information, please see http://2017.laser-workshop.org/submissions/call-papers.

AsianHOST 2017 IEEE Asian Hardware-Oriented Security and Trust Symposium, Beijing, China, October 19-20, 2017. [posted here 04/03/17]
IEEE Asian Hardware Oriented Security and Trust Symposium (AsianHOST) aims to facilitate the rapid growth of hardware security research and development in Asia and South Pacific areas. AsianHOST highlights new results in the area of hardware and system security. Relevant research topics include techniques, tools, design/test methods, architectures, circuits, and applications of secure hardware. AsianHOST 2017 invites original contributions related to, but not limited by, the following topics:
- Hardware Trojan attacks and detection techniques
- Side-channel attacks and countermeasures
- Metrics, policies, and standards related to hardware security
- Secure system-on-chip (SoC) architecture
- Security rule checks at IP, IC, and System levels
- Hardware IP trust (watermarking, metering, trust verification)
- FPGA security
- Trusted manufacturing including split manufacturing, 2.5D, and 3D ICs
- Emerging nanoscale technologies in hardware security applications
- Security analysis and protection of Internet of Things (IoT)
- Cyber-physical system (CPS) security and resilience
- Reverse engineering and hardware obfuscation at all levels of abstraction
- Supply chain risks mitigation including counterfeit detection & avoidance
- Hardware techniques that ensure software and/or system security
- Analysis of real attacks and threat evaluation

For more information, please see http://asianhost.org/2017/.

CTC 2017 7th International Symposium on Secure Virtual Infrastructures - Cloud and Trusted Computing, Rhodes, Greece, October 23-24, 2017. [posted here 03/27/17]
Current and future service-based software needs to remain focused towards the development and deployment of large and complex intelligent and networked information systems, required for internet-based and intranet-based systems in organizations, as well to move to IoT integration and big data analytics. Today, service-based software covers a very wide range of application domains as well as technologies and research issues. This has found realization through Cloud Computing, Big Data, and IoT. Vital element in such networked, virtualized, and sensor-based information systems are the notions of trust, security, privacy and risk management. The conference solicits submissions from both academia and industry presenting novel research in the context of Cloud Computing, Big Data, and IoT, presenting theoretical and practical approaches to cloud, big data, and IoT trust, security, privacy and risk management. The conference will provide a special focus on the intersection between cloud paradigm, big data analytics, and IoT integration, bringing together experts from the three communities to discuss on the vital issues of trust, security, privacy and risk management in Cloud Computing, shedding the light on novel issues and requirements in big data and IoT domains. Potential contributions could cover new approaches, methodologies, protocols, tools, or verification and validation techniques. We also welcome review papers that analyze critically the current status of trust, security, privacy and risk management in the cloud, big data, and IoT. Papers from practitioners who encounter trust, security, privacy, and risk management problems, and seek understanding are finally welcome. For 2017, a special emphasis will be put on "Secure and Trustworthy Big Data Analytics and IoT Integration: From the Periphery to the Cloud".

For more information, please see http://www.otmconferences.org/index.php/conferences/ctc-2017.

GameSec 2017 8th Conference on Decision and Game Theory for Security, Vienna, Austria, October 23-25, 2017. [posted here 02/20/17]
The goal of GameSec is to bring together academic and industrial researchers in an effort to identify and discuss the major technical challenges and recent results that highlight the connection between game theory, control, distributed optimization, economic incentives and real world security, reputation, trust and privacy problems in a variety of technological systems. Submissions should solely be original research papers that have neither been published nor submitted for publication elsewhere.
- Game theory and mechanism design for security and privacy
- Pricing and economic incentives for building dependable and secure systems
- Dynamic control, learning, and optimization and approximation techniques
- Decision making and decision theory for cybersecurity and security requirements engineering
- Socio-technological and behavioral approaches to security
- Risk assessment and risk management
- Security investment and cyber insurance
- Security and privacy for the Internet-of-Things (IoT), cyber-physical systems, resilient control systems
- New approaches for security and privacy in cloud computing and for critical infrastructure
- Security and privacy of wireless and mobile communications, including user location privacy
- Game theory for intrusion detection
- Empirical and experimental studies with game-theoretic or optimization analysis for security and privacy

For more information, please see http://www.gamesec-conf.org/cfp.php.

FPS 2017 10th International Symposium on Foundations & Practice of Security, Nancy, France, October 23-25, 2017. [posted here 05/22/17]
Protecting the communication and data infrastructure of an increasingly inter-connected world has become vital to the normal functioning of all aspects of our world. Security has emerged as an important scientific discipline whose many multifaceted complexities deserve the attention and synergy of the mathematical, computer science and engineering communities. The aim of FPS is to discuss and exchange theoretical and practical ideas that address security issues in inter-connected systems. It aims to provide scientific presentations as well as to establish links, promote scientific collaboration, joint research programs, and student exchanges between institutions involved in this important and fast moving research field. We also invite papers from researchers and practitioners working in security, privacy, trustworthy data systems and related areas to submit their original papers.

For more information, please see http://fps2017.loria.fr/.

ISDDC 2017 International Conference on Intelligent, Secure and Dependable Systems in Distributed and Cloud Environments, Vancouver, BC, Canada, October 25-27, 2017. [posted here 03/13/17]
The integration of network computing and mobile systems offers new challenges with respect to the dependability of integrated applications. At the same time, new threat vectors have emerged that leverage and magnify traditional hacking methods, enabling large scale and intelligence-driven attacks against a variety of platforms, including mobile, cloud, Internet-of-things (IoT), as well as conventional networks. The consequence of such fast evolving environment is the pressing need for effective and efficient paradigms, approaches, and tools for building, maintaining, and managing secure and dependable systems. This conference solicits papers addressing issues related to the design, analysis, and implementation, of dependable and secure infrastructures, systems, architectures, algorithms, and protocols that deal with network computing, mobile/ubiquitous systems, cloud systems, and IoT systems. The goal of the ISDDC 2017 conference is to provide a forum for researchers, students, scientists and engineers working in academia and industry to share their experiences, new ideas and research results in the above-mentioned areas.

For more information, please see http://www.scs.ryerson.ca/iwoungan/ISDDC17/.

WPES 2017 Workshop on Privacy in the Electronic Society, Dallas, Texas, USA, October 30, 2017. [posted here 05/22/17]
The need for privacy-aware policies, regulations, and techniques has been widely recognized. This workshop discusses the problems of privacy in the global interconnected societies and possible solutions. The 2017 Workshop, held in conjunction with the ACM CCS conference, is the sixteenth in a yearly forum for papers on all the different aspects of privacy in today's electronic society. The workshop seeks submissions from academia and industry presenting novel research on all theoretical and practical aspects of electronic privacy, as well as experimental studies of fielded systems. We encourage submissions from other communities such as law and business that present these communities' perspectives on technological issues. Topics of interest include, but are not limited to, anonymization and trasparency, crowdsourcing for privacy and security, data correlation and leakage attacks, data security and privacy, data and computations integrity in emerging scenarios, electronic communication privacy, economics of privacy, information dissemination control, models, languages, and techniques for big data protection, personally identifiable information, privacy-aware access control, privacy and anonymity on the web, privacy in biometric systems, privacy in cloud and grid systems, privacy and confidentiality management, privacy and data mining, privacy in the Internet of Things, privacy in the digital business, privacy in the electronic records, privacy enhancing technologies, privacy and human rights, privacy in health care and public administration, privacy metrics, privacy in mobile systems, privacy in outsourced scenarios, privacy policies, privacy vs. security, privacy of provenance data, privacy in social networks, privacy threats, privacy and virtual identity, user profiling, and wireless privacy.

For more information, please see https://cs.pitt.edu/wpes2017.

MIST 2017 9th ACM CCS International Workshop on Managing Insider Security Threats, Dallas, USA, October 30 - November 3, 2017. [posted here 05/15/17]
During the past two decades, information security technology developments have been mainly concerned with intrusion detection to prevent unauthorized attacks from outside the network. This includes hacking, virus propagation, spyware and more. However, according to a recent Gartner Research Report, information leaks have drastically increased from insiders who are legally authorized to access corporate information. The unauthorized leak of critical or proprietary information can cause significant damage to corporate image and reputation, perhaps even weakening its competitiveness in the marketplace. On a larger scale, government and public sectors may suffer competitive loss to other nations due to an internal intelligence breach. While the leaking of critical information by insiders has a lower public profile than that of viruses and hacker attacks, the financial impact and loss can be just as devastating. The objective of this workshop is to showcase the most recent challenges and advances in security and cryptography technologies and management systems for preventing information breaches by insiders. The workshop promotes state-of-the-art research, surveys and case analyses of practical significance. Physical, managerial, and technical countermeasures will be covered in the context of an integrated security management system that protects critical cyber-infrastructure against unauthorized internal attack. We expect that this workshop will be a trigger for further research and technology improvements related to this important subject.

For more information, please see http://isyou.info/conf/mist17.

November 2017

SSS 2017 19th Annual International Symposium on Stabilization, Safety, and Security of Distributed Systems, Boston, Massachusetts, USA, November 5-8, 2017. [posted here 05/01/17]
SSS is an international forum for researchers and practitioners in the design and development of distributed systems with a focus on systems that are able to provide guarantees on their structure, performance, and/or security in the face of an adverse operational environment. Research in distributed systems is now at a crucial point in its evolution, marked by the importance and variety of dynamic distributed systems such as peer-to-peer networks, large-scale sensor networks, mobile ad-hoc networks, and cloud computing. Moreover, new applications such as grid and web services, distributed command and control, and a vast array of decentralized computations in a variety of disciplines has driven the need to ensure that distributed computations are self-stabilizing, performant, safe and secure. The symposium takes a broad view of the self-managed distributed systems area and encourages the submission of original contributions spanning fundamental research and practical applications within its scope, covered by the three symposium tracks: (i) Stabilizing Systems: Theory and Practice, (ii) Distributed Computing and Communication Networks, as well as (iii) Computer Security and Information Privacy.

For more information, please see http://bitly.com/SSS-2017.

NordSec 2017 22nd Nordic Conference on Secure IT Systems, Tartu, Estonia, November 8-10, 2017. [posted here 06/19/17]
NordSec addresses a broad range of topics within IT security with the aim of bringing together computer security researchers and encouraging interaction between academia and industry. We invite participants to present their ideas in poster sessions during lunches and coffee breaks. NordSec 2017 welcomes contributions within, but not limited to, the following areas:
- Access control and security models
- Applied cryptography
- Blockchains
- Cloud security
- Commercial security policies and enforcement
- Cryptanalysis
- Cryptographic protocols
- Cyber crime, warfare, and forensics
- Economic, legal, and social aspects of security
- Enterprise security
- Hardware and smart card security
- Mobile and embedded security
- Internet of Things and M2M security
- Internet, communication, and network security
- Intrusion detection
- Language-based techniques for security
- New ideas and paradigms in security
- Operating system security
- Privacy and anonymity
- Public-key cryptography
- Security and machine learning
- Security education and training
- Security evaluation and measurement
- Security management and audit
- Security protocols
- Security usability
- Social engineering and phishing
- Software security and malware
- Symmetric cryptography
- Trust and identity management
- Trusted computing
- Vulnerability testing
- Web application security

For more information, please see http://nordsec2017.cs.ut.ee.

CECC 2017 Central European Cybersecurity Conference, Ljubljana, Slovenia, November 16-17, 2017. [posted here 05/29/17]
The Central European Cybersecurity Conference – CECC 2017 aims at establishing a venue for the exchange of information on cybersecurity and its many aspects in central Europe. CECC 2017 encourages the dialogue between researchers of technical and social aspects of cybersecurity, both crucial in attaining adequate levels of cybersecurity. Complementary contributions dealing with its economic aspects as well as any legal, investigation or other issues related to cybersecurity are welcome, too. All accepted and presented research papers will be available in Open Access conference proceedings published by the University of Maribor Press and submitted for indexing by DBLP, Elsevier SCOPUS and Thomson Reuters Web of Science™ Core Collection.

For more information, please see https://www.fvv.um.si/cecc2017/.

December 2017

ACSAC 2017 33rd Annual Computer Security Applications Conference, San Juan, Puerto Rico, December 4-8, 2017. [posted here 01/23/17]
The Annual Computer Security Applications Conference (ACSAC) is an internationally recognized forum where practitioners, researchers, and developers in information and system security meet to learn and to exchange practical ideas and experiences. If you are developing, researching, or implementing practical security solutions, consider sharing your experience and expertise at ACSAC. We are especially interested in submissions that address the application of security technology, the implementation of systems, and lessons learned. Some example topics are:
- Access Control
- Anonymity
- Applied Cryptography
- Assurance
- Audit
- Biometrics
- Security case studies
- Cloud Security
- Cyber-Physical Systems
- Denial of Service Protection
- Distributed Systems Security
- Embedded Systems Security
- Enterprise Security Management
- Evaluation and Compliance
- Digital Forensics
- Identity Management
- Incident Response
- Insider Threat Protection
- Integrity
- Intrusion Detection
- Intellectual Property
- Malware
- Mobile/Wireless Security
- Multimedia Security
- Network Security
- OS Security
- P2P Security
- Privacy & Data Protection
- Privilege Management
- Resilience
- Security and Privacy of the Internet of Things
- Security Engineering
- Software Security
- Supply Chain Security
- Trust Management
- Trustworthy Computing
- Usability and Human-centric Aspects of Security
- Virtualization Security
- Web Security

For more information, please see http://www.acsac.org.

January 2018
February 2018
March 2018

CODASPY 2018 8th ACM Conference on Data and Application Security and Privacy, Tempe, AZ, USA, March 19-21, 2018. [posted here 07/03/17]
CODASPY has had seven successful years and the goal of the conference is to discuss novel, exciting research topics in data and application security and privacy, and to lay out directions for further research and development in this area. The conference seeks submissions from diverse communities, including corporate and academic researchers, open-source projects, standardization bodies, governments, system and security administrators, software engineers and application domain experts. Topics of interest include, but are not limited to:
- Application-layer security policies
- Access control for applications
- Access control for databases
- Data-dissemination controls
- Data forensics
- Enforcement-layer security policies
- Privacy-preserving techniques
- Private information retrieval
- Search on protected/encrypted data
- Secure auditing
- Secure collaboration
- Secure data provenance
- Secure electronic commerce
- Secure information sharing
- Secure knowledge management
- Secure multiparty computation
- Secure software development
- Securing data/apps on untrusted platforms
- Securing the semantic web
- Security and privacy in GIS/spatial data
- Security and privacy in healthcare
- Security and privacy in the Internet of Things
- Security policies for databases
- Social computing security and privacy
- Social networking security and privacy
- Trust metrics for applications, data, and users
- Usable security and privacy
- Web application security

For more information, please see http://www.ycheng.org/codaspy/2018/index.html.