The 33rd IEEE Symposium on Security & Privacy
May 20-23, 2012
San Francisco Bay Area
Sponsored by the IEEE Computer Society Technical Committee of Security and Privacy
(In cooperation with the International Association for Cryptologic Research (IACR)

Since 1980, the IEEE Symposium on Security and Privacy (S&P) has been the premier
forum for computer security research, presenting the latest developments and
bringing together researchers and practitioners.

We solicit previously unpublished papers offering novel research contributions
in any aspect of computer security or privacy. Papers may present advances in
the theory, design, implementation, analysis, verification, or empirical
evaluation of secure systems.

Topics of interest include:
Access control	 
Application security	 
Attacks and defenses
Censorship and censorship-resistance
Distributed systems security	 
Embedded systems security
Hardware security
Intrusion detection	 
Language-based security
Network security	 
Privacy-preserving systems
Protocol security	 
Secure information flow	 
Security and privacy policies
Security architectures	 
System security
Usability and security	 
Web security

This topic list is not meant to be exhaustive; S&P is interested in all aspects
of computer security and privacy. Papers without a clear application to security
or privacy, however, will be considered out of scope and may be rejected without
full review. See below for detailed submission instructions.


Following the success of the previous year's conference, we are also soliciting
papers focused on systematization of knowledge. The goal of this call is to
encourage work that evaluates, systematizes, and contextualizes existing
knowledge. These papers will provide a high value to our community but would
otherwise not be accepted because they lack novel research
contributions. Suitable papers include survey papers that provide useful
perspectives on major research areas, papers that support or challenge long-held
beliefs with compelling evidence, or papers that provide an extensive and
realistic evaluation of competing approaches to solving specific
problems. Submissions will be distinguished by a checkbox on the submission
form. They will be reviewed by the full PC and held to the same standards as
traditional research papers, except instead of emphasizing novel research
contributions the emphasis will be on value to the community. Accepted papers
will be presented at the symposium and included in the proceedings.


Co-located workshops will be part of the Symposium.  Workshop
proposals should be sent by Friday, 15 August 2011. See the Security
and Privacy Workshop website at http://www.ieee-security.org/TC/SPW2012
for information about submitting a workshop proposal.


All deadlines are 23:59 PST (UTC-8). Absolutely no extensions!

Workshop proposals due: Monday, 15 August 2011
Research papers and Systematization of Knowledge papers due: Wednesday, 16 November 2011
Acceptance notification: Wednesday, 1 Feb 2012
Final papers due: Monday, 5 March 2012


These instructions apply to both the research papers and systematization of
knowledge papers.

All submissions must be original work; the submitter must clearly
document any overlap with previously published or simultaneously
submitted papers from any of the authors. Simultaneous submission of
the same paper to another venue with proceedings or a journal is not
allowed and will be grounds for automatic rejection.  Contact the
program committee chairs if there are questions about this policy.

Papers must submitted using the conference submission server:

Submissions may be started now, and updated at any time until the submission
deadline expires.


Papers must be submitted in a form suitable for anonymous review: no author
names or affiliations may appear on the title page, and papers should avoid
revealing their identity in the text. When referring to your previous work, do
so in the third person, as though it were written by someone else. Only blind
the reference itself in the (unusual) case that a third-person reference is
infeasible. Contact the program chairs if you have any questions. Papers that
are not properly anonymized may be rejected without review.


Papers must not exceed 15 pages total (including the references and
appendices). Papers must be formatted for US letter (not A4) size paper with
margins of at least 3/4 inch on all sides. The text must be formatted in a
two-column layout, with columns no more than 9 in. high and 3 1/4 in. wide. The
text must be in Times font, 10-point or larger, with 12-point or larger line
spacing. Authors are encouraged to use the IEEE conference proceedings templates
found at: http://www.computer.org/portal/web/cscps/formatting


Papers should be submitted in Portable Document Format (.pdf). Authors should
pay special attention to unusual fonts, images, and figures that might create
problems for reviewers. Your document should render correctly in Adobe Reader 9
and when printed in black and white.  


Authors are responsible for obtaining appropriate publication clearances;
authors of accepted papers are expected to sign IEEE copyright release
forms. One of the authors of the accepted paper is expected to present the paper
at the conference.  Submissions received after the submission deadline or
failing to conform to the submission guidelines risk rejection without review.

For more information, contact the Program Co-Chairs at:


There will be a poster session at an evening reception during the
conference. Posters are solicited that present recent and ongoing research on
topics related to security and privacy. The poster session is an excellent
opportunity to obtain feedback on ongoing work. More information on poster
submissions will be available on the conference website 


A continuing feature of the symposium is a session of 5-minute talks where
attendees can present preliminary research results and new ideas. More
information on work-in-progress talk submissions will be available on the
conference website soon.


Program Committee Co-Chairs: Somesh Jha, University of Wisconsin and Wenke Lee, Georgia Tech

Guiseppe Ateniese, Johns Hopkins
Michael Backes, MPI
Michael Bailey, U of Michigan
Kevin Borders, NSA
Hebert Bos, Vrije Universiteit Amsterdam 
David Brumley, Carnegie Mellon University
Kevin Butler, U of Oregon
Cristian Cadar, Imperial College
Shuo Chen, MSR
Weidong Cui, MSR
Robert Cunningham, MIT Lincoln Labs
Anupam Dutta, Carnegie Mellon University
William Enck, NC State
David Evans, U of Virginia
Nick Feamster, Georgia Tech
Debin Gao, Singapore Management University
Jon Giffin, Georgia Tech
Virgil Gligor, Carnegie Mellon University
Steve Gribble, U of Washington
Guofei Gu, Texas A&M
Engin Kirda, Northeastern University
Shriram Krishnamurthi, Brown University  
Christopher Kruegel, UCSB
David Molnar, MSR
Arvind Narayanan, Stanford University
Cristina Nita-Rotaru, Purdue University
Brian Payne, Sandia National Labs
Adrian Perrig, Carnegie Mellon University
J. Alex Halderman, U of Michigan
Thorsten Holz, ISEC Labs
Ninghui Li, Purdue University
Ben Livshits, MSR
Z. Morley Mao, U of Michigan
Jonathan McCune, Carnegie Mellon University
Patrick McDaniel, Penn State University
Andrew Myers, Cornell University
Roberto Perdisci, University of Georgia
Zachary N. J. Peterson, Naval Postgraduate School
Thomas Ristenpart, U of Wisconsin
William Robertson, Berkeley
R. Sekar, Stony Brook
Greg Shannon, CMU/CERT
Kapil Singh, IBM Research
Radu Sion, Stony Brook
Angelos Stavrou, Goerge Mason University
Patrick Traynor, Georgia Tech
Dan Wallach, Rice University
Xiaofeng Wang, Indiana University