The 17th Annual Workshop on the Economics of Information Security (WEIS 2018) 
Innsbruck, Austria, 
June 18-19, 2018


Information security and privacy continue to grow in importance, as
threats proliferate, privacy erodes, and attackers find new sources of
value. Yet the security of information systems and the privacy offered
by them depends on more than just technology. Each requires an
understanding of the incentives and trade-offs inherent to the
behavior of people and organizations. As society's dependence on
information technology has deepened, policy-makers have taken
notice. Now more than ever, careful research is needed to characterize
accurately threats and countermeasures, in both the public and private

The Workshop on the Economics of Information Security (WEIS) is the
leading forum for interdisciplinary scholarship on information
security and privacy, combining expertise from the fields of
economics, social science, business, law, policy, and computer
science. Prior workshops have explored the role of incentives between
attackers and defenders of information systems, identified market
failures surrounding Internet security, quantified risks of personal
data disclosure, and assessed investments in cyber-defense. The 2018
workshop will build on past efforts using empirical and analytic tools
not only to understand threats, but also to strengthen security and
privacy through novel evaluations of available solutions.

We encourage economists, computer scientists, legal scholars, business
school researchers, security and privacy specialists, as well as
industry experts to submit their research and participate by attending
the workshop. Suggested topics include (but are not limited to)
empirical and theoretical studies of:

* Optimal investment in information security 
* Models and analysis of online crime (including botnets, ransomware, and 
  underground markets) 
* Cyber-risk quantification and cyber-insurance 
* Security standards and regulation 
* Vulnerability discovery, disclosure, and patching 
* Incentives for information sharing and cooperation 
* Cyber-security policy 
* Economics of privacy and anonymity 
* Behavioral security and privacy 
* Incentives for and against pervasive monitoring threats 
* Cyber-defense strategy 


Submitted manuscripts should represent significant and novel research
contributions. WEIS has no formal formatting guidelines. Previous
contributors spanned fields from economics and psychology to computer
science and law, each with different norms and expectations about
manuscript length and formatting. This year, authors have the option
to submit their manuscripts in anonymized form for double-blind
review. Advisable rules of thumb include: using past WEIS accepted
papers as templates and adhering to your community's publication

Authors whose papers appear at the workshop will be invited to submit
a revised version to a special issue of the Journal of Cybersecurity,
an interdisciplinary open access journal published by Oxford
University Press.  Revised papers will undergo an additional round of
peer review after the workshop, and accepted papers will appear in the
special issue. Please note that publication charges must be paid to
facilitate open access, but a publishing fund is available to authors
whose institutions cannot pay. For more information please see .

Submission Deadline: February 18, 2018
Notification of Acceptance: March 31, 2018
Final Papers Due: May 25, 2018


Rainer Böhme, University of Innsbruck 


Alessandro Acquisti, Carnegie Mellon University 
Ross Anderson, Cambridge University 
Daniel Arce, UT Dallas 
Hadi Asghari, TU Delft 
Terrence August, UC San Diego 
Johannes Bauer, Michigan State University 
Joseph Bonneau, New York University 
Laura Brandimarte, University of Arizona 
Jean Camp, Indiana University 
Jonathan Cave, RAND Europe 
Huseyin Cavusoglu, University of Texas at Dallas 
Nicolas Christin, Carnegie Mellon University 
John Chuang, UC Berkeley 
Richard Clayton, University of Cambridge 
Ben Edelman, Harvard Business School 
Ben Edwards, IBM Research 
Serge Egelman, ICSI & UC Berkeley 
M. Eric Johnson, Vanderbilt University 
Allan Friedman, US Department of Commerce 
Neil Gandal, Tel Aviv University 
Dan Geer, In-Q-Tel 
Lawrence Gordon, University of Maryland 
Jens Grossklags, TU Munich 
Chad Heitzenrater, Air Force Research Laboratory 
Cormac Herley, Microsoft Research 
Kai-Lung Hui, Hong Kong University of Science and Technology 
Aron Laszka, Vanderbilt University 
Martin Loeb, University of Maryland 
Thomas Maillart, University of Geneva 
Fabio Massacci, University of Trento 
Kanta Matsuura, University of Tokyo 
Damon McCoy, New York University 
Katerina Mitrokotsa, Chalmers University of Technology 
Tyler Moore, University of Tulsa 
Milton Mueller, Georgia Tech 
Arvind Narayanan, Princeton University 
Andrew Odlyzko, University of Minnesota 
Wolter Pieters, TU Delft 
David Pym, University College London 
Sam Ransbotham, Boston College 
Sasha Romanosky, RAND 
Rahul Telang, Carnegie Mellon University 
Catherine Tucker, MIT 
Michel van Eeten, Delft University of Technology 
Liad Wagman, Illinois Institute of Technology 
Julian Williams, Durham University 
Dmitry Zhdanov, Georgia State University