Commentary and Opinion
Richard Austin's review of Cyber-Physical Attacks: A Growing Invisible Threat by George Loukas
NewsBits: Announcements and correspondence from readers (please contribute!)
Listing of academic positions available by
We are hiring a tenured or tenure track faculty in Security Informatics at Indiana!!! Security informatics is interdisciplinary computer security. Research which connects with other Informatics groups is highly desirable (e.g., HCI, data science, social informatics, complex systems, or health informatics). We are a college town with a great security group. Bloomington punches above its weight, with an opera season, a ballet season, an off-Broadway season, four symphonic orchestras, four university stand-alone museums, and an annual world-class music festival.
****** Official Announcement **********
The School of Informatics and Computing (SoIC) at Indiana University Bloomington invites applications for a faculty position in Security Informatics. The position is open at all levels (assistant, associate, or full professor). Duties include teaching, research, and service.
Applications are welcome from information and computer scientists in a wide range of areas including but not limited to usable security, human-centered design, identity, social informatics of security, and design for privacy.
Applicants should have an established record (for senior level) or demonstrable potential for excellence (for junior level) in research and teaching, and a PhD in a relevant area or (for junior level) expected before 8/2016.
The SoIC is the first of its kind and among the largest in the country, with unsurpassed breadth. Its mission is to excel and lead in education, research, and outreach spanning and integrating the full breadth of computing and information technology. It includes Computer Science, Informatics, and Information and Library Science, with over 100 faculty, 900 graduate students, and 1500 undergraduate majors on the Bloomington Campus. It offers PhDs in Computer Science, Informatics, and Information Science.
Bloomington is a culturally thriving college town with a moderate cost of living and the amenities for an active lifestyle. Indiana University is renowned for its top-ranked music school, high-performance computing and networking facilities, and performing and fine arts.
Conference and Workshop Announcements
Cipher calendar announcements are on Twitter; follow "ciphernews"
new calls or announcements added since Cipher E128 (the calls-for-papers and the calendar announcements may differ slightly in content or time of update):
ASIACCS 2016 11th ACM Asia Conference on Computer and Communications Security, Xi'an, China, May 31 - June 3, 2016. (Submission Due 27 November 2015)
Building on the success of ACM Conference on Computer and Communications Security (CCS) and ACM Transactions on Information and System Security (TISSEC), the ACM Special Interest Group on Security, Audit, and Control (SIGSAC) formally established the annual ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS). The inaugural ASIACCS was held in Taipei (2006). Since then ASIACCS has been held in Singapore (2007), Tokyo (2008), Sydney (2009), Beijing (2010), Hong Kong (2011), Seoul (2012), Hangzhou (2013), Kyoto (2014), and Singapore (2015). Considering that this series of meetings has moved beyond a symposium and it is now widely regarded as the Asia version of CCS, the full name of AsiaCCS is officially changed to ACM Asia Conference on Computer and Communications Security starting in June 2015. The 11th ACM Asia Conference on Computer and Communications Security (ASIACCS 2016) will be held in 31 May - 3 June, 2016 in Xi'an, China. We invite submissions from academia, government, and industry presenting novel research on all theoretical and practical aspects of computer and network security. Areas of interest for ASIACCS 2016 include, but are not limited to:
SPT-IOT 2016 1st IEEE PERCOM Workshop on Security, Privacy and Trust in the Internet of Things, Held in conjunction with IEEE PERCOM 2016, Sydney, Australia, March 14-18, 2016. (Submission Due 27 November 2015)
The Internet of Things (IoT) is a novel design paradigm, envisioned as a network of billions or trillions of machines communicating with one another and rapidly gaining global attention from academia, industry, and government. Pervasive computing is at the heart of IoT and forms a fundamental building block necessary to realize the IoT. Equipped with pervasive technologies such as RFID and smart dust in addition to sensors, actuators and machine-to-machine (M2M) devices, IoT has the potential to offer innovative solutions to global challenges faced by ageing populations, climate change, growing cost of healthcare as well as how we manage our environment and natural resources.. The heterogeneous nature of the IoT as well as the computational constraints of many of the building blocks of the IoT make security, privacy and trust a challenging problem to solve on the one hand, while security, privacy and trust play a critical role for most if not all applications of IoT in domains such as surveillance, healthcare, security, transport, food safety, manufacturing, logistics and supply chain management. Without effective solutions for security, privacy and trust reliable data fusion and mining, qualified services with context-aware intelligence and enhanced user acceptance and experience cannot be achieved. The proposed IEEE Percom workshop on Security, Privacy and Trust for IoT aims to provide a forum that brings together researchers from academia as well as practitioners from industry, standardization bodies, and government to meet and exchange ideas on recent research and future directions for the IoT with a specific focus on IoT security, privacy and trust. The technical discussion will be focused on the communications and network security aspects of IoT and the key enabling technologies for IoT, especially M2M communications and networking, RFID technology and Near Field Communications (NFC), the challenges to security, privacy and trust presented and novel approaches to solving these challenges. The technical topics of interest to the workshop include, but are not limited to:
ACM Transactions on Internet Technology, Special Issue on Internet of Things (IoT): Secure Service Delivery. (Submission Due 30 November 2015)
Editors: Elisa Bertino (Purdue University, USA),
Kim-Kwang Raymond Choo (University of South Australia, Australia),
Dimitrios Georgakopoulos (RMIT University, Australia),
and Surya Nepal (CSIRO, Australia).
The aim of this special section is to bring together cutting-edge research with particular emphasis on novel and innovative techniques to ensure the security and privacy of IoT services and users. We solicit research contributions and potential solutions for IoT-based secure service delivery anywhere and at any time. This special section emphasizes service-level considerations. Topics of interest include, but are not limited to:
PETS 2016 16th Privacy Enhancing Technologies Symposium, Darmstadt, Germany, July 19-22, 2016. (Submission Due 31 August 2015, 30 November 2015, or 29 February 2016)
The annual Privacy Enhancing Technologies Symposium (PETS) brings together privacy experts from around the world to discuss recent advances and new perspectives on research in privacy technologies. New model as of PETS 2015: Papers undergo a journal-style reviewing process and accepted papers are published in the journal Proceedings on Privacy Enhancing Technologies (PoPETs). PoPETs, a scholarly, open access journal for timely research papers on privacy, has been established as a way to improve reviewing and publication quality while retaining the highly successful PETS community event. Authors can submit papers to PoPETs four times a year, every three months on a predictable schedule. Authors are notified of the decisions about two months after submission. In addition to accept and reject decisions, papers may be provided with 'major revision' decisions, in which case authors are invited to revise and resubmit their article to one of the following two submission deadlines. NEW as of PETS 2016: PETS 2016 also solicits submissions for Systematization of Knowledge (SoK) papers. These are papers that critically review, evaluate, and contextualize work in areas for which a body of prior literature exists, and whose contribution lies in systematizing the existing knowledge in that area. Authors are encouraged to view our FAQ about the submission process. Suggested topics include but are not restricted to:
IWSPA 2016 International Workshop on Security And Privacy Analytics, Co-located with ACM CODASPY 2016, New Orleans, LA, USA, March 11, 2016. (Submission Due 1 December 2015)
Increasingly, sophisticated techniques from machine learning, data mining, statistics and natural language processing are being applied to challenges in security and privacy fields. However, experts from these areas have no medium where they can meet and exchange ideas so that strong collaborations can emerge, and cross-fertilization of these areas can occur. Moreover, current courses and curricula in security do not sufficiently emphasize background in these areas and students in security and privacy are not emerging with deep knowledge of these topics. Hence, we propose a workshop that will address the research and development efforts in which analytical techniques from machine learning, data mining, natural language processing and statistics are applied to solve security and privacy challenges (security analytics). Submissions of papers related to methodology, design, techniques and new directions for security and privacy that make significant use of machine learning, data mining, statistics or natural language processing are welcome. Furthermore, submissions on educational topics and systems in the field of security analytics are also highly encouraged.
SDN-NFV Security 2016 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, Co-located with ACM CODASPY 2016, New Orleans, LA, USA, March 11, 2016. (Submission Due 1 December 2015)
Software-Defined Networking (SDN) and Network Function Virtualization (NFV) are two emerging networking paradigms, which introduce significant granularity, visibility, flexibility and elasticity to networking, but at the same time bring forth new security challenges. The ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization (SDN-NFV Security 2016) will take place in New Orleans, LA, USA, on March 11, 2016. The target audience will be university researchers, scientists, and industry professionals who need to become acquainted with new theories and technologies related to security challenges in SDN and NFV. We solicit unpublished research papers, both regular (6 pages max) and short (4 pages max) papers, that address the latest practices, experiences, and lessons learned on SDN and NFV security. Topics of interest include, but are not limited to:
CPSS 2016 2nd ACM Cyber-Physical System Security Workshop, Held in conjunction with ACM AsiaCCS 2016 Conference, Xi'an, China, May 31, 2016. (Submission Due 5 December 2015)
Cyber-Physical Systems (CPS) consist of large-scale interconnected systems of heterogeneous components interacting with their physical environments. There are a multitude of CPS devices and applications being deployed to serve critical functions in our lives. The security of CPS becomes extremely important. This workshop will provide a platform for professionals from academia, government, and industry to discuss how to address the increasing security challenges facing CPS. Besides invited talks, we also seek novel submissions describing theoretical and practical security solutions to CPS. Papers that are pertinent to the security of embedded systems, SCADA, smart grid, and critical infrastructure networks are all welcome, especially in the domains of energy and transportation. Topics of interest include, but are not limited to:
Cybersecurity 2016 Cybersecurity Symposium, Coeur d'Alene, Idaho, U.S.A, April 19-20, 2016. (Abstract Submission Due 15 December 2015)
The 2016 Cybersecurity Symposium is an opportunity for academic researchers from all disciplines, and stakeholders from industry and government to meet and discuss state-of-the-art techniques and processes, with the purpose of improving the cybersecurity of today's critical systems. This symposium seeks submissions from academia, industry, and government describing innovative research, case studies, and best practices on all practical and theoretical aspects of cybersecurity. We are interested in extended abstracts on topics including, but not limited to:
IFIP SEC 2016 31th IFIP TC-11 SEC 2016 International Information Security and Privacy Conference, Ghent, Belgium, May 30 - June 1, 2016. (Submission Due 24 December 2015)
The IFIP SEC conference is the flagship event of the International Federation for Information Processing (IFIP) Technical Committee 11 on Security and Privacy Protection in Information Processing Systems (TC-11, www.ifiptc11.org). We seek submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of security and privacy protection in ICT Systems. Topics of interest:
BioSTAR 2016 International Workshop on Bio-inspired Security, Trust, Assurance and Resilience, Co-located with 37th IEEE Symposium on Security and Privacy (IEEE S&P 2016), San Jose, CA, USA, May 26, 2016. (Submission Due 15 January 2016)
As computing and communication systems continue to expand and offer new services, these advancements require more dynamic, diverse, and interconnected computing infrastructures. Unfortunately, defending and maintaining resilient and trustworthy operation of these complex systems are increasingly difficult challenges. Conventional approaches to Security, Trust, Assurance and Resilience (STAR for short) are often too narrowly focused and cannot easily scale to manage large, coordinated and persistent attacks in these environments. Designs found in nature are increasingly used as a source of inspiration for STAR and related networking and intelligence solutions for complex computing and communication environments. Nature's footprint is present in the world of Information Technology, where there are an astounding number of computational bio-inspired techniques. These well-regarded approaches include genetic algorithms, neural networks, ant algorithms, immune systems just to name a few. For example several networking management and security technologies have successfully adopted some of nature's approaches, such as swarm intelligence, artificial immune systems, sensor networks, moving target defense, diversity-based software design, etc. Nature has also developed an outstanding ability to recognize individuals or foreign objects and adapt/evolve to protect a group or a single organism. Solutions that incorporate these nature-inspired characteristics often have improved performance and/or provided new capabilities beyond more traditional methods. The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field of nature-inspired STAR aspects in computing and communications. Topics of interests include, but are not limited to:
MOST 2016 Workshop on Mobile Security Technologies, Co-located with 37th IEEE Symposium on Security and Privacy (IEEE S&P 2016), San Jose, CA, USA, May 26, 2016. (Submission Due 15 January 2016)
Mobile Security Technologies (MoST) brings together researchers, practitioners, policy makers, and hardware and software developers of mobile systems to explore the latest understanding and advances in the security and privacy for mobile devices, applications, and systems. With the development of new mobile platforms, such as Android and iOS, mobile computing has shown exponential growth in popularity in recent years. To benefit from the availability of constantly-growing consumer base, new services and applications are being built from the composition of existing ones at breakneck speed. This rapid growth has also been coupled with new security and privacy concerns and challenges. For instance, more and more sensitive content is being collected and shared by third-party applications that, if misused, can have serious security and privacy repercussions. Consequently, there is a growing need to study and address these new challenges. We are seeking both short position papers (2-4 pages) and longer papers (a maximum of 10 pages). The topics of interest include, but are not limited to:
ACNS 2016 14th International Conference on Applied Cryptography and Network Security, London, United Kingdom, June 19-22, 2016. (Submission Due 27 January 2016)
The conference seeks submissions presenting novel research on all technical aspects of applied cryptography, cyber security (incl. network and computer security) and privacy. This includes submissions from academia/industry on traditional and emerging topics and new paradigms in these areas, with a clear connection to real-world problems, systems or applications. Submissions may focus on the modelling, design, analysis (incl. security proofs and attacks), development (e.g. implementations), deployment (e.g. system integration), and maintenance (e.g. performance measurements, usability studies) of algorithms/protocols/standards/implementations/technologies/devices/systems standing in relation with applied cryptography, cyber security and privacy, while advancing or bringing new insights to the state of the art. Some topics of interest include but not limited to:
LASER 2016 4th Workshop on Learning from Authoritative Security Experiment Results, Co-located with 37th IEEE Symposium on Security and Privacy (IEEE S&P 2016), San Jose, CA, USA, May 26, 2016. (Submission Due 29 January 2016)
The Learning from Authoritative Security Experiment Results (LASER) workshop series focuses on learning from and improving cyber security experimental results. LASER explores both positive and negative results, the latter of which are not often published. LASER's overarching goal is to foster a dramatic change in the paradigm of cyber security research and experimentation, improving the overall quality of practiced science. This year, LASER will focus on cyber security experimentation methods and results that demonstrate approaches to increasing the repeatability and archiving of experiments, methods, results, and data. Participants will find LASER to be a constructive and highly interactive venue featuring informal paper presentations and extended discussions. To promote a high level of interaction, attendance will be limited, with first preference given to participating authors. Additional seats will be available on a first-come first-served basis. LASER also seeks to foster good science in the next generation of cyber security researchers. As such, LASER offers a limited number of student scholarships for participation.
WTMC 2016 International Workshop on Traffic Measurements for Cybersecurity, Co-located with 11th ACM Asia Conference on Computer and Communications Security (AsiaCCS 2016), Xi'an, China, May 30, 2016. (Submission Due 1 February 2016)
Today's world's societies are becoming more and more dependent on open networks such as the Internet - where commercial activities, business transactions and government services are realized. This has led to the fast development of new cyber threats and numerous information security issues which are exploited by cyber criminals. The inability to provide trusted secure services in contemporary computer network technologies has a tremendous socio-economic impact on global enterprises as well as individuals. Current communication networks are increasingly becoming pervasive, complex, and ever-evolving due to factors like enormous growth in the number of network users, continuous appearance of network applications, increasing amount of data transferred, and diversity of user behaviors. Understanding and measuring traffic in such networks is a difficult yet vital task for network management but recently also for cybersecurity purposes. Network traffic measuring and monitoring can, for example, enable the analysis of the spreading of malicious software and its capabilities or can help to understand the nature of various network threats including those that exploit users' behavior and other user's sensitive information. On the other hand network traffic investigation can also help to assess the effectiveness of the existing countermeasures or contribute to building new, better ones. Recently, traffic measurements have been utilized in the area of economics of cybersecurity e.g. to assess ISP "badness" or to estimate the revenue of cyber criminals. Topics of interest include, but are not limited to:
IoTPTS 2016 2nd ACM International Workshop on IoT Privacy, Trust, and Security, Held in conjunction with the 11th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2016), Xian, China, May 30, 2016. (Submission Due 12 February 2016)
The Internet of Things (IoT) is the next great technology frontier. At a basic level, IoT refers simply to networked devices, but the IoT vision is a complex ecosystem that ranges from cloud backend services and big-data analytics to home, public, industrial, and wearable sensor devices and appliances. Architectures for these systems are in the formative stages, and now is the time to ensure privacy, trust, and security are designed into these systems from the beginning. We encourage submissions on all aspects of IoT privacy, trust, and security. Topics of interest include (but are not limited) to the following areas:
SECRYPT 2016 13th International Conference on Security and Cryptography, Lisbon, Portugal, July 26 - 28, 2016. (Submission Due 1 March 2016)
SECRYPT is an annual international conference covering research in information and communication security. The conference seeks submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of data protection, privacy, security, and cryptography. Papers describing the application of security technology, the implementation of systems, and lessons learned are also encouraged. Papers describing new methods or technologies, advanced prototypes, systems, tools and techniques and vision papers indicating future directions are also encouraged. Conference topics:
IWSEC 2016 11th International Workshop on Security, Tokyo, Japan, September 12-14, 2016. (Submission Due 31 March 2016)
Original papers on the research and development of various security topics, as well as case studies and implementation experiences, are solicited for submission to IWSEC 2016. Topics of interest for IWSEC 2016 include all theory and practice of cryptography, information security, and network security, as in previous IWSEC workshops. In particular, we encourage the following topics in this year:
Staying in touch....
Changing your email address? Please send updates to firstname.lastname@example.org
IEEE Computer Society's Technical Committee on Security and Privacy
|TC home page||TC Officers|
|How to join the TCSP||TC publications available online|
|TC Publications for sale||Cipher past issues archive|