2006 IEEE Symposium on
Security and Privacy

May 21-24, 2006
The Claremont Resort
Berkeley/Oakland, California, USA

Sponsored by
IEEE Computer Society Technical Committee on Security and Privacy
In cooperation with
The International Association for Cryptologic Research (IACR)

Symposium Committee:
General Chair: Hilarie Orman (Purple Streak, Inc., USA)
Vice Chair: Deborah Shands (The Aerospace Corporation, USA)
Treasurer: Terry Benzel (ISI/USC, USA)

Program Co-Chairs: Vern Paxson (ICSI and LBNL, USA), Birgit Pfitzmann (IBM Zurich Research Lab, Switzerland)
Workshop Local Arrangements Chair: Doug Tygar (UC Berkeley, USA)
5-Minute Talks Co-Chairs: Hervé Debar (France Telecom R&D, France) and Philippe Golle (Palo Alto Research Center, USA)

Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field.

Previously unpublished papers offering novel research contributions in any aspect of computer security or electronic privacy are solicited for submission to the 2006 symposium. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains.

New This Year: The 2006 Symposium is open to submissions not only of full-length papers but also short papers (extended abstracts) describing less mature work. See below for details.

UPDATE: The Symposium will have a poster session after the work-in-progress session, and concurrent with the reception on Monday evening. See below for details.

Topics of interest include, but are not limited to, the following:

Access Control and Audit
Anonymity and Pseudonymity
Authentication, including Phishing
Automated and Large-Scale Attacks
Commercial and Industrial Security
Data Integrity
Database Security
Denial of Service
Distributed Systems Security
Electronic Privacy
Information Flow
Intrusion Detection
Language-Based Security
Malicious Code
Mobile Code and Agent Security
Network Security
Peer-to-Peer Security
Secure Hardware and Smartcards
Security Protocols
Security Verification
Security of Mobile Ad-Hoc Networks

Program Committee:

Paul Ammann, George Mason University, USA
Tuomas Aura, Microsoft Research, UK
Michael Backes, IBM Research, Switzerland
Elisa Bertino, Purdue University, USA
Peter Chen, University of Michigan, USA
Robert Cunningham, MIT Lincoln Laboratory, USA
George Danezis, Cambridge University, UK
Drew Dean, SRI International, USA
Hervé Debar, France Telecom R&D, France
Nick Feamster, Georgia Tech, USA
Kevin Fu, University of Massachusetts Amherst, USA
Philippe Golle, Palo Alto Research Center, USA
Steven Gribble, University of Washington, USA
Richard Kemmerer, UC Santa Barbara, USA
Angelos Keromytis, Columbia University, USA
Christopher Kruegel, Technical University Vienna, Austria
Michiharu Kudo, IBM Research, Japan
Helmut Kurth, Atsec Information Security, Germany
Ralf Küsters, University of Kiel, Germany
Susan Landau, Sun Microsystems, USA
Carl Landwehr, University of Maryland, USA
Marc Langheinrich, ETH Zurich, CH
Ludovic Mé, Supélec, France
Adrian Perrig, Carnegie Mellon University, USA
Michaël Rusinowitch, INRIA Lorraine, France
Andrei Sabelfeld, Chalmers University, Sweden
Stefan Savage, UC San Diego, USA
Sean Smith, Dartmouth College, USA
Sal Stolfo, Columbia University, USA
Doug Tygar, UC Berkeley, USA
Paul van Oorschot, Carleton University, Canada
David Wagner, UC Berkeley, USA
Helen Wang, Microsoft Research, USA
Rebecca Wright, Stevens Institute of Technology, USA


All submissions MUST reflect original work and MUST adequately document any overlap with previously published or simultaneously submitted papers from any of the authors. Failure to clearly document such overlap will lead to automatic rejection. If authors have any doubts regarding whether such overlap exists, they should contact the program chairs prior to submission.

Papers should be submitted in Portable Document Format (.pdf) using an 11-point font, single column layout, standard interline spacing, and reasonable margins. Regular full-length papers must not exceed 15 pages in length (6 pages for extended abstracts), excluding the bibliography and well-marked appendices; note, committee members are not required to read the appendices, so papers must be intelligible without them.

We request that submissions be in US letter paper size (not A4) if possible. We urge authors to follow the NSF "Fastlane" guidelines for document preparation (, and to pay special attention to unusual fonts.

Papers should be submitted in a form suitable for anonymous review: remove author names and affiliations from the title page, and avoid explicit self-referencing in the text. When referring to your previous work, do so in the third person, as though it were written by someone else. Only blind the reference itself if a third-person reference will clearly not work.

Submit papers via the Web at

For regular-length papers, the situation may arise that the program committee decides to not accept the paper, but concludes that an extended-abstract version of the paper would be acceptable. Authors of regular papers must explicitly indicate upon submission whether they wish their submission to be considered for this form of alternate acceptance. There is no penalty for authors deciding either way. Regular papers accepted as extended abstracts will generally be shepherded.

For any questions, contact the program chairs at

Paper submissions due: November 4, 2005, 23:00:00 PST (GMT-8)    (No extensions!)

Acceptance notification: January 27, 2006

Final papers due: March 3rd, 2006

Submissions received after the submission deadline or failing to conform to the guidelines above risk rejection without consideration of their merits. Authors are responsible for obtaining appropriate clearances; authors of accepted papers will be asked to sign IEEE copyright release forms. Where possible all further communications to authors will be via email.


This year the symposium is open to submission of short papers in addition to regular full-length papers. The intent behind these extended abstracts is to expand the program to include less mature work, and therefore the novelty and longer-term promise of such submissions will weigh more heavily in the reviewing process than their degree of high polish. Extended abstracts accepted for the program will appear in the proceedings (in short form - not expanded to full papers - and with Extended Abstract in the title) and be presented orally during the symposium (in suitably shorter speaking slots) as a regular part of the program. Extended abstract submissions must not exceed 6 pages for the main text (other than bibliography and appendices).


The conference may include panel sessions addressing topics of interest to the computer security community. Proposals for panels should include possible panelists and an indication of which of those panelists have confirmed participation. Please submit panel proposals by email to

Panel proposals due: January 2, 2006, 23:00:00 PST (GMT-8)

Acceptance notification: January 27, 2006


Also new this year, we are encouraging submissions of workshops to be co-located with IEEE S&P 2006. To submit a workshop proposal, send a note to outlining the theme, proposed program committee, reviewing process, and dates. For accepted workshops, the workshop local arrangements chair will be able to provide logistical assistance.


A continuing feature of the symposium is a session of 5-minute talks where attendees can present preliminary research results or summaries of works published elsewhere. Abstracts for 5-minute talks must fit on one 8.5"x11" or A4 page, including the title and all author names and affiliations. Submit abstracts prior to the conference by email to; or by Monday morning at the conference by hardcopy given to the WIP chairs.

5-minute abstracts due: May 22, 2006, 11:00:00 PDT (at the conference)

Acceptance notification: May 22, 2006, 14:00:00 PDT

Note that these times are earlier than originally posted.

Note: while the majority of these presentations will be accepted and notified per the above dates, we will also review and accept a small number of presentations prior to the meeting, with an early decision, for those who require a decision in order to plan their travel. Such submissions must be sent by April 10, 2006, with early notifications to be made by April 17, 2006.

In addition, the symposium will include a Poster session after the 5-minute talk session, concurrent with the reception. Attendees can display posters describing for informal discussion some of their research efforts. These can expand on material presented in a 5-minute talk, or be on separate topics. Those interested should send email to