Last Modified:03/20/23

Note: Please send new calls to cipher-cfp@ieee-security.org and take a moment to read the submission guidelines. And please see the Cipher Calendar for events sorted in date order. For all other questions, please contact cipher-cfp@ieee-security.org by email.

Contents

Special Issues of Journals and Handbooks

Journal of Systems Architecture, Special Issue on Distributed Learning and Blockchain Enabled Infrastructures for Next Generation of Big Data Driven Cyber-Physical Systems. (Submission Due 31 March 2023) [posted here 2/27/23]
Guest editors: Xiaokang Zhou (Shiga University, Japan), Giancarlo Fortino (University of Calabria, Italy), Carson Leung (University of Manitoba, Canada), and Mohammad Hammoudeh (King Fahd University of Petroleum & Mineral, Saudi Arabia).
Modern Cyber-Physical System (CPS) is composed by integrating and networking the physical world, computational components, and Internet-of-Things(IoT) devices such as sensors, actuators, etc. Typical CPS applications include autonomous driving systems, smart home, robotics systems, smart healthcare systems, etc. With the prevalence of CPSs, the huge volume of ever-increasing data produced by heterogeneous IoT devices raise crucial challenges in both system architectures and data management. First, traditional centralized CPSs have the shortcomings of destitute transparency and scalability, making it difficult to scale with the ever-increasing volume of data generated across CPSs. Moreover, CPSs are often associated with sensitive data, while their centralized infrastructures expose them to vulnerability, data breaches, and denial of services. Therefore, the decentralized CPS infrastructure becomes a potential solution, in particular, it is essential to explore new big data processing techniques with decentralized CPS infrastructures.

Distributed learning and blockchain techniques, envisioned as the bedrock of future intelligent networks and IoT technologies, have attracted tremendous attentions from both academy and industry due to the nature of decentralization, data security, and privacy benefits. The decentralized architectures, together with the ability to enable secured, trusted and decentralized autonomous ecosystems, revolutionize increasingly centralized CPSs for infrastructures and applications, as well as reshaping of traditional data mining and knowledge discovery patterns. However, adopting distributed learning and blockchain technologies in big data driven CPS applications requires essential insights with respect to concrete application domains, scalability, privacy issues, performance, and financial benefits as well.
For more information, please see https://www.sciencedirect.com/journal/journal-of-systems-architecture/about/call-for-papers#distributed-learning-and-blockchain-enabled-infrastructures-for-next-generation-of-big-data-driven-cyber-physical-systems.

Conference and Workshop Call-for-papers

WTMC 2023 8th International Workshop on Traffic Measurements for Cybersecurity, Co-located with 8th IEEE European Symposium on Security and Privacy (IEEE EuroS&P 2023), Delft, The Netherlands, July 7, 2023. (Submission Due 22 March, 2023) [posted here 1/16/23]
Current communication networks are increasingly becoming pervasive, complex, and ever-evolving due to factors like enormous growth in the number of network users, continuous appearance of network applications, increasing amount of data transferred, and diversity of user behavior. Understanding and measuring traffic in such networks is a challenging yet vital task for network management but recently also for cybersecurity purposes. Network traffic measurement and monitoring can, for example, enable the analysis of the spreading of malicious software and its capabilities or can help to understand the nature of various network threats, including those that exploit user's behavior and other user's sensitive information. On the other hand, network traffic investigation can also help to assess the effectiveness of the existing countermeasures or contribute to building new, better ones. Traffic measurements have been utilized in the area of economics of cybersecurity e.g., to assess ISP "badness" or to estimate the revenue of cybercriminals. Recent research has focused on measurements of fake news and the interplay between misinformation and user engagement in news postings using different online platforms.

The WTMC workshop aims to bring together the research accomplishments provided by researchers from academia and the industry. The other goal is to show the latest research results in the field of cybersecurity and understand how traffic measurements can influence it. We encourage prospective authors to submit related distinguished research papers on the subject of both theoretical approaches and practical case reviews. This workshop presents some of the most relevant ongoing research in cybersecurity seen from the traffic measurements perspective. The workshop will be accessible to both non-experts interested in learning about this area and experts interested in hearing about new research and approaches.

For more information, please see https://wtmc.info/.

RAID 2023 26th International Symposium on Research in Attacks, Intrusions and Defenses, Hong Kong, October 16-18, 2023. (Submission Due 23 March 2023) [posted here 1/28/23]
Since its inception in 1997, the International Symposium on Research in Attacks, Intrusions and Defenses (RAID) has established itself as a venue where leading researchers and practitioners from academia, industry, and the government are given the opportunity to present novel research in a unique venue to an engaged and lively community. The conference is known for the quality and thoroughness of the reviews of the papers submitted, the desire to build a bridge between research carried out in different communities, and the emphasis given on the need for sound experimental methods and measurement to improve the state of the art in cybersecurity. This year we are soliciting research papers on topics covering all well-motivated computer security problems. We care about techniques that identify new real-world threats, techniques to prevent them, to detect them, to mitigate them or to assess their prevalence and their consequences. Measurement papers are encouraged, as well as papers offering public access to new tools or datasets, or experience papers that clearly articulate important lessons learned.

For more information, please see https://raid2023.org/call.html.

C&ESAR 2023 Cybersecurity of Smart Peripheral Devices (Mobiles / IoT / Edge), Rennes, France, November 21-22, 2023. (Submission Due 26 April 2023, 10 May 2023, and 30 August 2023) [posted here 2/13/23]
Every year since 1997, the French Ministry of Defense organizes a cybersecurity conference, called C&ESAR. This conference is now one of the main events of the European Cyber Week (ECW) organized every fall in Rennes, Brittany, France. The goal of C&ESAR is to bring together governmental, industrial, and academic stakeholders interested in cybersecurity. This event, both educational and scientific, gathers experts, researchers, practitioners and decision-makers. This inter-disciplinary approach allows operational practitioners to learn about and anticipate future technological inflection points, and for industry and academia to confront research and product development to operational realities. Every year, C&ESAR explores a different topic within the field of cybersecurity.

This yearÕs topic is: Cybersecurity of Smart Peripheral Devices (Mobiles / IoT / Edge). This yearÕs topic is subtitled: Cybersecurity of semi-autonomous connected devices deployed at the periphery of an information system, close to its data sources and sinks. C&ESAR solicits submissions presenting clear surveys (including SoK papers), innovative solutions, or insightful experience reports related to the cybersecurity of Smart Peripheral Devices (mobiles/IoT/Edge). The scope covers all issues related to the cybersecurity of semi-autonomous connected devices deployed at the periphery of an information system close to its data sources and sinks. Those devices include mobiles, smartphones, IoT devices, and lightweight Edge devices. The scope covers technical issues, as well as legal issues.

For more information, please see https://2023.cesar-conference.org.

CCS 2023 30th ACM Conference on Computer and Communications Security, Copenhagen, Denmark, November 26-30, 2023. (Submission Due 19 January 2023 and 4 May 2023) [posted here 1/16/22]
The 30th ACM Conference on Computer and Communications Security (CCS) seeks submissions presenting novel contributions related to all real-world aspects of computer security and privacy. Theoretical papers must make a convincing case for the relevance of their results to practice. Authors are encouraged to write the abstract and introduction of their paper in a way that makes the results accessible and compelling to a general computer-security researcher. In particular, authors should bear in mind that anyone on the program committee may be asked to review any paper.

For more information, please see https://www.sigsac.org/ccs/CCS2023/index.html.

CUING 2023 7th International Workshop on Criminal Use of Information Hiding, Held in conjunction with the 18th International Conference on Availability, Reliability and Security (ARES 2023), Benevento, Italy, August 29 - September 1, 2023. (Submission Due 22 May 2023) [posted here 2/27/23]
With the constant rise of the number of Internet users, available bandwidth and an increasing number of services shifting into the connected world, criminals are increasingly active in the virtual world. With improving defensive methods cybercriminals have to utilize more and more sophisticated ways to perform their malicious activities. While protecting the privacy of users, many technologies used in current malware and network attacks have been abused in order to allow criminals to carry out their activities undetected. This poses a lot of new challenges for digital forensics analysts, academics, law enforcement agencies (LEAs), and security professionals. The aim of the International Workshop on Criminal Use of Information Hiding (CUIng) is to bring together researchers, practitioners, law enforcement representatives, and security professionals in the area of analysis of information hiding. However data hiding is understood here in a wider manner than in the academic world i.e. all techniques that pertain to camouflaging/masking/hiding various types of data (e.g. identities, behavior, communication, etc.) are included here. This means not only digital steganography/covert channels but also obfuscation/anti-forensics techniques and even underground networks (darknets) or activities related to behavior impersonation or mimicking. This will allow to present a more complete picture on novel research regarding the use of data and communication hiding methods in criminal environments and discuss ideas for fighting misuse of privacy enhancing technologies.

For more information, please see https://www.ares-conference.eu/workshops/cuing-2023/.

ENS 2023 5th International Workshop on Emerging Network Security, Held in conjunction with the 18th International Conference on Availability, Reliability and Security (ARES 2023), Benevento, Italy, August 29 - September 1, 2023. (Submission Due 22 May 2023) [posted here 2/27/23]
With the great success and development of 5G & beyond systems and other emerging concepts (e.g. 6G) a continued effort toward rich ubiquitous communication infrastructure, promising wide range of high-quality services is desired. It is envisioned that communication in emerging networks will offer significantly greater data bandwidth and almost infinite capability of networking resulting in unfaltering user experiences for, among others: virtual/augmented reality, massive content streaming, telepresence, user-centric computing, crowded area services, smart personal networks, Internet of Things (IoT), smart buildings and smart cities.

The communication in 5G networks and beyond is currently in the center of attention of industry, academia, and government worldwide. Emerging network concepts drive many new requirements for different network capabilities. As future networks aim at utilizing many promising network technologies, such as Software Defined Networking (SDN), Network Functions Virtualization (NFV), Information Centric Network (ICN), Network Slicing or Cloud Computing and supporting a huge number of connected devices integrating above mentioned advanced technologies and innovating new techniques will surely bring tremendous challenges for security, privacy and trust. Therefore, secure network architectures, mechanisms, and protocols are required as the basis for emerging networks to address these issues and follow security-by-design approach. Finally, since in current and future networks even more user data and network traffic will be transmitted, big data security solutions should be considered in order to address the magnitude of the data volume and ensure data security and privacy.

From this perspective, the ENS 2022 workshop aims at collecting the most relevant ongoing research efforts in emerging network security field. It also serves as a forum for 5G & beyond projects in order to disseminate their security-related results and boost cooperation, also foster development of the 5G and beyond Security Community made of 5G security experts and practitioners who pro-actively discuss and share information to collectively progress and align on the field. Last but not least it also aims to bridge 5G & Beyond community with other communities (e.g. AI) that are key to support full attainment of 5G & Beyond but also 6G promises and so for those technologies to release their full potential.

For more information, please see https://www.ares-conference.eu/workshops-eu-symposium/ens-2023/.

ESORICS 2023 28th European Symposium on Research in Computer Security, Hague, Netherlands, September 25-29, 2023. (Submission Due 22 January 2023 and 28 May 2023) [posted here 1/28/23]
Computer security is concerned with the protection of information in environments where there is a possibility of intrusion or malicious action. The aim of ESORICS is to further the progress of research and development in computer security by establishing a European community for bringing together academia and industry in this area. Progressively organized in a series of European countries, the symposium is confirmed as one of the biggest European conferences in computer security. Nowadays, the symposium has also explored the R&D directions on AI, machine learning, privacy-enhancing technology, network security, software, and hardware security, blockchain, smart contract, and real-world applied cryptography.

For more information, please see https://esorics2023.org.

SecDev 2023 IEEE Secure Development Conference, Atlanta, GA, USA, October 18 - 20, 2023. (Submission Due 2 June 2023) [posted here 2/13/23]
SecDev is a venue for presenting ideas, research, and experience about how to develop secure systems. It focuses on theory, techniques, and tools to Òbuild security inÓ to existing and new computing systems, and does not focus on simply discovering the absence of security. The goal of SecDev is to encourage and disseminate ideas for secure system development among academia, industry, and government. It aims to bridge the gap between constructive security research and practice and to enable the real-world impact of security research in the long run. Developers have valuable experiences and ideas that can inform academic research, and researchers have concepts, studies, and even code and tools that could benefit developers. We solicit research and experience papers on a broad range of topics relating to secure systems development. Examples of topics that are in scope include: development libraries, tools, or processes to produce systems resilient to certain attacks; formal foundations that underpin a language, tool, or testing strategy that improves security; techniques that drastically improve the scalability of security solutions for practical deployment; and experience, designs, or applications showing how to apply cryptographic techniques effectively to secure systems. SecDev also seeks hands-on and interactive tutorials on processes, frameworks, languages, and tools for building security in. The goal is to share knowledge on the art and science of secure systems development.

For more information, please see https://secdev.ieee.org/2023/home.

USENIX Security 2024 33rd USENIX Security Symposium, Philadelphia, PA, USA, August 14-16, 2024. (Submission Due 6 June 2023, 17 October 2023, and 8 February 2024) [posted here 1/28/23]
The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the security and privacy of computer systems and networks. The Call for Papers will be available soon.

For more information, please see https://www.usenix.org/conference/usenixsecurity24.

Archival Journals Regularly Specializing in Security and Privacy

Journal of Privacy Technology (JOPT),   Editor-in-Chief:  Latanya Sweeney
This online-only Journal, started in 2004 and  operated by Carnegie Mellon University, is a forum for the publication of original current research in privacy technology. It encourages the submission of any material dealing primarily with the technological aspects of privacy or with the privacy aspects of technology, which may include analysis of the interaction between policy and technology or the technological implications of legal decisions.  More information can be found at http://www.jopt.org/.

IEEE Security and Privacy Magazine,   Editor-in-Chief: Shari Lawrence Pfleeger
IEEE Security & Privacy provides a unique combination of research articles, case studies, tutorials, and regular departments covering diverse aspects of information assurance such as legal and ethical issues, privacy concerns, tools to help secure information, analysis of vulnerabilities and attacks, trends and new developments, pedagogical and curricular issues in educating the next generation of security professionals, secure operating systems and applications, security issues in wireless networks, design and test strategies for secure and survivable systems, and cryptology.  More information can be found at http://www.computer.org/portal/web/computingnow/securityandprivacy.

ACM Transactions on Information and System Security,   Editor-in-Chief: Gene Tsudik
ACM invites submissions for its Transactions on Information and System Security, inaugurated in November 1998. TISSEC publishes original archival-quality research papers and technical notes in all areas of information and system security including technologies, systems, applications, and policies. Papers should have practical relevance to the construction, evaluation, application, or operation of secure systems. Theoretical papers will be accepted only if there is convincing argument for the practical significance of the results. Theory must be justified by convincing examples illustrating its application. More information is given on the journal web page at http://www.acm.org/tissec.

IEEE Transactions on Dependable and Secure Computing,   Editor-in-Chief: Ravi Sandhu
The IEEE Transactions on Dependable and Secure Computing publishes archival research results related to research into foundations, methodologies, and mechanisms that support the achievement—through design, modeling, and evaluation—of systems and networks that are dependable and secure to the desired degree without compromising performance. The focus will also include measurement, modeling, and simulation techniques, and foundations for jointly evaluating, verifying, and designing for performance, security, and dependability constraints. More information is given on the journal web page at http://www.computer.org/portal/web/tdsc.

The Springer Series on ADVANCES IN INFORMATION SECURITY
The purpose of the Advances in Information Security book series is to establish the state of the art and set the course for future research in information security. The scope of this series includes not only all aspects of computer, network security, and cryptography, but related areas, such as fault tolerance and software assurance. The series serves as a central source of reference for information security research and developments. The series aims to publish thorough and cohesive overviews on specific topics in Information Security, as well as works that are larger in scope than survey articles and that will contain more detailed background information. The series also provides a single point of coverage of advanced and timely topics and a forum for topics that may not have reached a level of maturity to warrant a comprehensive textbook. Prospective Authors or Editors: If you have an idea for a book that would fit in this series, we would welcome the opportunity to review your proposal. Should you wish to discuss any potential project further or receive specific information regarding book proposal requirements, please contact Professor Sushil Jajodia (jajodia@gmu.edu,703-993-1653).
 
Journal of Computer Security,   Editor-in-Chief: John Mitchell and Pierangela Samarati
JCS is an archival research journal for significant advances in computer security. Subject areas include architecture, operating systems, database systems, networks, authentication, distributed systems, formal models, verification, algorithms, mechanisms, and policies. All papers must be submitted online at http://www.iospress.nl/journal/journal-of-computer-security/. More information is given on the journal web page at http://jcs.stanford.edu/.
 
Computers & Security,   Editor-in-Chief: Eugene H. Spafford
Computers & Security aims to satisfy the needs of managers and experts involved in computer security by providing a blend of research developments, innovations, and practical management advice. Original submissions on all computer security topics are invited, particularly those of practical benefit to the practitioner. All papers must be submitted online at http://ees.elsevier.com/cose/. More information can be found at http://www.elsevier.com/locate/issn/01674048.
 
International Journal of Information Security,   Editors-in-Chief: D. Gollmann; J. Lopez; E. Okamoto
The International Journal of Information Security, IJIS, aims to provide prompt publication of important technical work in information security, attracting any person interested in communications, commerce, banking, medicine, or other areas of endeavor affected by information security. Any research submission on theory, applications, and implementations of information security is welcomed. This includes, but is not limited to, system security, network security, content protection, applications and foundations of information security. More information is given on the journal web page at http://www.springer.com/computer/security+and+cryptology/journal/10207.
 
International Journal of Network Security,   Editors-in-Chief: Min-Shiang Hwang
International Journal of Network Security is an international official journal of Science Publications, publishing original articles, reviews and short communications of a high scientific and technology in network security. Subjects covered include: access control, computer security, cryptography, communications security, data security, database security, electronic commerce security, information security, multimedia security, and network security. Authors are strongly encouraged to submit their papers electronically by using online manuscript submission at http://ijns.nchu.edu.tw/, or submit their Word, ps or pdf file to the editor-in-chief (via Email: mshwang@isrc.nchu.edu.tw): Min-Shiang Hwang, at the Department of Management Information Systems, National Chung Hsing University, Taiwan, R.O.C.  More information can be found at http://ijns.femto.com.tw/.
 
International Journal of Security and Networks,   Editors-in-Chief: Yang Xiao
International Journal of Security and Networks is an archival research journal for significant advances in network security. Subject areas include attack models, security mechanisms, security services, authentication, authorization, access control, multicast security, data confidentiality, data integrity, non-repudiation, forensics, privacy protection, secure protocols, formal analyses, intrusion detection, key management, trust establishment, revocation of malicious parties, security policies, fraudulent usage, dependability and reliability, prevention of traffic analysis, network security performance evaluation, tradeoff analysis between performance and security, security standards, etc. All papers must be submitted online at http://www.inderscience.com/ijsn/. More information is given on the journal web page at http://www.inderscience.com/ijsn/.
 
International Journal of Critical Infrastructure Protection,   Editors-in-Chief: Sujeet Shenoi
International Journal of Critical Infrastructure Protection's primary aim is to publish high quality scientific and policy papers in all areas of critical infrastructure protection. Of particular interest are articles that weave science, technology and policy to craft sophisticated yet practical solutions that will secure information, computer and network assets in the various critical infrastructure sectors. All papers must be submitted online at http://www.elsevier.com/locate/ijcip. More information is given on the journal web page at http://www.elsevier.com/locate/ijcip.
 
IEEE Transactions on Information Forensics and Security,   Editors-in-Chief: C.-C. Jay Kuo
IEEE Transactions on Information Forensics and Security aims to provide a unified locus for archival research on the fundamental contributions and the mathematics behind information forensics, information security, surveillance, and systems applications that incorporate these features. Authors are strongly encouraged to submit their papers electronically to the online manuscript system, Manuscript Central, via sps-ieee.manuscriptcentral.com.  More information can be found at http://www.ieee.org/organizations/society/sp/tifs.html.
 
EURASIP Journal on Information Security,   Editors-in-Chief: Stefan Katzenbeisser
EURASIP Journal on Information Security aims to bring together researchers and practitioners dealing with the general field of information security, with a particular emphasis on the use of signal processing tools in adversarial environments. As such, it addresses all works whereby security is achieved through a combination of techniques from cryptography, computer security, machine learning and multimedia signal processing. Application domains lie, for example, in secure storage, retrieval and tracking of multimedia data, secure outsourcing of computations, forgery detection of multimedia data, or secure use of biometrics. The journal also welcomes survey papers that give the reader a gentle introduction to one of the topics covered as well as papers that report large-scale experimental evaluations of existing techniques. Pure cryptographic papers are outside the scope of the journal. The journal also welcomes proposals for Special Issues. All papers must be submitted online at http://jis.eurasipjournals.com/manuscript.  More information can be found at http://jis.eurasipjournals.com.