Cipher
Calls for Papers



IEEE Computer Society's Technical Committee on Security and Privacy


 

Last Modified:9/25/23

Note: Please send new calls to cipher-cfp@ieee-security.org and take a moment to read the submission guidelines. And please see the Cipher Calendar for events sorted in date order. For all other questions, please contact cipher-cfp@ieee-security.org by email.

Contents

 

Special Issues of Journals and Handbooks


eDemocracy and Open Government (JeDEM), Special Issue on Digital Sovereignty - Interdisciplinary insights into digital technology and infrastructure, information privacy and digital security. (Submission Due 31 December 2023) [posted here 9/25/23]
In our technologically advanced, multiply connected and increasingly complex world digital space has become an economically, politically, and socially significant domain. As such it falls subject to competing interests of globally dispersed agents, which are exceedingly hard to reconcile, as they may differ immensely with respect to their underlying aims and values. In response to the need to navigate this challenging and potentially hostile environment Òdigital sovereigntyÓ has emerged as a key issue in recent research and policy development. The concept refers to the capacity for autonomous action within the digital sphere and connects three underlying and equally important dimensions of conscious and deliberate technology utilization: 1. Digital Technology and Infrastructure, 2. Information Privacy and 3. Digital Security.

As we rely more and more on digital technologies to facilitate work processes and support communication, we become increasingly dependent on digital infrastructures such as microchips, cloud services, and social media platforms. As a result, their design and structural requirements provide the framework within which various challenges to autonomous agency arise and need to be addressed. Some of these challenges are privacy related and concern the proper collection, storage, handling and dissemination of personal and personally relevant information. They require a purposeful and responsible approach to dealing with data and the development and implementation of appropriate data protection measures. Others relate to security in general. The security dimension has a much wider scope since security challenges can emerge on every level of technological infrastructure and are not limited to vulnerabilities that bear the risk of violating privacy. Network reliability and the integrity of operational processes can be equally at risk. As digital technologies are constantly evolving, resulting in ever more intricate threats to privacy and security, these critical foundations of digital autonomous agency need to be continuously monitored, assessed, and provided for.

We especially encourage submissions that draw on interdisciplinary perspectives and combine insights from such fields as political science, international relations, law, computer science, sociology, philosophy, and economics. With this special issue we want to contribute to this endeavor by inviting submissions focusing on (but in no way limited to) the following areas of interest:
- Normative framework and conceptual foundations for digital sovereignty.
- Implications digital sovereignty measures (or lack thereof) have for functionality, economic viability, innovation, (international) cooperation, and sustainability of governmental, institutional, or economic processes.
- Requirements of resilience-enhancing measures to increase the availability of systems.
- Vulnerability of central systems as single points of failure.
- Reliable assessment of privacy and security risks (Business Impact Analysis, Privacy Impact Analysis).
- Requirements for and compatibility of realizing different security and/or privacy objectives.
- Potentials and risks of digital sovereignty measures to influence and shape economic, political, and societal structures (Digital Humanism).
- Normative requirements on privacy and security measures resulting from digital infrastructure being classified as public good.
- Unintended effects the implementation of digital sovereignty measures might have.

For more information, please see https://www.jedem.org/index.php/jedem/announcement/view/61.

Conference and Workshop Call-for-papers

September 2023

CSF 2024 37th IEEE Computer Security Foundations Symposium, Enschede, Netherlands, July 8-12, 2024. (Submission Due 15 May 2023, 30 September 2023, and 3 February 2024) [posted here 6/5/23]
The Computer Security Foundations Symposium (CSF) is an annual conference for researchers in computer security, to examine current theories of security, the formal models that provide a context for those theories, and techniques for verifying security. It was created in 1988 as a workshop of the IEEE Computer Society's Technical Committee on Security and Privacy, in response to a 1986 essay by Don Good entitled ÒThe Foundations of Computer SecurityÑWe Need Some.Ó The meeting became a ÒsymposiumÓ in 2007, along with a policy for open, increased attendance. Over the past two decades, many seminal papers and techniques have been presented first at CSF. For more details on the history of the symposium, visit CSF's home.

The program includes papers, panels, and a poster session. Topics of interest include access control, information flow, covert channels, cryptographic protocols, database security, language-based security, authorization and trust, verification techniques, integrity and availability models, and broad discussions concerning the role of formal methods in computer security and the nature of foundational research in this area.

For more information, please see https://csf2024.ieee-security.org.

October 2023

IFIP 11.9 DF 2023 20th Annual IFIP WG 11.9 International Conference on Digital Forensics, New Delhi, India, January 4-5, 2024. (Submission Due 15 October 2023) [posted here 8/7/23]
The IFIP Working Group 11.9 on Digital Forensics (www.ifip119.org) is an active international community of scientists, engineers and practitioners dedicated to advancing the state of the art of research and practice in digital forensics. The Twentieth Annual IFIP WG 11.9 International Conference on Digital Forensics will provide a forum for presenting original, unpublished research results and innovative ideas related to the extraction, analysis and preservation of all forms of electronic evidence. Papers and panel proposals are solicited. All submissions will be refereed by a program committee comprising members of the Working Group. Papers and panel submissions will be selected based on their technical merit and relevance to IFIP WG 11.9. The conference will be limited to approximately 60 participants to facilitate interactions between researchers and intense discussions of critical research issues. Keynote presentations, revised papers and details of panel discussions will be published as an edited volume Ð the twentieth volume in the well-known Research Advances in Digital Forensics book series (Springer, Cham, Switzerland) during the summer of 2024.

Technical papers are solicited in all areas related to the theory and practice of digital forensics. Areas of special interest include, but are not limited to:
- Theories, techniques and tools for extracting, analyzing and preserving digital evidence
- Enterprise and cloud forensics
- Mobile and embedded device forensics
- Image and video forensics
- Internet of Things forensics
- Digital forensic processes and workflow models
- Digital forensic case studies
- Legal, ethical and policy issues related to digital forensics

For more information, please see http://www.ifip119.org.

USENIX Security 2024 33rd USENIX Security Symposium, Philadelphia, PA, USA, August 14-16, 2024. (Submission Due 6 June 2023, 17 October 2023, and 8 February 2024) [posted here 1/28/23]
The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the security and privacy of computer systems and networks. The Call for Papers will be available soon.

For more information, please see https://www.usenix.org/conference/usenixsecurity24.

November 2023

PETS 2024 24th Privacy Enhancing Technologies Symposium (PETS 2024) Bristol, UK and Online, July 15-20, 2024. (Submission Due 31 May 2023, 31 August 2023, 30 November 2023, and 28 February 2024) [posted here 6/5/23]
The annual Privacy Enhancing Technologies Symposium (PETS) brings together experts from around the world to present and discuss recent advances and new perspectives on research in privacy technologies. The 24th PETS will be a hybrid event with a physical gathering held in Bristol, UK and a concurrent virtual event. Papers undergo a journal-style reviewing process, and accepted papers are published in the journal Proceedings on Privacy Enhancing Technologies (PoPETs). Authors of accepted papers are encouraged to attend and present at the physical event, where their presentations can be recorded for the virtual event and where they can participate directly in in-person research, technical, and social activities. However, in-person attendance is not required for publication in the proceedings. We will carefully monitor the COVID-19 situation, and may change the organization of the event as necessary. PoPETs, a scholarly, open-access journal for research papers on privacy, provides high-quality reviewing and publication while also supporting the successful PETS community event. PoPETs is self-published and does not have article processing charges (APCs) or article submission charges.

For more information, please see https://asiaccs2024.sutd.edu.sg/cfp/.

December 2023

SP 2024 45th IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 20-23, 2024. (Submission Due 13 April 2023, 3 August 2023, and 6 December 2023)[posted here 6/7/23]
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Theoretical papers must make a convincing case for the relevance of their results to practice. Topics of interest include:
- Applied cryptography
- Attacks with novel insights, techniques, or results
- Authentication, access control, and authorization
- Blockchains and distributed ledger security
- Cloud computing security
- Cyber physical systems security
- Distributed systems security
- Economics of security and privacy
- Embedded systems security
- Formal methods and verification
- Hardware security
- Hate, Harassment, and Online Abuse
- Intrusion detection and prevention
- Machine learning and computer security
- Malware and unwanted software
- Network security
- Operating systems security
- Privacy-enhancing technologies, anonymity, and censorship
- Program and binary analysis
- Protocol security
- Security and privacy metrics
- Security and privacy policies
- Security architectures
- Security foundations
- Systems security
- Usable security and privacy
- Web security
- Wireless and mobile security/privacy

This topic list is not meant to be exhaustive; S&P is interested in all aspects of computer security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.

Systematization of Knowledge Papers: As in past years, we solicit systematization of knowledge (SoK) papers that evaluate, systematize, and contextualize existing knowledge, as such papers can provide a high value to our community. Suitable papers are those that provide an important new viewpoint on an established, major research area, support or challenge long-held beliefs in such an area with compelling evidence, or present a convincing, comprehensive new taxonomy of such an area. Survey papers without such insights are not appropriate and may be rejected without full review. Submissions will be distinguished by the prefix “SoK:” in the title and a checkbox on the submission form. They will be reviewed by the full PC and held to the same standards as traditional research papers, but they will be accepted based on their treatment of existing work and value to the community, and not based on any new research results they may contain. Accepted papers will be presented at the symposium and included in the proceedings. You can find an overview of recent SoK papers at https://oaklandsok.github.io/.

For more information, please see https://sp2024.ieee-security.org/cfpapers.html.

ASIACCS 2024 19th ACM ASIA Conference on Computer and Communications Security, Singapore, July 1-5, 2024. (Submission Due 21 August 2023 and 7 December 2023) [posted here 4/9/23]
The 19th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2024) seeks paper submissions presenting novel contributions related to all real-world aspects of security and privacy. We seek articles presenting accessible and compelling results to general computer security researchers. Purely theoretical (e.g., cryptography-focused, with no security/application connections) submissions are not encouraged. The same goes for submissions focusing primarily on blockchains or machine learning.

Like in previous years, we will also be accepting ÒSystemisation of KnowledgeÓ (SoK) papers. SoK submissions need to add the prefix ÒSoKÓ in the title and a checkbox on the submission form. They will be accepted based on the value to the community. Survey papers without insights evaluating, systematizing and contextualizing current knowledge will be rejected.

For more information, please see https://asiaccs2024.sutd.edu.sg/cfp/.

CODASPY 2024 14th ACM Conference on Data and Application Security and Privacy, Porto, Portugal, June 19-21, 2024. (Submission Due 18 December 2023) [posted here 6/5/23]
The conference seeks submissions from diverse communities, including corporate and academic researchers, open-source projects, standardization bodies, governments, system and security administrators, software engineers and application domain experts. Topics of interest include, but are not limited to:
- Application-layer security policies
- Access control for applications
- Access control for databases
- Data-dissemination controls
- Data forensics
- Data leak detection and prevention
- Enforcement-layer security policies
- Privacy-preserving techniques
- Private information retrieval
- Search on protected/encrypted data
- Secure auditing
- Secure collaboration
- Secure data provenance
- Secure electronic commerce
- Secure information sharing
- Secure knowledge management
- Secure multiparty computation
- Secure software development
- Securing data/apps on untrusted platforms
- Securing the semantic web
- Security and privacy in GIS/spatial data
- Security and privacy in healthcare
- Security and privacy in the Internet of Things
- Security policies for databases
- Social computing security and privacy
- Social networking security and privacy
- Trust metrics for applications, data, and users
- Usable security and privacy
- Web application security

For more information, please see http://www.codaspy.org/2024/.

January 2024
February 2024

CSF 2024 37th IEEE Computer Security Foundations Symposium, Enschede, Netherlands, July 8-12, 2024. (Submission Due 15 May 2023, 30 September 2023, and 3 February 2024) [posted here 6/5/23]
The Computer Security Foundations Symposium (CSF) is an annual conference for researchers in computer security, to examine current theories of security, the formal models that provide a context for those theories, and techniques for verifying security. It was created in 1988 as a workshop of the IEEE Computer Society's Technical Committee on Security and Privacy, in response to a 1986 essay by Don Good entitled ÒThe Foundations of Computer SecurityÑWe Need Some.Ó The meeting became a ÒsymposiumÓ in 2007, along with a policy for open, increased attendance. Over the past two decades, many seminal papers and techniques have been presented first at CSF. For more details on the history of the symposium, visit CSF's home.

The program includes papers, panels, and a poster session. Topics of interest include access control, information flow, covert channels, cryptographic protocols, database security, language-based security, authorization and trust, verification techniques, integrity and availability models, and broad discussions concerning the role of formal methods in computer security and the nature of foundational research in this area.

For more information, please see https://csf2024.ieee-security.org.

USENIX Security 2024 33rd USENIX Security Symposium, Philadelphia, PA, USA, August 14-16, 2024. (Submission Due 6 June 2023, 17 October 2023, and 8 February 2024) [posted here 1/28/23]
The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the security and privacy of computer systems and networks. The Call for Papers will be available soon.

For more information, please see https://www.usenix.org/conference/usenixsecurity24.

PETS 2024 24th Privacy Enhancing Technologies Symposium (PETS 2024) Bristol, UK and Online, July 15-20, 2024. (Submission Due 31 May 2023, 31 August 2023, 30 November 2023, and 28 February 2024) [posted here 6/5/23]
The annual Privacy Enhancing Technologies Symposium (PETS) brings together experts from around the world to present and discuss recent advances and new perspectives on research in privacy technologies. The 24th PETS will be a hybrid event with a physical gathering held in Bristol, UK and a concurrent virtual event. Papers undergo a journal-style reviewing process, and accepted papers are published in the journal Proceedings on Privacy Enhancing Technologies (PoPETs). Authors of accepted papers are encouraged to attend and present at the physical event, where their presentations can be recorded for the virtual event and where they can participate directly in in-person research, technical, and social activities. However, in-person attendance is not required for publication in the proceedings. We will carefully monitor the COVID-19 situation, and may change the organization of the event as necessary. PoPETs, a scholarly, open-access journal for research papers on privacy, provides high-quality reviewing and publication while also supporting the successful PETS community event. PoPETs is self-published and does not have article processing charges (APCs) or article submission charges.

For more information, please see https://asiaccs2024.sutd.edu.sg/cfp/.

Archival Journals Regularly Specializing in Security and Privacy

Journal of Privacy Technology (JOPT),   Editor-in-Chief:  Latanya Sweeney
This online-only Journal, started in 2004 and  operated by Carnegie Mellon University, is a forum for the publication of original current research in privacy technology. It encourages the submission of any material dealing primarily with the technological aspects of privacy or with the privacy aspects of technology, which may include analysis of the interaction between policy and technology or the technological implications of legal decisions.  More information can be found at http://www.jopt.org/.

IEEE Security and Privacy Magazine,   Editor-in-Chief: Shari Lawrence Pfleeger
IEEE Security & Privacy provides a unique combination of research articles, case studies, tutorials, and regular departments covering diverse aspects of information assurance such as legal and ethical issues, privacy concerns, tools to help secure information, analysis of vulnerabilities and attacks, trends and new developments, pedagogical and curricular issues in educating the next generation of security professionals, secure operating systems and applications, security issues in wireless networks, design and test strategies for secure and survivable systems, and cryptology.  More information can be found at http://www.computer.org/portal/web/computingnow/securityandprivacy.

ACM Transactions on Information and System Security,   Editor-in-Chief: Gene Tsudik
ACM invites submissions for its Transactions on Information and System Security, inaugurated in November 1998. TISSEC publishes original archival-quality research papers and technical notes in all areas of information and system security including technologies, systems, applications, and policies. Papers should have practical relevance to the construction, evaluation, application, or operation of secure systems. Theoretical papers will be accepted only if there is convincing argument for the practical significance of the results. Theory must be justified by convincing examples illustrating its application. More information is given on the journal web page at http://www.acm.org/tissec.

IEEE Transactions on Dependable and Secure Computing,   Editor-in-Chief: Ravi Sandhu
The IEEE Transactions on Dependable and Secure Computing publishes archival research results related to research into foundations, methodologies, and mechanisms that support the achievement—through design, modeling, and evaluation—of systems and networks that are dependable and secure to the desired degree without compromising performance. The focus will also include measurement, modeling, and simulation techniques, and foundations for jointly evaluating, verifying, and designing for performance, security, and dependability constraints. More information is given on the journal web page at http://www.computer.org/portal/web/tdsc.

The Springer Series on ADVANCES IN INFORMATION SECURITY
The purpose of the Advances in Information Security book series is to establish the state of the art and set the course for future research in information security. The scope of this series includes not only all aspects of computer, network security, and cryptography, but related areas, such as fault tolerance and software assurance. The series serves as a central source of reference for information security research and developments. The series aims to publish thorough and cohesive overviews on specific topics in Information Security, as well as works that are larger in scope than survey articles and that will contain more detailed background information. The series also provides a single point of coverage of advanced and timely topics and a forum for topics that may not have reached a level of maturity to warrant a comprehensive textbook. Prospective Authors or Editors: If you have an idea for a book that would fit in this series, we would welcome the opportunity to review your proposal. Should you wish to discuss any potential project further or receive specific information regarding book proposal requirements, please contact Professor Sushil Jajodia (jajodia@gmu.edu,703-993-1653).
 
Journal of Computer Security,   Editor-in-Chief: John Mitchell and Pierangela Samarati
JCS is an archival research journal for significant advances in computer security. Subject areas include architecture, operating systems, database systems, networks, authentication, distributed systems, formal models, verification, algorithms, mechanisms, and policies. All papers must be submitted online at http://www.iospress.nl/journal/journal-of-computer-security/. More information is given on the journal web page at http://jcs.stanford.edu/.
 
Computers & Security,   Editor-in-Chief: Eugene H. Spafford
Computers & Security aims to satisfy the needs of managers and experts involved in computer security by providing a blend of research developments, innovations, and practical management advice. Original submissions on all computer security topics are invited, particularly those of practical benefit to the practitioner. All papers must be submitted online at http://ees.elsevier.com/cose/. More information can be found at http://www.elsevier.com/locate/issn/01674048.
 
International Journal of Information Security,   Editors-in-Chief: D. Gollmann; J. Lopez; E. Okamoto
The International Journal of Information Security, IJIS, aims to provide prompt publication of important technical work in information security, attracting any person interested in communications, commerce, banking, medicine, or other areas of endeavor affected by information security. Any research submission on theory, applications, and implementations of information security is welcomed. This includes, but is not limited to, system security, network security, content protection, applications and foundations of information security. More information is given on the journal web page at http://www.springer.com/computer/security+and+cryptology/journal/10207.
 
International Journal of Network Security,   Editors-in-Chief: Min-Shiang Hwang
International Journal of Network Security is an international official journal of Science Publications, publishing original articles, reviews and short communications of a high scientific and technology in network security. Subjects covered include: access control, computer security, cryptography, communications security, data security, database security, electronic commerce security, information security, multimedia security, and network security. Authors are strongly encouraged to submit their papers electronically by using online manuscript submission at http://ijns.nchu.edu.tw/, or submit their Word, ps or pdf file to the editor-in-chief (via Email: mshwang@isrc.nchu.edu.tw): Min-Shiang Hwang, at the Department of Management Information Systems, National Chung Hsing University, Taiwan, R.O.C.  More information can be found at http://ijns.femto.com.tw/.
 
International Journal of Security and Networks,   Editors-in-Chief: Yang Xiao
International Journal of Security and Networks is an archival research journal for significant advances in network security. Subject areas include attack models, security mechanisms, security services, authentication, authorization, access control, multicast security, data confidentiality, data integrity, non-repudiation, forensics, privacy protection, secure protocols, formal analyses, intrusion detection, key management, trust establishment, revocation of malicious parties, security policies, fraudulent usage, dependability and reliability, prevention of traffic analysis, network security performance evaluation, tradeoff analysis between performance and security, security standards, etc. All papers must be submitted online at http://www.inderscience.com/ijsn/. More information is given on the journal web page at http://www.inderscience.com/ijsn/.
 
International Journal of Critical Infrastructure Protection,   Editors-in-Chief: Sujeet Shenoi
International Journal of Critical Infrastructure Protection's primary aim is to publish high quality scientific and policy papers in all areas of critical infrastructure protection. Of particular interest are articles that weave science, technology and policy to craft sophisticated yet practical solutions that will secure information, computer and network assets in the various critical infrastructure sectors. All papers must be submitted online at http://www.elsevier.com/locate/ijcip. More information is given on the journal web page at http://www.elsevier.com/locate/ijcip.
 
IEEE Transactions on Information Forensics and Security,   Editors-in-Chief: C.-C. Jay Kuo
IEEE Transactions on Information Forensics and Security aims to provide a unified locus for archival research on the fundamental contributions and the mathematics behind information forensics, information security, surveillance, and systems applications that incorporate these features. Authors are strongly encouraged to submit their papers electronically to the online manuscript system, Manuscript Central, via sps-ieee.manuscriptcentral.com.  More information can be found at http://www.ieee.org/organizations/society/sp/tifs.html.
 
EURASIP Journal on Information Security,   Editors-in-Chief: Stefan Katzenbeisser
EURASIP Journal on Information Security aims to bring together researchers and practitioners dealing with the general field of information security, with a particular emphasis on the use of signal processing tools in adversarial environments. As such, it addresses all works whereby security is achieved through a combination of techniques from cryptography, computer security, machine learning and multimedia signal processing. Application domains lie, for example, in secure storage, retrieval and tracking of multimedia data, secure outsourcing of computations, forgery detection of multimedia data, or secure use of biometrics. The journal also welcomes survey papers that give the reader a gentle introduction to one of the topics covered as well as papers that report large-scale experimental evaluations of existing techniques. Pure cryptographic papers are outside the scope of the journal. The journal also welcomes proposals for Special Issues. All papers must be submitted online at http://jis.eurasipjournals.com/manuscript.  More information can be found at http://jis.eurasipjournals.com.