Cipher
Calls for Papers



IEEE Computer Society's Technical Committee on Security and Privacy


 

Last Modified:3/25/19

Note: Please send new calls to cipher-cfp@ieee-security.org and take a moment to read the submission guidelines. And please see the Cipher Calendar for events sorted in date order. For all other questions, please contact cipher-cfp@ieee-security.org by email.

Contents

 

Special Issues of Journals and Handbooks


Elsevier Internet of Things, Special Issue on Machine Learning for Security, Privacy and Trust in IoT, (Submission Due 15 April 2019) [posted here 02/25/19]
Guest Editors: Abhishek Parakh (University of Nebraska at Omaha, USA) and Parvathi Chundi (University of Nebraska at Omaha, USA).

Experts predict that there will be 3-4 billions of connected devices in use by consumers by the end of this year. Although these devices in smart TVs, microwave ovens, thermostats, etc., will probably make our lives more energy and cost efficient, they can also threaten the security of our homes. This is because the manufacturers of these devices are primarily interested in functionality and do not focus on securing the device against cyber-attacks, protecting the privacy of consumer information on the device, securing the communications from/to the device, etc. The massive scale and the variety of these devices also make it difficult for the manufacturers to design and implement manageable security and privacy solutions. Another challenge in the IoT world is the continuous collection of data from the devices that is analyzed to make conclusions about the environment being monitored by the IoT devices. The data analyses are also crucial to maintaining the security and privacy of the data being collected from the devices. The massive scale of next-generation IoT systems makes the data collection, analyses, transport, and fusion of the results at the system level seem daunting.

Machine learning (ML) typically automates the creation of analytical models that allow adaptive algorithms to continuously learn from the generated data. The main goal of ML here is the generation of reliable actionable information that can be executed with minimal human intervention. ML powered programs typically monitor network traffic passively building normal patterns for users, devices and controller in the IoT system and then can make intelligent decisions about the threats and intrusion in the network.

This special issue aims to promote discussions of research and relevant activities in the models and design of secure, privacy-preserving, or trust architectures, data analyses and fusion platforms, protocols, algorithms, services, and applications for next generation IoT systems. We especially encourage security and privacy solutions that employ innovative machine learning techniques to tackle the issues of data volume and variety problems that are systemic in IoT platform.

For more information, please see https://www.journals.elsevier.com/internet-of-things/call-for-papers/machine-learning-for-security-privacy-and-trust-in-iot.

Springer Human-centric Computing and Information Sciences, Thematic Issue on Security, trust and privacy for Human-centric Internet of Things, (Submission Due 30 November 2019) [posted here 02/25/19]
Guest Editors: Kim-Kwang Raymond Choo (University of Texas at San Antonio, USA), Uttam Ghosh (Vanderbilt University, USA), Deepak Tosh (University of Texas El Paso, USA), Reza M. Parizi (Kennesaw State University, USA), and Ali Dehghantanha (University of Guelph, Canada).

Cyber-physical system (CPS) integrates both cyber world and man-made physical world using sensors, actuators and other Internet of Things (IoT) devices, to achieve stability, security, reliability, robustness, and efficiency in a tightly coupled environment. Prevalence of such cyber-physical ecosystem (inherently of distributed nature) imposes exacting demands on architect models and necessitates the design of distributed solutions and other novel approaches. This is essential in order to suitably address the security and privacy concerns since CPS ecosystem involves humans as a part of its core. Blockchain technology offers a distributed and scalable solution to maintain a tamper-resistant ledger, which does not require a central authority. Thus, it can best fit the need of distributed solution to above mentioned security issues in CPS. However, the challenge in integrating Blockchain with CPS is yet to be addressed, which requires various cyber-physical nodes to work effectively and collaboratively in an asynchronous environment. The goal of this special issue is to bring together researchers from different sectors to focus on understanding security challenges and attack surfaces of modern cyber-physical systems, and architect innovative solutions with the help of cutting-edge blockchain related technologies. Potential topics include but are not limited to following:
- Blockchain and mobile systems
- Security of transportation system using blockchain
- Use of blockchain to support mobile smart services and applications
- Blockchain in edge and cloud computing
- Blockchain schemes for decentralized secure transaction
- Distributed ledger and consensus schemes for CPS
- Performance optimization of blockchain and decentralized schemes
- Energy aware protocols and blockchain applications
- Fault tolerance and blockchain for CPS
- Decentralized (mobile) processing, computing, and storage infrastructure
- Blockchain for Software-defined networking based CPS
- Cybersecurity, protection, integrity, trust and privacy issues for SDN-based CPS
- Blockchain and smart contracts for CPS security

For more information, please see https://toit.acm.org/pdf/ACM-ToIT-CfP-Decentralized_Blockchain_Applications.pdf.

Conference and Workshop Call-for-papers

March 2019

RAID 2019 International Symposium on Research in Attacks, Intrusions and Defenses, Beijing, China, September 23-25, 2019. (Submissions due 26 March 2019) [posted here 2/18/19]
Since its inception in 1997, the International Symposium on Research in Attacks, Intrusions and Defenses (RAID) has established itself as a venue where leading researchers and practitioners from academia, industry, and the government are given the opportunity to present novel research in a unique venue to an engaged and lively community. This year we are soliciting research papers on topics covering all well-motivated computer security problems. We care about techniques that identify new real-world threats, techniques to prevent them, to detect them, to mitigate them or to assess their prevalence and their consequences. Measurement papers are encouraged, as well as papers offering public access to new tools or datasets, or experience papers that clearly articulate important lessons learned. Specific topics of interest to RAID include, but are not limited to:
- Authentication
- Blockchain Platforms
- Blockchain-based Applications
- Cryptocurrency Analysis
- Data and System Integrity
- Data Protection
- Database Security
- Decentralized Application Development
- Formal Method
- Intrusion Detection
- Smart Contracts
- Trust and Privacy of Applications
- Vulnerability Analysis

For more information, please see http://www.raid-2019.org/callForPapers.html.

AIBlock 2019 1st International Workshop on Application Intelligence and Blockchain Security, Held in Conjunction With ACNS 2019, Bogota, Colombia, Jun 5-7, 2019. (Submissions due 30 March 2019) [posted here 1/21/19]
This workshop attempts to provide a platform for professionals from academia and industry to discuss challenges and potential solutions in this direction. We seek submissions describing either theoretical or practical solutions in relation to application intelligence security and blockchain security. Topics of interest include, but are not limited to:
- Authentication
- Blockchain Platforms
- Blockchain-based Applications
- Cryptocurrency Analysis
- Data and System Integrity
- Data Protection
- Database Security
- Decentralized Application Development
- Formal Method
- Intrusion Detection
- Smart Contracts
- Trust and Privacy of Applications
- Vulnerability Analysis

For more information, please see http://aiblock2019.compute.dtu.dk/.

CLOUDS&P 2019 1st Workshop on Cloud Security and Privacy, Bogota, Colombia, June 5-7, 2019. (Submissions due 30 March 2019) [posted here 1/28/19]
Cloud computing is emerging as a promising IT solution for enabling ubiquitous, convenient, and on-demand accesses to a shared pool of configurable computing resources. However, the widespread adoption of cloud is still being hindered by various serious security and privacy concerns. CLOUD S&P aims to provide a platform for researchers and practitioners to present and discuss a wide-range of security and privacy issues and their solutions to ensure better protection in a cloud ecosystem. This workshop invites submissions on new attacks and solutions on various cloud-centric technologies, as well as short surveys and case studies that shed light on the security implications of clouds.

For more information, please see http://cloudsp2019.encs.concordia.ca.

TrustData 2019 10th International Workshop on Trust, Security and Privacy for Big Data, Atlanta, USA, July 14-17, 2019. (Submission Due 31 March 2019) [posted here 12/17/18]
The proliferation of new technologies such as Internet of Things and cloud computing calls for innovative ideas to retrieve, filter, and integrate data from a large number of diverse data sources. Big Data is an emerging paradigm applied to datasets whose volume/velocity/variability is beyond the ability of commonly used software tools to manage and process the data within a tolerable period of time. More importantly, Big Data has to be of high value, and should be protected in an efficient way. Since Big Data involves a huge amount of data that is of high-dimensionality and inter-linkage, existing trust, security, and privacy measures for traditional databases and infrastructures cannot satisfy its requirements. Novel technologies for protecting Big Data are attracting researchers and practitioners with more and more attention. The 10th International Workshop on Trust, Security and Privacy for Big Data (TrustData 2019) aims to bring together people from both academia and industry to present their most recent work related to trust, security and privacy issues in Big Data, and exchange ideas and thoughts in order to identify emerging research topics and define the future of Big Data.

For more information, please see http://www.spaccs.org/trustdata2019/.

April 2019

SP 2020 41st IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 18-20, 2020. (Submission Due first day of each month) [posted here 06/12/17]
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
- Access control and authorization
- Anonymity
- Application security
- Attacks and defenses
- Authentication
- Blockchains and distributed ledger security
- Censorship resistance
- Cloud security
- Cyber physical systems security
- Distributed systems security
- Economics of security and privacy
- Embedded systems security
- Forensics
- Hardware security
- Intrusion detection and prevention
- Malware and unwanted software
- Mobile and Web security and privacy
- Language-based security
- Machine learning and AI security
- Network and systems security
- Privacy technologies and mechanisms
- Protocol security
- Secure information flow
- Security and privacy for the Internet of Things
- Security and privacy metrics
- Security and privacy policies
- Security architectures
- Usable security and privacy
- Trustworthy computing
- Web security
This topic list is not meant to be exhaustive; S&P is interested in all aspects of computer security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.

Systematization of Knowledge Papers
As in past years, we solicit systematization of knowledge (SoK) papers that evaluate, systematize, and contextualize existing knowledge, as such papers can provide a high value to our community. Suitable papers are those that provide an important new viewpoint on an established, major research area, support or challenge long-held beliefs in such an area with compelling evidence, or present a convincing, comprehensive new taxonomy of such an area. Survey papers without such insights are not appropriate. Submissions will be distinguished by the prefix “SoK:” in the title and a checkbox on the submission form. They will be reviewed by the full PC and held to the same standards as traditional research papers, but they will be accepted based on their treatment of existing work and value to the community, and not based on any new research results they may contain. Accepted papers will be presented at the symposium and included in the proceedings.

Workshops
The Symposium is also soliciting submissions for co-located workshops. Further details on submissions can be found at https://www.ieee-security.org/TC/SP2020/workshops.html.

Ongoing Submissions
To enhance the quality and timeliness of the scientific results presented as part of the Symposium, and to improve the quality of our reviewing process, IEEE S&P now accepts paper submissions 12 times a year, on the first of each month. The detailed process can be found at the conference call-for-papers page.
.
For more information, please see https://www.ieee-security.org/TC/SP2020/cfpapers.html.

Blockchain 2019 IEEE International Conference on Blockchain, Atlanta, GA, USA, July 14-17, 2019. (Submission Due 1 April 2019) [posted here 10/15/18]
The emergence and popularity of blockchain techniques will significantly change the way of digital and networking systems’ operation and management. In the meantime, the application of blockchain will exhibit a variety of complicated problems and new requirements, which brings more open issues and challenges for research communities. The goal of this conference is to promote community-wide discussion identifying the advanced applications, technologies and theories for blockchain. We seek submissions of papers that invent novel techniques, investigate new applications, introduce advanced methodologies, propose promising research directions and discuss approaches for unsolved issues.

For more information, please see http://www.blockchain-ieee.org/.

IWSEC 2019 14th International Workshop on Security, Tokyo, Japan, August 28-30, 2019. (Submission Due 2 April 2019) [posted here 3/18/19]
Original papers on the research and development of various security topics, as well as case studies and implementation experiences, are solicited for submission to IWSEC 2019. Topics of interest for IWSEC 2019 include all theory and practice of cryptography, information security, and network security, as in previous IWSEC workshops.

For more information, please see https://www.iwsec.org/2019/.

ISC 2019 22nd Information Security Conference, New York, NY, USA, September 16-18, 2019. (Submission Due 5 April 2019) [posted here 2/11/19]
The Information Security Conference (ISC) is an annual international conference covering research in theory and applications of Information Security. ISC aims to attract high quality papers in all technical aspects of information security. This includes submissions from academia, industry and government on traditional as well as emerging topics and new paradigms in these areas, with a clear connection to real-world problems, systems, or applications. Papers on all technical aspects of information security and privacy are solicited for submission.

For more information, please see https://isc2019.cs.stonybrook.edu/.

GraMSec 2019 International Workshop on Graphical Models for Security, Co-located with CSF 2019 Hoboken, NJ, USA, June 24, 2019. (Submission Due 5 April 2019) [posted here 3/4/19]
The use of graphical security models to represent and analyse the security of systems has gained an increasing research attention over the last two decades. Formal methods and computer security researchers, as well as security professionals from the industry and government, have proposed various graphical security models, metrics, and measurements. Graphical models are used to capture different security facets and address a range of challenges including security assessment, automated defence, secure services composition, security policy validation, and verification. For example, attack graphs, attack trees, attack-defence trees, and attack countermeasure trees represent possible ways of attacking and defending a system while misuse cases and mal-activity diagrams capture threats and abusive behaviour of users. This year, we encourage excellent submissions related, but not restricted, to the following broad headings:
- Graph representations: mathematical, conceptual, and implemented tools for describing and reasoning about security
- Logical approaches: formal logical tools for representing and reasoning about graphs and their use as modelling tools in security
- Machine learning: modelling and reasoning about the role of big data and machine learning in security operations
- Networks in national security: terrorist networks, counter-terrorism networks; safety in national infrastructure (e.g., utilities and transportation)
- Risk analysis and management: models of risk management in business and organizational architectures
- Social networks: using and reasoning about social graphs, network analysis, network protocols, social mapping, sociometry. Preference will be given to papers likely to stimulate high-quality debate at the Workshop.

For more information, please see http://gramsec.uni.lu.

SecDev 2019 IEEE Secure Development Conference, McLean, VA, USA, September 25-27, 2019. (Submission Due 8 April 2019) [posted here 3/11/19]
SecDev is a venue for presenting ideas, research, and experience about how to develop secure systems. It focuses on theory, techniques, and tools to "build security in" to existing and new computing systems. SecDev aims to bridge the gap between constructive security research and practice and to enable real-world impact of security research in the long run. Developers have valuable experiences and ideas that can inform academic research, and researchers have concepts, studies, and even code and tools that could benefit developers. We solicit research papers, position papers, systematization of knowledge papers, and "best practice" papers. All submissions should present novel results, provide novel perspectives and insights, or present new evidence about existing insights or techniques. SecDev also seeks hands-on and interactive tutorials on processes, frameworks, languages, and tools for building security in as well as posters and tool demos, and abstracts from practitioners to share their practical experiences and challenges in secure development. Areas of interest include (but are not limited to):
- Security-focused system designs (HW/SW/architecture)
- Tools and methodology for secure code development
- Risk management and testing strategies to improve security
- Security engineering processes, from requirements to maintenance
- Programming languages, development tools, and ecosystems supporting security
- Static program analysis for software security
- Dynamic analysis and runtime approaches for software security
- Automation of programming, deployment, and maintenance tasks for security
- Distributed systems design and implementation for security
- Privacy by design
- Human-centered design for systems security
- Formal verification and other high-assurance methods for security
- Code reviews, red teams, and other human-centered assurance

For more information, please see https://secdev.ieee.org/.

SecureComm 2019 15th EAI International Conference on Security and Privacy in Communication Networks, Orlando, FL, USA, October 23-25, 2019. (Submission Due 16 April 2019) [posted here 2/25/19]
SecureComm seeks high-quality research contributions, which have not been previously published or in parallel submission to another conference or journal. Topics of interest encompass research advances in ALL areas of secure communications and networking. Topics in other areas (e.g., formal methods, database security, secure software, theoretical cryptography) will be considered only if a clear connection to private or secure communication/networking is demonstrated.

For more information, please see http://securecomm.org.

ESORICS 2019 24th European Symposium on Research in Computer Security, Luxembourg, September 23-27, 2019. (Submissions due 22 April 2019) [posted here 1/21/19]
ESORICS is the annual European research event in Computer Security. The Symposium started in 1990 and has been held in several European countries, attracting a wide international audience from both the academic and industrial communities. Papers offering novel research contributions in computer security are solicited for submission to the 2019 Symposium, to be held in Luxembourg. The primary focus is on original, high quality, unpublished research and implementation experiences. We encourage submissions of papers discussing industrial research and development. Topics of interest include, but are not limited to:
- access control
- accountability
- ad hoc networks
- anonymity
- applied cryptography
- authentication
- biometrics
- blockchain and finance security
- data and computation integrity
- database security
- data protection
- deep learning for attack and defense
- digital content protection
- digital forensics
- distributed systems security
- embedded systems security
- inference control
- information hiding
- identity management
- information flow control
- information security governance and management
- intrusion detection
- formal security methods
- language-based security
- network security
- phishing and spam prevention
- privacy
- privacy preserving data mining
- risk analysis and management
- secure electronic voting
- security architectures
- security economics
- security metrics
- security models
- security and privacy for big data
- security and privacy in cloud scenarios
- security and privacy in complex systems
- security and privacy in content centric networking
- security and privacy in crowdsourcing
- security and privacy in the IoT
- security and privacy in location services
- security and privacy for mobile code
- security and privacy in pervasive / ubiquitous computing
- security and privacy policies
- security and privacy in social networks
- security and privacy in web services
- security and privacy in cyber-physical systems
- security, privacy and resilience in critical infrastructures
- security verification
- software security
- systems security
- trust models and management
- trustworthy user devices
- usable security and privacy
- web security
- wireless security

For more information, please see https://esorics2019.uni.lu.

CRITIS 2019 14th International Conference on Critical Information Infrastructures Security, Linkoping, Sweden, September 23-25, 2019. (Submission Due 30 April 2019) [posted here 3/11/19]
CRITIS 2019 aims at bringing together researchers, professionals from academia, critical (information) infrastructure operators, industry, defence sector and governmental organisations working in the field of the security of critical (information) infrastructure systems. Moreover, CRITIS aims to encourage and inspire early stage and open-minded researchers in this demanding multi-disciplinary field of research. Outstanding research performance demonstrated by young researchers may compete for the Young CRITIS Award (YCA). The Projects' Dissemination Session will be an opportunity of dissemination for ongoing European, multinational, and national projects, to share the experiences among scientist and experts working on different projects in the C(I)IP domain.

For more information, please see https://critis2019.on.liu.se/.

May 2019

SP 2020 41st IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 18-20, 2020. (Submission Due first day of each month) [posted here 06/12/17]
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
- Access control and authorization
- Anonymity
- Application security
- Attacks and defenses
- Authentication
- Blockchains and distributed ledger security
- Censorship resistance
- Cloud security
- Cyber physical systems security
- Distributed systems security
- Economics of security and privacy
- Embedded systems security
- Forensics
- Hardware security
- Intrusion detection and prevention
- Malware and unwanted software
- Mobile and Web security and privacy
- Language-based security
- Machine learning and AI security
- Network and systems security
- Privacy technologies and mechanisms
- Protocol security
- Secure information flow
- Security and privacy for the Internet of Things
- Security and privacy metrics
- Security and privacy policies
- Security architectures
- Usable security and privacy
- Trustworthy computing
- Web security
This topic list is not meant to be exhaustive; S&P is interested in all aspects of computer security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.

Systematization of Knowledge Papers
As in past years, we solicit systematization of knowledge (SoK) papers that evaluate, systematize, and contextualize existing knowledge, as such papers can provide a high value to our community. Suitable papers are those that provide an important new viewpoint on an established, major research area, support or challenge long-held beliefs in such an area with compelling evidence, or present a convincing, comprehensive new taxonomy of such an area. Survey papers without such insights are not appropriate. Submissions will be distinguished by the prefix “SoK:” in the title and a checkbox on the submission form. They will be reviewed by the full PC and held to the same standards as traditional research papers, but they will be accepted based on their treatment of existing work and value to the community, and not based on any new research results they may contain. Accepted papers will be presented at the symposium and included in the proceedings.

Workshops
The Symposium is also soliciting submissions for co-located workshops. Further details on submissions can be found at https://www.ieee-security.org/TC/SP2020/workshops.html.

Ongoing Submissions
To enhance the quality and timeliness of the scientific results presented as part of the Symposium, and to improve the quality of our reviewing process, IEEE S&P now accepts paper submissions 12 times a year, on the first of each month. The detailed process can be found at the conference call-for-papers page.
.
For more information, please see https://www.ieee-security.org/TC/SP2020/cfpapers.html.

SciSec 2019 2nd International Conference on Science of Cyber Security, Nanjing, China, August 9-11, 2019. (Submission Due 1 May 2019) [posted here 3/18/19]
The conference solicits high-quality, original research papers that can justifiably help achieve the ultimate Science of Cyber Security. The conference is organized by the Nanjing University of Posts and Telecommunications. This new forum aims to catalyze the research collaborations between the relevant communities and disciplines that can work together to deepen our understanding of, and build a firm foundation for, the emerging Science of Cyber Security. Publications in this venue would distinguish themselves from others by taking or thinking from a holistic perspective about cyber security, rather than the building-block perspective.

For more information, please see http://www.sci-cs.net.

ACM-CCS 2019 26th ACM Conference on Computer and Communications Security, London, United Kingdom, November 11-15, 2019. (Submission Due 31 January 2019, 15 May 2019, 1 September 2019) [posted here 11/12/18]
The ACM Conference on Computer and Communications Security (CCS) is the flagship annual conference of the Special Interest Group on Security, Audit and Control (SIGSAC) of the Association for Computing Machinery (ACM). The conference brings together information security researchers, practitioners, developers, and users from all over the world to explore cutting-edge ideas and results. It provides an environment to conduct intellectual discussions. From its inception, CCS has established itself as a high standard research conference in its area. The Conference on Computer and Communications Security (CCS) seeks submissions presenting novel contributions related to all real-world aspects of computer security and privacy. Theoretical papers must make a convincing case for the relevance of their results to practice. Authors are encouraged to write the abstract and introduction of their paper in a way that makes the results accessible and compelling to a general computer-security researcher. In particular, authors should bear in mind that anyone on the program committee may be asked to give an opinion about any paper.

IMPORTANT: CCS will have three review cycles in 2019: the first with a submission deadline of January 31, the second with a submission deadline of May 15, and the third with a tentative submission deadline of September 1. The third review cycle is only for papers invited for resubmission from the first two cycles; no new submissions will be considered. Papers rejected from the first review cycle may not be submitted again (even in revised form) to the second review cycle.

For more information, please see http://www.sigsac.org/ccs/CCS2019/.

June 2019

SP 2020 41st IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 18-20, 2020. (Submission Due first day of each month) [posted here 06/12/17]
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
- Access control and authorization
- Anonymity
- Application security
- Attacks and defenses
- Authentication
- Blockchains and distributed ledger security
- Censorship resistance
- Cloud security
- Cyber physical systems security
- Distributed systems security
- Economics of security and privacy
- Embedded systems security
- Forensics
- Hardware security
- Intrusion detection and prevention
- Malware and unwanted software
- Mobile and Web security and privacy
- Language-based security
- Machine learning and AI security
- Network and systems security
- Privacy technologies and mechanisms
- Protocol security
- Secure information flow
- Security and privacy for the Internet of Things
- Security and privacy metrics
- Security and privacy policies
- Security architectures
- Usable security and privacy
- Trustworthy computing
- Web security
This topic list is not meant to be exhaustive; S&P is interested in all aspects of computer security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.

Systematization of Knowledge Papers
As in past years, we solicit systematization of knowledge (SoK) papers that evaluate, systematize, and contextualize existing knowledge, as such papers can provide a high value to our community. Suitable papers are those that provide an important new viewpoint on an established, major research area, support or challenge long-held beliefs in such an area with compelling evidence, or present a convincing, comprehensive new taxonomy of such an area. Survey papers without such insights are not appropriate. Submissions will be distinguished by the prefix “SoK:” in the title and a checkbox on the submission form. They will be reviewed by the full PC and held to the same standards as traditional research papers, but they will be accepted based on their treatment of existing work and value to the community, and not based on any new research results they may contain. Accepted papers will be presented at the symposium and included in the proceedings.

Workshops
The Symposium is also soliciting submissions for co-located workshops. Further details on submissions can be found at https://www.ieee-security.org/TC/SP2020/workshops.html.

Ongoing Submissions
To enhance the quality and timeliness of the scientific results presented as part of the Symposium, and to improve the quality of our reviewing process, IEEE S&P now accepts paper submissions 12 times a year, on the first of each month. The detailed process can be found at the conference call-for-papers page.
.
For more information, please see https://www.ieee-security.org/TC/SP2020/cfpapers.html.

July 2019

SP 2020 41st IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 18-20, 2020. (Submission Due first day of each month) [posted here 06/12/17]
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
- Access control and authorization
- Anonymity
- Application security
- Attacks and defenses
- Authentication
- Blockchains and distributed ledger security
- Censorship resistance
- Cloud security
- Cyber physical systems security
- Distributed systems security
- Economics of security and privacy
- Embedded systems security
- Forensics
- Hardware security
- Intrusion detection and prevention
- Malware and unwanted software
- Mobile and Web security and privacy
- Language-based security
- Machine learning and AI security
- Network and systems security
- Privacy technologies and mechanisms
- Protocol security
- Secure information flow
- Security and privacy for the Internet of Things
- Security and privacy metrics
- Security and privacy policies
- Security architectures
- Usable security and privacy
- Trustworthy computing
- Web security
This topic list is not meant to be exhaustive; S&P is interested in all aspects of computer security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.

Systematization of Knowledge Papers
As in past years, we solicit systematization of knowledge (SoK) papers that evaluate, systematize, and contextualize existing knowledge, as such papers can provide a high value to our community. Suitable papers are those that provide an important new viewpoint on an established, major research area, support or challenge long-held beliefs in such an area with compelling evidence, or present a convincing, comprehensive new taxonomy of such an area. Survey papers without such insights are not appropriate. Submissions will be distinguished by the prefix “SoK:” in the title and a checkbox on the submission form. They will be reviewed by the full PC and held to the same standards as traditional research papers, but they will be accepted based on their treatment of existing work and value to the community, and not based on any new research results they may contain. Accepted papers will be presented at the symposium and included in the proceedings.

Workshops
The Symposium is also soliciting submissions for co-located workshops. Further details on submissions can be found at https://www.ieee-security.org/TC/SP2020/workshops.html.

Ongoing Submissions
To enhance the quality and timeliness of the scientific results presented as part of the Symposium, and to improve the quality of our reviewing process, IEEE S&P now accepts paper submissions 12 times a year, on the first of each month. The detailed process can be found at the conference call-for-papers page.
.
For more information, please see https://www.ieee-security.org/TC/SP2020/cfpapers.html.

August 2019

SP 2020 41st IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 18-20, 2020. (Submission Due first day of each month) [posted here 06/12/17]
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
- Access control and authorization
- Anonymity
- Application security
- Attacks and defenses
- Authentication
- Blockchains and distributed ledger security
- Censorship resistance
- Cloud security
- Cyber physical systems security
- Distributed systems security
- Economics of security and privacy
- Embedded systems security
- Forensics
- Hardware security
- Intrusion detection and prevention
- Malware and unwanted software
- Mobile and Web security and privacy
- Language-based security
- Machine learning and AI security
- Network and systems security
- Privacy technologies and mechanisms
- Protocol security
- Secure information flow
- Security and privacy for the Internet of Things
- Security and privacy metrics
- Security and privacy policies
- Security architectures
- Usable security and privacy
- Trustworthy computing
- Web security
This topic list is not meant to be exhaustive; S&P is interested in all aspects of computer security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.

Systematization of Knowledge Papers
As in past years, we solicit systematization of knowledge (SoK) papers that evaluate, systematize, and contextualize existing knowledge, as such papers can provide a high value to our community. Suitable papers are those that provide an important new viewpoint on an established, major research area, support or challenge long-held beliefs in such an area with compelling evidence, or present a convincing, comprehensive new taxonomy of such an area. Survey papers without such insights are not appropriate. Submissions will be distinguished by the prefix “SoK:” in the title and a checkbox on the submission form. They will be reviewed by the full PC and held to the same standards as traditional research papers, but they will be accepted based on their treatment of existing work and value to the community, and not based on any new research results they may contain. Accepted papers will be presented at the symposium and included in the proceedings.

Workshops
The Symposium is also soliciting submissions for co-located workshops. Further details on submissions can be found at https://www.ieee-security.org/TC/SP2020/workshops.html.

Ongoing Submissions
To enhance the quality and timeliness of the scientific results presented as part of the Symposium, and to improve the quality of our reviewing process, IEEE S&P now accepts paper submissions 12 times a year, on the first of each month. The detailed process can be found at the conference call-for-papers page.
.
For more information, please see https://www.ieee-security.org/TC/SP2020/cfpapers.html.

September 2019

SP 2020 41st IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 18-20, 2020. (Submission Due first day of each month) [posted here 06/12/17]
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
- Access control and authorization
- Anonymity
- Application security
- Attacks and defenses
- Authentication
- Blockchains and distributed ledger security
- Censorship resistance
- Cloud security
- Cyber physical systems security
- Distributed systems security
- Economics of security and privacy
- Embedded systems security
- Forensics
- Hardware security
- Intrusion detection and prevention
- Malware and unwanted software
- Mobile and Web security and privacy
- Language-based security
- Machine learning and AI security
- Network and systems security
- Privacy technologies and mechanisms
- Protocol security
- Secure information flow
- Security and privacy for the Internet of Things
- Security and privacy metrics
- Security and privacy policies
- Security architectures
- Usable security and privacy
- Trustworthy computing
- Web security
This topic list is not meant to be exhaustive; S&P is interested in all aspects of computer security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.

Systematization of Knowledge Papers
As in past years, we solicit systematization of knowledge (SoK) papers that evaluate, systematize, and contextualize existing knowledge, as such papers can provide a high value to our community. Suitable papers are those that provide an important new viewpoint on an established, major research area, support or challenge long-held beliefs in such an area with compelling evidence, or present a convincing, comprehensive new taxonomy of such an area. Survey papers without such insights are not appropriate. Submissions will be distinguished by the prefix “SoK:” in the title and a checkbox on the submission form. They will be reviewed by the full PC and held to the same standards as traditional research papers, but they will be accepted based on their treatment of existing work and value to the community, and not based on any new research results they may contain. Accepted papers will be presented at the symposium and included in the proceedings.

Workshops
The Symposium is also soliciting submissions for co-located workshops. Further details on submissions can be found at https://www.ieee-security.org/TC/SP2020/workshops.html.

Ongoing Submissions
To enhance the quality and timeliness of the scientific results presented as part of the Symposium, and to improve the quality of our reviewing process, IEEE S&P now accepts paper submissions 12 times a year, on the first of each month. The detailed process can be found at the conference call-for-papers page.
.
For more information, please see https://www.ieee-security.org/TC/SP2020/cfpapers.html.

Archival Journals Regularly Specializing in Security and Privacy

Journal of Privacy Technology (JOPT),   Editor-in-Chief:  Latanya Sweeney
This online-only Journal, started in 2004 and  operated by Carnegie Mellon University, is a forum for the publication of original current research in privacy technology. It encourages the submission of any material dealing primarily with the technological aspects of privacy or with the privacy aspects of technology, which may include analysis of the interaction between policy and technology or the technological implications of legal decisions.  More information can be found at http://www.jopt.org/.

IEEE Security and Privacy Magazine,   Editor-in-Chief: Shari Lawrence Pfleeger
IEEE Security & Privacy provides a unique combination of research articles, case studies, tutorials, and regular departments covering diverse aspects of information assurance such as legal and ethical issues, privacy concerns, tools to help secure information, analysis of vulnerabilities and attacks, trends and new developments, pedagogical and curricular issues in educating the next generation of security professionals, secure operating systems and applications, security issues in wireless networks, design and test strategies for secure and survivable systems, and cryptology.  More information can be found at http://www.computer.org/portal/web/computingnow/securityandprivacy.

ACM Transactions on Information and System Security,   Editor-in-Chief: Gene Tsudik
ACM invites submissions for its Transactions on Information and System Security, inaugurated in November 1998. TISSEC publishes original archival-quality research papers and technical notes in all areas of information and system security including technologies, systems, applications, and policies. Papers should have practical relevance to the construction, evaluation, application, or operation of secure systems. Theoretical papers will be accepted only if there is convincing argument for the practical significance of the results. Theory must be justified by convincing examples illustrating its application. More information is given on the journal web page at http://www.acm.org/tissec.

IEEE Transactions on Dependable and Secure Computing,   Editor-in-Chief: Ravi Sandhu
The IEEE Transactions on Dependable and Secure Computing publishes archival research results related to research into foundations, methodologies, and mechanisms that support the achievement—through design, modeling, and evaluation—of systems and networks that are dependable and secure to the desired degree without compromising performance. The focus will also include measurement, modeling, and simulation techniques, and foundations for jointly evaluating, verifying, and designing for performance, security, and dependability constraints. More information is given on the journal web page at http://www.computer.org/portal/web/tdsc.

The Springer Series on ADVANCES IN INFORMATION SECURITY
The purpose of the Advances in Information Security book series is to establish the state of the art and set the course for future research in information security. The scope of this series includes not only all aspects of computer, network security, and cryptography, but related areas, such as fault tolerance and software assurance. The series serves as a central source of reference for information security research and developments. The series aims to publish thorough and cohesive overviews on specific topics in Information Security, as well as works that are larger in scope than survey articles and that will contain more detailed background information. The series also provides a single point of coverage of advanced and timely topics and a forum for topics that may not have reached a level of maturity to warrant a comprehensive textbook. Prospective Authors or Editors: If you have an idea for a book that would fit in this series, we would welcome the opportunity to review your proposal. Should you wish to discuss any potential project further or receive specific information regarding book proposal requirements, please contact Professor Sushil Jajodia (jajodia@gmu.edu,703-993-1653).
 
Journal of Computer Security,   Editor-in-Chief: John Mitchell and Pierangela Samarati
JCS is an archival research journal for significant advances in computer security. Subject areas include architecture, operating systems, database systems, networks, authentication, distributed systems, formal models, verification, algorithms, mechanisms, and policies. All papers must be submitted online at http://www.iospress.nl/journal/journal-of-computer-security/. More information is given on the journal web page at http://jcs.stanford.edu/.
 
Computers & Security,   Editor-in-Chief: Eugene H. Spafford
Computers & Security aims to satisfy the needs of managers and experts involved in computer security by providing a blend of research developments, innovations, and practical management advice. Original submissions on all computer security topics are invited, particularly those of practical benefit to the practitioner. All papers must be submitted online at http://ees.elsevier.com/cose/. More information can be found at http://www.elsevier.com/locate/issn/01674048.
 
International Journal of Information Security,   Editors-in-Chief: D. Gollmann; J. Lopez; E. Okamoto
The International Journal of Information Security, IJIS, aims to provide prompt publication of important technical work in information security, attracting any person interested in communications, commerce, banking, medicine, or other areas of endeavor affected by information security. Any research submission on theory, applications, and implementations of information security is welcomed. This includes, but is not limited to, system security, network security, content protection, applications and foundations of information security. More information is given on the journal web page at http://www.springer.com/computer/security+and+cryptology/journal/10207.
 
International Journal of Network Security,   Editors-in-Chief: Min-Shiang Hwang
International Journal of Network Security is an international official journal of Science Publications, publishing original articles, reviews and short communications of a high scientific and technology in network security. Subjects covered include: access control, computer security, cryptography, communications security, data security, database security, electronic commerce security, information security, multimedia security, and network security. Authors are strongly encouraged to submit their papers electronically by using online manuscript submission at http://ijns.nchu.edu.tw/, or submit their Word, ps or pdf file to the editor-in-chief (via Email: mshwang@isrc.nchu.edu.tw): Min-Shiang Hwang, at the Department of Management Information Systems, National Chung Hsing University, Taiwan, R.O.C.  More information can be found at http://ijns.femto.com.tw/.
 
International Journal of Security and Networks,   Editors-in-Chief: Yang Xiao
International Journal of Security and Networks is an archival research journal for significant advances in network security. Subject areas include attack models, security mechanisms, security services, authentication, authorization, access control, multicast security, data confidentiality, data integrity, non-repudiation, forensics, privacy protection, secure protocols, formal analyses, intrusion detection, key management, trust establishment, revocation of malicious parties, security policies, fraudulent usage, dependability and reliability, prevention of traffic analysis, network security performance evaluation, tradeoff analysis between performance and security, security standards, etc. All papers must be submitted online at http://www.inderscience.com/ijsn/. More information is given on the journal web page at http://www.inderscience.com/ijsn/.
 
International Journal of Critical Infrastructure Protection,   Editors-in-Chief: Sujeet Shenoi
International Journal of Critical Infrastructure Protection's primary aim is to publish high quality scientific and policy papers in all areas of critical infrastructure protection. Of particular interest are articles that weave science, technology and policy to craft sophisticated yet practical solutions that will secure information, computer and network assets in the various critical infrastructure sectors. All papers must be submitted online at http://www.elsevier.com/locate/ijcip. More information is given on the journal web page at http://www.elsevier.com/locate/ijcip.
 
IEEE Transactions on Information Forensics and Security,   Editors-in-Chief: C.-C. Jay Kuo
IEEE Transactions on Information Forensics and Security aims to provide a unified locus for archival research on the fundamental contributions and the mathematics behind information forensics, information security, surveillance, and systems applications that incorporate these features. Authors are strongly encouraged to submit their papers electronically to the online manuscript system, Manuscript Central, via sps-ieee.manuscriptcentral.com.  More information can be found at http://www.ieee.org/organizations/society/sp/tifs.html.
 
EURASIP Journal on Information Security,   Editors-in-Chief: Stefan Katzenbeisser
EURASIP Journal on Information Security aims to bring together researchers and practitioners dealing with the general field of information security, with a particular emphasis on the use of signal processing tools in adversarial environments. As such, it addresses all works whereby security is achieved through a combination of techniques from cryptography, computer security, machine learning and multimedia signal processing. Application domains lie, for example, in secure storage, retrieval and tracking of multimedia data, secure outsourcing of computations, forgery detection of multimedia data, or secure use of biometrics. The journal also welcomes survey papers that give the reader a gentle introduction to one of the topics covered as well as papers that report large-scale experimental evaluations of existing techniques. Pure cryptographic papers are outside the scope of the journal. The journal also welcomes proposals for Special Issues. All papers must be submitted online at http://jis.eurasipjournals.com/manuscript.  More information can be found at http://jis.eurasipjournals.com.