Cipher Upcoming Conferences
Calls for Papers

IEEE Computer Society's Technical Committee on Security and Privacy


Calls for Papers

Last Modified:3/22/21

Upcoming Conferences and Workshops

Note: The submission date has passed.

March 2021

CODASPY 2021 11th ACM Conference on Data and Application Security and Privacy, Baltimore-Washington, DC Area, USA, March 22-24, 2021. [posted here 8/1/20]
Data and applications security and privacy has rapidly expanded as a research field with many important challenges to be addressed. The goal of the ACM Conference on Data and Applications Security (CODASPY) is to discuss novel, exciting research topics in data and application security and privacy, and to lay out directions for further research and development in this area. The conference seeks submissions from diverse communities, including corporate and academic researchers, open-source projects, standardization bodies, governments, system and security administrators, software engineers and application domain experts. Topics of interest include, but are not limited to:
- Application-layer security policies
- Access control for applications
- Access control for databases
- Data-dissemination controls
- Data forensics
- Data leak detection and prevention
- Enforcement-layer security policies
- Privacy-preserving techniques
- Private information retrieval
- Search on protected/encrypted data
- Secure auditing
- Secure collaboration
- Secure data provenance
- Secure electronic commerce
- Secure information sharing
- Secure knowledge management
- Secure multiparty computation
- Secure software development
- Securing data/apps on untrusted platforms
- Securing the semantic web
- Security and privacy in GIS/spatial data
- Security and privacy in healthcare
- Security and privacy in the Internet of Things
- Security policies for databases
- Social computing security and privacy
- Social networking security and privacy
- Trust metrics for applications, data, and users
- Usable security and privacy
- Web application security

For more information, please see

April 2021
May 2021

IEEE SP/SPW 2021 IEEE Security and Privacy Workshops, Held in conjunction with the 42nd IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 23-27, 2021. (Workshop Proposal Submission Due 2 October 2020) [posted here 9/7/20]
There will be some interaction in deciding upon and setting up a workshop, but the initial proposal should already contain a considerable amount of information. A workshop proposal template is available online at the IEEE S&P ÒCall for WorkshopsÓ website (, providing instructions and a more detailed description of information to include in proposals:
- Workshop organizers
- Workshop length
- Technical proposal
- Topics to be addressed
- Importance of these topics
- Preliminary call for papers/posters/contributions
- Preliminary program committee
- Proposed review process
- Expected number of participants
- Publication policy
- Workshop planning schedule
- Publicity plan
- Special meeting logistics requirements

For more information, please see

SP 2021 42nd IEEE Symposium on Security and Privacy, Virtual (San Francisco, CA, USA), May 23-27, 2021. (Submission Due 5 March 2020, 4 June 2020, 3 September 2020, and 3 December 2020) [posted here 5/25/20]
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
- Access control and
- Anonymity
- Application security
- Attacks and defenses
- Authentication
- Blockchains and distributed ledger security
- Censorship resistance
- Cloud security
- Cyber physical systems security
- Distributed systems security
- Economics of security and privacy
- Embedded systems security
- Forensics
- Hardware security
- Intrusion detection and prevention
- Malware and unwanted software
- Mobile and Web security and privacy
- Language-based security
- Machine learning and AI security
- Network and systems security
- Privacy technologies and mechanisms
- Protocol security
- Secure information flow
- Security and privacy for the Internet of Things
- Security and privacy metrics
- Security and privacy policies
- Security architectures
- Usable security and privacy
- Trustworthy computing
- Web security

This topic list is not meant to be exhaustive; SP is interested in all aspects of computer security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.

Systematization of Knowledge Papers: As in past years, we solicit systematization of knowledge (SoK) papers that evaluate, systematize, and contextualize existing knowledge, as such papers can provide a high value to our community. Suitable papers are those that provide an important new viewpoint on an established, major research area, support or challenge long-held beliefs in such an area with compelling evidence, or present a convincing, comprehensive new taxonomy of such an area. Survey papers without such insights are not appropriate and may be rejected without full review. Submissions will be distinguished by the prefix “SoK:” in the title and a checkbox on the submission form. They will be reviewed by the full PC and held to the same standards as traditional research papers, but they will be accepted based on their treatment of existing work and value to the community, and not based on any new research results they may contain. Accepted papers will be presented at the symposium and included in the proceedings.

Quarterly Submissions: Based on the experience in the past two years, the reviewing process for IEEE SP is changed to a quarterly submission model. Within 2.5 months of submission, author notifications of Accept/Revise/Reject decisions will be sent out. For each submission, one of the following decisions will be made:

  • Accept: Papers in this category will be accepted for publication in the proceedings and presentation at the conference, possibly after making minor changes with the oversight of a shepherd. Within one month of acceptance, all accepted papers must submit a camera-ready copy incorporating reviewer feedback. The papers will immediately be published, open access, in the Computer Society’s Digital Library, and they may be cited as “To appear in the IEEE Symposium on Security & Privacy, May 2021”.
  • Revise: A limited number of papers will be invited to submit a revision; such papers will receive a specific set of expectations to be met by that revision. Authors can submit a revised paper to the next two quarterly submission deadlines after the notification. The authors should clearly explain in a well-marked appendix how the revisions address the comments of the reviewers. The revised paper will then be re-evaluated, and either accepted or rejected.
  • Reject: Papers in this category are declined for inclusion in the conference. Rejected papers must wait for one year, from the date of original submission, to resubmit to IEEE S&P. A paper will be judged to be a resubmit (as opposed to a new submission) if the paper is from the same or similar authors, and a reviewer could write a substantially similar summary of the paper compared with the original submission. As a rule of thumb, if there is more than 40% overlap between the original submission and the new paper, it will be considered a resubmission.
All papers accepted by February 21, 2021 will appear in the proceedings of the symposium in May 2021 and invited to present their work. These include papers that were submitted in December 2020 and were accepted without revision, or papers that were submitted by June 2020, got the Revise decision, and resubmitted the revised paper in December.

For more information, please see

SafeThings 2021 5th IEEE Workshop on the Internet of Safe Things, Held in conjunction with IEEE S&P 2021, Virtual event, May 27, 2021. [posted here 11/9/20]
As traditionally segregated systems are brought online for next-generation connected applications, we have an opportunity to significantly improve the safety of legacy systems. For instance, insights from data across systems can be exploited to reduce accidents, improve air quality and support disaster events. Cyber-physical systems (CPS) also bring new risks that arise due to the unexpected interaction between systems. These safety risks arise because of information that distracts users while driving, software errors in medical devices, corner cases in data-driven control, compromised sensors in drones or conflicts in societal policies. Accordingly, the Workshop on the Internet of Safe Things (or SafeThings, for brevity) seeks to bring researchers and practitioners that are actively exploring system design, modeling, verification, authentication approaches to provide safety guarantees in the Internet of Things (IoT). The workshop welcomes contributions that integrate hardware and software systems provided by disparate vendors, particularly those that have humans in the loop. As safety is inherently linked with security and privacy, we also seek contributions in these areas that address safety concerns. With the SafeThings workshop, we seek to develop a community that systematically dissects the vulnerabilities and risks exposed by these emerging CPSes, and create tools, algorithms, frameworks, and systems that help in the development of safe systems.

The scope of SafeThings includes safety topics as it relates to an individual’s health (physical, mental), society (air pollution, toxicity, disaster events), or the environment (species preservation, global warming, oil spills). The workshop considers safety from a human perspective, and thus, does not include topics such as thread safety or memory safety in its scope.

Topics of interest include, but are not limited to, the following categories:
- Verification of safety in IoT/CPS platforms
- Authentication in IoT/CPS settings
- Adversarial machine learning and testing of IoT/CPS systems
- Secure perception, localization, and planning in autonomous systems (e.g., autonomous vehicles and drones)
- Sensors/analog and network protocol security in IoT/CPS systems
- Compliance with legal, health, and environmental policies
- Conflict resolution between IoT applications
- Secure connectivity and updates in IoT/CPS
- Secure integration of hardware and software systems
- Privacy challenges in IoT/CPS settings
- Privacy preserving data sharing and analysis
- Resiliency against attacks and faults
- Safety in human-in-the-loop systems
- Support for IoT/CPS development - debugging tools, emulators, testbeds
- Usable security and privacy for IoT/CPS platforms
- Smart homes, smart buildings and smart city security and privacy issues

For more information, please see

WTMC 2021 6th International Workshop on Traffic Measurements for Cybersecurity, Held in conjunction with IEEE S&P 2021, Virtual event, May 27, 2021. [posted here 11/9/20]
Current communication networks are increasingly becoming pervasive, complex, and ever-evolving due to factors like enormous growth in the number of network users, continuous appearance of network applications, increasing amount of data transferred, and diversity of user behaviors. Understanding and measuring traffic in such networks is a difficult yet vital task for network management but recently also for cybersecurity purposes. Network traffic measuring and monitoring can, for example, enable the analysis of the spreading of malicious software and its capabilities or can help to understand the nature of various network threats including those that exploit users’ behavior and other user’s sensitive information. On the other hand network traffic investigation can also help to assess the effectiveness of the existing countermeasures or contribute to building new, better ones. Recently, traffic measurements have been utilized in the area of economics of cybersecurity e.g. to assess ISP "badness" or to estimate the revenue of cybercriminals. The aim of this workshop is to bring together the research accomplishments provided by researchers from academia and the industry. The other goal is to show the latest research results in the field of cybersecurity and understand how traffic measurements can influence it. We encourage prospective authors to submit related distinguished research papers on the subject of both: theoretical approaches and practical case reviews. This workshop presents some of the most relevant ongoing research in cybersecurity seen from the traffic measurements perspective. The workshop will be accessible to both non-experts interested in learning about this area and experts interested in hearing about new research and approaches. Topics of interest include but are not limited to:
- Measurements for network incidents response, investigation, and evidence handling
- Measurements of cyber attacks (e.g. DDoS, botnet, malware, and phishing campaigns)
- Measurements for security of web-based applications and services (e.g. social networking)
- Measurements for network anomalies detection
- Measurements for economics of cybersecurity and privacy
- Measurements of security and privacy for the Internet of Things
- Measurements of Internet censorship
- Measurement studies describing the impacts of regulations on cybersecurity and users' privacy (e.g. GDPR)
- Network traffic analysis to discover the nature and evolution of the cybersecurity threats
- Measurements of cyber-physical systems security
- Measurements for assessing the effectiveness of the threats detection/prevention methods and countermeasures
- Novel passive, active and hybrid measurements techniques for cybersecurity purposes
- Traffic classification and topology discovery tools for monitoring the evolving status of the network from the cybersecurity perspective
- Correlation of measurements across multiple layers, protocols or networks for cybersecurity purposes
- Machine learning and data mining for analysis of network traffic measurements for cybersecurity
- Novel approaches for large-scale measurements for cybersecurity (e.g. crowd-sourcing)
- Novel visualization approaches to detect network attacks and other threats
- Analysis of network traffic to provide new insights about network structure and behavior from the security perspective
- Measurements of network protocol and applications behavior and its impact on cybersecurity and users' privacy
- Vulnerability notifications
- Measurements for new cybersecurity settings
- Ethical issues in measurements for cybersecurity
- Reappraisal of previous empirical findings

For more information, please see

SADFE 2021 6th International Workshop on Traffic Measurements for Cybersecurity, Held in conjunction with IEEE S&P 2021, Virtual event, May 27, 2021. [posted here 12/7/20]
The SADFE (Systematic Approaches to Digital Forensic Engineering) International Workshop brings together researchers and practitioners focused on the state-of-the-art and emerging topics of interest in digital forensics. The workshop promotes systematic approaches to digital forensic investigation on the vulnerabilities of today’s cyber systems and networks, digital exploitation and manipulation, and on the emerging methods for how to detect, track, and prevent digital threats. SADFE embraces Digital Forensic Engineering (DFE) advancement as a disciplined and holistic scientific practice.

Namely, the workshop focuses on the topics of AI-generated falsified media (e.g. DeepFakes), cloud forensics, emerging and non-traditional methods (e.g. digital currency forensics, contact tracing, digital evidence management and analysis), forensics of embedded and non-traditional forensics, and related legal, ethical and technical challenges.

The 2021 SADFE Workshop is calling for paper and poster submissions as well as panel proposals in the broad field of Digital Forensics from both practitioner and researcher perspectives. With the dynamic change and rapid expansion of the types of electronic devices, networked applications, and investigation challenges, systematic approaches for automating the process of gathering, analyzing and presenting digital evidence are in unprecedented demand. The SADFE Workshop aims to promote solutions to these and related problems.

For more information, please see

June 2021

OID 2021 Open Identity Summit, Copenhagen, Denmark, June 1 - 2, 2021. [posted here 2/22/21]
The aim of Open Identity Summit 2021 is to link practical experiences and requirements with academic innovations. Focus areas will be Research and Applications in the area of Identity Management, Trust Services, Open Source, Internet of Things, Distributed Ledgers and Cloud Computing. Open standards and interfaces as well as open source technologies play a central role in the current identity management landscape as well as in emerging future scenarios in the area of electronic identification and trust services for electronic transactions. Reliable identity management is an essential building block for many applications and services such as innovative payment services, digital manufacturing, and other innovative applications in the area of e-health, e-government, distributed ledgers, cloud computing, data management for artificial intelligence, and the internet of things. While there are already plenty of successful applications in which those techniques are applied to safeguard authenticity, integrity and confidentiality, there are still many closely related areas, which demand further research. These include technical solutions that provide higher levels of transparency, intervenability and accountability. We invite stakeholders and technical experts from public administration, industry, science and academia to propose contributions to the program of the workshop.

For more information, please see

CPSS 2021 7th ACM Cyber-Physical System Security Workshop, Held in conjunction with ACM AsiaCCS 2021, Hong Kong, China, June 7, 2021. [posted here 12/14/20]
Cyber-Physical Systems (CPS) of interest to this workshop consist of large-scale interconnected systems of heterogeneous components interacting with their physical environments. There exist a multitude of CPS devices and applications deployed to serve critical functions in our lives thus making security an important non-functional attribute of such systems. This workshop will provide a platform for professionals from academia, government, and industry to discuss novel ways to address the ever-present security challenges facing CPS. We seek submissions describing theoretical and practical solutions to security challenges in CPS. Submissions pertinent to the security of embedded systems, IoT, SCADA, smart grid, and other critical infrastructure are welcome. Topics of interest include, but are not limited to:
- Attack detection for CPS
- Authentication and access control for CPS
- Autonomous vehicle security
- Availability and auditing for CPS
- Blockchain for CPS security
- Data security and privacy for CPS
- Digital twins for CPS
- Embedded systems security
- Formal methods in CPS
- Industrial control system security
- IoT security
- Legacy CPS system protection
- Lightweight crypto and security
- Maritime cyber security
- Recovery from cyber attacks
- Security and risk assessment for CPS
- Security architectures for CPS
- Security by design for CPS
- Smart grid security
- Threat modeling for CPS
- Transportation system security
- Vulnerability analysis for CPS
- Wireless sensor network security

For more information, please see

CSF 2021 34th IEEE Computer Security Foundations Symposium, Virtual, June 21-25, 2021. [posted here 7/20/20]
The Computer Security Foundations Symposium (CSF) is an annual conference for researchers in computer security, to examine current theories of security, the formal models that provide a context for those theories, and techniques for verifying security. It was created in 1988 as a workshop of the IEEE Computer Society's Technical Committee on Security and Privacy, in response to a 1986 essay by Don Good entitled “The Foundations of Computer Security—We Need Some.” The meeting became a “symposium” in 2007, along with a policy for open, increased attendance. Over the past two decades, many seminal papers and techniques have been presented first at CSF. For more details on the history of the symposium, visit CSF's home. The program includes papers, panels, and a poster session. Topics of interest include access control, information flow, covert channels, cryptographic protocols, database security, language-based security, authorization and trust, verification techniques, integrity and availability models, and broad discussions concerning the role of formal methods in computer security and the nature of foundational research in this area.

For more information, please see

July 2021

CSR 2021 IEEE International Conference on Cyber Security and Resilience, Virtual, July 26-28, 2021. [posted here 11/23/20]
The technological and industrial revolution brought by complex Cyber-Physical Systems (CPSs) comes with new threats and cyber-attacks that exploit their inherent complexity and heterogeneity. Systems under attack, should exhibit cyber resilience, i.e. a mixture of strategies, methods, and techniques to support complex CPS adaptive capacity during cyber-attacks. The conference focuses on theoretical and practical aspects of the security, privacy, trust, and resilience of networks, systems, and services as well as novel ways for dealing with their vulnerabilities and mitigating sophisticated cyber-attacks.

For more information, please see

August 2021

USENIX Security 2021 30th USENIX Security Symposium, Vancouver, B.C., Canada, August 11–13, 2021. [posted here 7/6/20]
USENIX Security brings together researchers, practitioners, system administrators, system programmers, and others to share and explore the latest advances in the security and privacy of computer systems and networks. All researchers are encouraged to submit papers covering novel and scientifically significant practical works in computer security. The Symposium will span three days with a technical program including refereed papers, invited talks, posters, panel discussions, and Birds-of-a-Feather sessions. Co-located events will precede the Symposium on August 9 and 10. Please note that the USENIX Security Symposium moved to multiple submission deadlines in 2019 and included changes to the review process and submission policies.

For more information, please see

September 2021

EuroSP Workshops 2021 6th IEEE EuroS&P Symposium, Vienna, Austria, September 7-11, 2021. [posted here 12/7/20]
Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field. Following this story of success, in 2016 IEEE initiated the European Symposium on Security and Privacy (EuroS&P), which is organized every year in a European city. Pre-conference workshops will take place on Tuesday, September 7, 2021, and post-conference workshops on Saturday, September 11, 2021. A workshop associated with IEEE EuroS&P can be a half-, a full or two days (but then split in a pre- and a post-conference part) in length. Each workshop should provide a forum to address a specific topic at the forefront of security and privacy research. If proceedings are planned, the default option offered is publication through IEEE Xplore in a volume accompanying the main IEEE EuroS&P 2021 proceedings.

Workshop registration will be done together with the main conference, allowing workshop-only registrations as well. Support for accepted workshops includes rooms, coffee breaks, lunches, and at least one free registration for the workshop. Other expenses must be covered by the individual workshops.

For more information, please see