Conference and Workshop Announcements
Commentary and Opinion
Richard Austin's review of Privacy in the Modern Age: The Search for Solutions by Marc Rotenberg, Julia Horwitz and Jeramie Scott
NewsBits: Announcements and correspondence from readers (please contribute!)
Listing of academic positions available by Cynthia Irvine
New since Cipher 126:
Posted July 2015
Department of Computer Science, TU Darmstadt
Two PostDoc Positions in Software Security:
- Concurrent Program Security
- Information-Flow Security by Design
The positions are available from September 1st 2015, but a later start is also possible. We will consider applications until the positions are filled.
Cipher calendar announcements are on Twitter; follow "ciphernews"
new calls or announcements added since Cipher E126 (the calls-for-papers and the calendar announcements may differ slightly in content or time of update):
EuroSP 2016 1st IEEE European Symposium on Security and Privacy, Congress Center Saar, Saarbrücken, Germany, March 21-24, 2016. (Submission Due 6 August 2015)
The IEEE European Symposium on Security and Privacy (EuroS&P) has been founded as the European sister conference of the established IEEE S&P symposium, and thus as a premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
ICISS 2015 11th International Conference on Information Systems Security, Kolkata, India, December 16-20, 2015. (Submission Due 10 August 2015)
The conference series ICISS (International Conference on Information Systems Security), held annually, provides a forum for disseminating latest research results in information and systems security. ICISS 2015, the eleventh conference in this series, will be held under the aegis of the Society for Research in Information Security and Privacy (SRISP). Submissions are encouraged from academia, industry and government, addressing theoretical and practical problems in information and systems security and related areas. Topics of interest include but are not limited to:
NDSS 2016 Network and Distributed System Security Symposium, San Diego, California, USA, February 21-24, 2016. (Submission Due 14 August 2015)
ISOC NDSS fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies. Technical papers and panel proposals are solicited. All submissions will be reviewed by the Program Committee and accepted submissions will be published by the Internet Society in the Proceedings of NDSS 2016. The Proceedings will be made freely accessible from the Internet Society webpages. Furthermore, permission to freely reproduce all or parts of papers for noncommercial purposes is granted provided that copies bear the Internet Society notice included in the first page of the paper. The authors are therefore free to post the camera-ready versions of their papers on their personal pages and within their institutional repositories. Reproduction for commercial purposes is strictly prohibited and requires prior consent. Topics include:
Editors: Jemal Abawajy (Deakin University, Australia), Kim-Kwang Raymond Choo (University of South Australia, Australia), and Rafiqul Islam (Charles Sturt University, Australia). This special issue invites original research papers that reports on state-of-the-art and recent advancements in securing our critical infrastructure and cyberspace, with a particular emphasis on novel techniques to build resilient critical information infrastructure. Topics of interest include but are not limited to:
Elsevier Future Generation Computer Systems, Special issue on Security, Privacy and Trust of the User-centric Solutions. (Submission Due 1 September 2015)
Editors: Raja Naeem Akram (University of London, United Kingdom),
Hsiao-Hwa Chen (National Cheng Kung University, Taiwan),
Javier Lopez (University of Malaga, Spain),
Damien Sauveron (University of Limoges, France),
and Laurence T. Yang (St. Francis Xavier University, Canada).
In future computing environments, due to the ongoing development of pervasive and smart technologies, movement towards user-centric solutions must be paramount. The frameworks for everyday personal computing devices, including smartphones, smart cards and sensors, are becoming user-centric instead of issuer-centric. User-centric solutions can target a wide range of applications, ranging from individual devices communicating with other connected devices, through to data-sharing in cloud computing and open grids on very powerful computing systems. User-centric solutions address the devices themselves and the ways in which they communicate, i.e., the networks and the end-user applications. The key factor in the success of user-centric solutions is the peace of mind of users. To achieve this the security, privacy and trust in the user-centric ecosystem for any device must be ensured. This special issue aims to further scientific research within the field of security, privacy and trust for user-centric solutions. It will accept original research papers that report the latest results and advances in this area. It also invites review articles that focus on the state of the art in security, privacy and trust solutions for user-centric devices, network and applications, highlighting trends and challenges. The papers will be peer reviewed and will be selected on the basis of their quality and relevance to the topic of this special issue. Topics include (but are not limited to):
SPW 2016 Security and Privacy Workshops, Held in conjunction with the 37th IEEE Symposium on Security and Privacy (SP 2016), San Jose, CA, USA, May 26, 2016. (Submission Due 1 September 2015)
Since 1980, the IEEE Symposium on Security and Privacy (SP) has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field. To expand opportunities for scientific exchanges, the IEEE CS Technical Committee on Security and Privacy created the Security and Privacy Workshops (SPW). The typical purpose of such a workshop is to cover a specific aspect of security and privacy in more detail, making it easy for the participants to attend IEEE SP and a specialized workshop at SPW with just one trip. Furthermore, the co-location offers synergies for the organizers. The number of workshops and attendees has grown steadily during recent years. Workshops can be annual events, one time events, or aperiodic. The Security and Privacy Workshops in 2016 will be held on Thursday, May 26. All workshops will occur on that day. Up to six workshops will be hosted by SPW.
IFIP119-DF 2016 12th IFIP WG 11.9 International Conference on Digital Forensics, New Delhi, India, January 4-6, 2016. (Submission Due 4 September 2015)
The IFIP Working Group 11.9 on Digital Forensics (www.ifip119.org) is an active international community of scientists, engineers and practitioners dedicated to advancing the state of the art of research and practice in digital forensics. The Twelfth Annual IFIP WG 11.9 International Conference on Digital Forensics will provide a forum for presenting original, unpublished research results and innovative ideas related to the extraction, analysis and preservation of all forms of electronic evidence. Papers and panel proposals are solicited. All submissions will be refereed by a program committee comprising members of the Working Group. Papers and panel submissions will be selected based on their technical merit and relevance to IFIP WG 11.9. The conference will be limited to approximately 100 participants to facilitate interactions between researchers and intense discussions of critical research issues. Keynote presentations, revised papers and details of panel discussions will be published as an edited volume - the twelfth volume in the well-known Advances in Digital Forensics book series (Springer, Heidelberg, Germany) during the summer of 2016. Technical papers and posters are solicited in all areas related to the theory and practice of digital forensics. Areas of special interest include, but are not limited to:
ICISSP 2016 2nd International Conference on Information Systems Security and Privacy, Rome, Italy, February 19-21, 2016. (Submission Due 8 September 2015)
The International Conference on Information Systems Security and Privacy aims at creating a meeting point for researchers and practitioners that address security and privacy challenges that concern information systems, especially in organizations, including not only technological issues but also social issues. The conference welcomes papers of either practical or theoretical nature, presenting research or applications addressing all aspects of security and privacy, that concerns to organizations and individuals, thus creating new research opportunities. Topics include:
IEICE Transactions on Information and Systems, Special Issue on Information and Communication System Security. (Submission Due 10 September 2015)
Editors: Abhishek Parakh (University of Nebraska, Omaha, USA)
and Zhiwei Wang (Nanjing University of Posts and Telecommunications, P.R. China).
Mobile devices, such as smart tags, smart pads, tablets, PDAs, smart phones and wireless sensors, have become pervasive and attract significant interest from academia, industry, and standard organizations. With the latest cloud computing technology, those mobile devices will play a more and more important role in computing and communication. When those devices become pervasive, security become critical components for the acceptance of applications build based on those devices. Moreover, several favorable characteristics of mobile devices, including portability, mobility and sensitivity, further increase the challenges of security in these systems. However due to rapid development and applications, security in mobile systems involves different challenges. This special issue aims to bring together works of technologists and researchers who share an interest in the area of security in mobile systems, and to explore new venues of collaboration. Its main purpose is to promote discussions about research and relevant activities in the models and designs of secure, privacy-preserving, trusted architectures, security protocols, cryptographic algorithms, services and applications, as well as to analyse cyber threat in mobile systems. It also aims at increasing the synergy between academic and industry professionals working in this area. We seek papers that address theoretical, experimental research, and works-in-progress for security-related issues in the context of mobile systems. Suitable topics include the following in relation to security:
IET Information Security, Special Issue on Lightweight and Energy-Efficient Security Solutions for Mobile Computing Devices. (Submission Due 14 September 2015)
Editors: Nele Mentens (KU Leuven, Belgium),
Damien Sauveron (University of Limoges, France),
José María Sierra Cámara (Universidad Carlos III Madrid, Spain),
Shiuh-Jeng Wang (Central Police University, Taiwan, R.O.C.),
and Isaac Woungang (Ryerson University, Canada).
In the modern life, computing devices are becoming more and more mobile and embedded, meaning that they are vulnerable to power limitation and low resources. In this context, the needs of lightweight and energy-efficient security solutions to secure communication as well as applications in which they are involved are inescapable. The targeted mobile devices are small and low computational ones such as RFID, Contactless Smart Card, Wireless Sensors Nodes, to name a few. The aim of this Special Issue is to publish state-of-the-art research results in recent advances in Lightweight and Energy-Efficient Security Solutions for Mobile and Pervasive Computing Devices.
CODASPY 2016 6TH ACM Conference on Data and Application Security and Privacy, New Orleans, LA, USA, March 9-11, 2016. (Submission Due 14 September 2015)
Data and applications security and privacy has rapidly expanded as a research field with many important challenges to be addressed. The goal of the ACM Conference on Data and Applications Security (CODASPY) is to discuss novel, exciting research topics in data and application security and privacy and to lay out directions for further research and development in this area. The conference seeks submissions from diverse communities, including corporate and academic researchers, open-source projects, standardization bodies, governments, system and security administrators, software engineers and application domain experts. Topics of interest include, but are not limited to:
ICSS 2015 Industrial Control System Security Workshop, Held in conjunction with 31st Annual Computer Security Applications Conference (ACSAC), Los Angeles, California, USA, December 7-11, 2015. (Submission Due 21 September 2015)
Supervisory control and data acquisition (SCADA) and industrial control systems monitor and control a wide range of industrial and infrastructure processes such as water treatment, power generation and transmission, oil and gas refining and steal manufacturing. Such systems are usually built using a variety of commodity computer and networking components, and are becoming increasingly interconnected with corporate and other Internet-visible networks. As a result, they face significant threats from internal and external actors. For example, Stuxnet malware was specifically written to attack SCADA systems that alone caused multi-million dollars damages in 2010. The critical requirement for high availability in SCADA and industrial control systems, along with the use of resource constrained computing devices, legacy operating systems and proprietary software applications limits the applicability of traditional information security solutions. The goal of this workshop is to explore new security techniques that are applicable in the control systems context. Papers of interest including (but not limited to) the following subject categories are solicited:
ESSoS 2016 International Symposium on Engineering Secure Software and Systems, University of London, London, UK, April 6 - 8, 2016. (Submission Due 25 September 2015)
Trustworthy, secure software is a core ingredient of the modern world. So is the Internet. Hostile, networked environments, like the Internet, can allow vulnerabilities in software to be exploited from anywhere. High-quality security building blocks (e.g., cryptographic components) are necessary but insufficient to address these concerns. Indeed, the construction of secure software is challenging because of the complexity of modern applications, the growing sophistication of security requirements, the multitude of available software technologies and the progress of attack vectors. Clearly, a strong need exists for engineering techniques that scale well and that demonstrably improve the software's security properties. The goal of this symposium, which will be the eighth in the series, is to bring together researchers and practitioners to advance the states of the art and practice in secure software engineering. Being one of the few conference-level events dedicated to this topic, it explicitly aims to bridge the software engineering and security engineering communities, and promote cross-fertilization. The symposium will feature two days of technical program including two keynote presentations. In addition to academic papers, the symposium encourages submission of high-quality, informative industrial experience papers about successes and failures in security software engineering and the lessons learned. Furthermore, the symposium also accepts short idea papers that crisply describe a promising direction, approach, or insight. The Symposium seeks submissions on subjects related to its goals. This includes a diversity of topics including (but not limited to):
Pervasive and Mobile Computing, Special Issue on Mobile Security, Privacy and Forensics. (Submission Due 30 September 2015)
Editors: Kim-Kwang Raymond Choo (University of South Australia, Australia),
Lior Rokach (Ben-Gurion University of the Negev Beer-Sheva, Israel),
and Claudio Bettini (University of Milan, Italy)
This special issue will focus on cutting edge research from both academia and industry on the topic of mobile security, privacy and forensics, with a particular emphasis on novel techniques to secure user data and/or obtain evidential data from mobile devices in crimes that make use of sophisticated and secure technologies. Topics of interest include:
INTRICATE-SEC 2016 4th International Workshop on Security Intricacies in Cyber-Physical Systems and Services, Held in conjunction with the 30th International Conference on Advanced Information Networking and Applications (AINA-2016), Crans-Montana, Switzerland, March 23-25, 2016. (Submission Due 3 October 2015)
For INTRICATE-SEC 2016 we are expanding our scope from a focus on security intricacies in designing/modelling service oriented architectures to the broader field of secure cyber physical systems (CPS) and services. Of particular interest are ideas and solutions on provisioning secure CPS and services over resource constrained and low power lossy networks. In addition to invited talks, we welcome papers with novel theoretical and application-centered contributions focused on (but not restricted to) the following topics:
PQCrypto 2016 7th International Conference on Post-Quantum Cryptography, Fukuoka, Japan, February 24-26, 2016. (Submission Due 7 October 2015)
The aim of PQCrypto is to serve as a forum for researchers to present results and exchange ideas on the topic of cryptography in an era with large-scale quantum computers. The conference will be preceded by a winter school on February 22-23, 2016. Original research papers on all technical aspects of cryptographic research related to post-quantum cryptography are solicited. The topics include (but are not restricted to):
Elsevier Computer Networks, Special issue on Recent Advances in Physical-Layer Security. (Submission Due 15 October 2015)
Editors: Gerhard Hancke (City University of Hong Kong, Hong Kong),
Aikaterini Mitrokotsa (Chalmers University of Technology, Sweden),
Reihaneh Safavi-Naini (University of Calgary, Canada),
and Damien Sauveron (University of Limoges, France).
Physical-layer security is emerging as a promising approach for supporting new and existing security services. Aspects of the physical layer have the potential to provide security services that challenges the capabilities of conventional cryptographic mechanisms, such as relay attacks, ad-hoc key establishment and key-less secure communication. This special issue aims to further scientific research into both theoretical and practical approaches to physical-layer security. It will accept original research papers that report latest results and advances in this area, and will also invite review articles that focus on the state-of-the-art, highlighting trends and challenges. The papers will be peer reviewed and will be selected on the basis of their quality and relevance to the topic of this special issue. We would particularly like to encourage submissions that present strong experimental and/or practical implementation results. Topics include (but are not limited to):
WileySecurity and Communication Networks journal, Special Issue on Cyber Crime. (Submission Due 20 October 2015)
Editors: Wojciech Mazurczyk (Warsaw University of Technology, Poland),
Krzysztof Szczypiorski (Warsaw University of Technology, Poland),
Zoran Duric (George Mason University, USA),
and Dengpan Ye (Wuhan University, China).
Today's world's societies are becoming more and more dependent on open networks such as the Internet - where commercial activities, business transactions and government services are realized. This has led to the fast development of new cyber threats and numerous information security issues which are exploited by cyber criminals. The inability to provide trusted secure services in contemporary computer network technologies has a tremendous socio-economic impact on global enterprises as well as individuals. Moreover, the frequently occurring international frauds impose the necessity to conduct the investigation of facts spanning across multiple international borders. Such examination is often subject to different jurisdictions and legal systems. A good illustration of the above being the Internet, which has made it easier to perpetrate traditional crimes. It has acted as an alternate avenue for the criminals to conduct their activities, and launch attacks with relative anonymity. The increased complexity of the communications and the networking infrastructure is making investigation of the crimes difficult. Traces of illegal digital activities are often buried in large volumes of data, which are hard to inspect with the aim of detecting offences and collecting evidence. Nowadays, the digital crime scene functions like any other network, with dedicated administrators functioning as the first responders. This poses new challenges for law enforcement policies and forces the computer societies to utilize digital forensics to combat the increasing number of cybercrimes. Forensic professionals must be fully prepared in order to be able to provide court admissible evidence. To make these goals achievable, forensic techniques should keep pace with new technologies. The aim of this special issue is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field of digital forensics and to present the development of tools and techniques which assist the investigation process of potentially illegal cyber activity. We encourage prospective authors to submit related distinguished research papers on the subject of both: theoretical approaches and practical case reviews. This special issue presents some of the most relevant ongoing research in cyber crime. Topics include, but are not limited to the following:
IEEE Communication Magazine, Feature Topic on Bio-inspired Cyber Security for Communications and Networking. (Submission Due 1 November 2015)
Editors: Wojciech Mazurczyk (Warsaw University of Technology, Poland),
Sean Moore (Centripetal Networks, USA), Errin W. Fulp (Wake Forest University, USA),
Hiroshi Wada (Unitrends, Australia),
and Kenji Leibnitz (National Institute of Information and
Communications Technology, Japan).
Nature is Earth's most amazing invention machine for solving problems and adapting to significant environmental changes. Its ability to address complex, large-scale problems with robust, adaptable, and efficient solutions results from many years of selection, genetic drift and mutations. Thus, it is not surprising that inventors and researchers often look to natural systems for inspiration and methods for solving problems in human-created artificial environments. This has resulted in the development of evolutionary algorithms including genetic algorithms and swarm algorithms, and of classifier and pattern-detection algorithms, such as neural networks, for solving hard computational problems.
A natural evolutionary driver is to survive long enough to create a next-generation of descendants and ensure their survival. One factor in survival is an organism's ability to defend against attackers, both predators and parasites, and against rapid changes in environmental conditions. Analogously, networks and communications systems use cyber security to defend their assets against cyber criminals, hostile organizations, hackers, activists, and sudden changes in the network environment (e.g., DDoS attacks). Many of the defense methods used by natural organisms may be mapped to cyber space to implement effective cyber security. Some examples include immune systems, invader detection, friend vs. foe, camouflage, mimicry, evasion, etc. Many cyber security technologies and systems in common use today have their roots in bio-inspired methods, including anti-virus, intrusion detection, threat behavior analysis, attribution, honeypots, counterattack, and the like. As the threats evolve to evade current cyber security technologies, similarly the bio-inspired security and defense technologies evolve to counter the threat.
The goal of this feature topic is twofold: (1) to survey the current academic and industry research in bio-inspired cyber security for communications and networking, so that the ComSoc community can understand the current evolutionary state of cyber threats, defenses, and intelligence, and can plan for future transitions of the research into practical implementations; and (2) to survey current academic and industry system projects, prototypes, and deployed products and services (including threat intelligence services) that implement the next generation of bio-inspired methods. Please note that we recognize that in some cases, details may be limited or obscured for security reasons. Topics of interests include, but are not limited to:
SP 2016 37th IEEE Symposium on Security and Privacy, San Jose, CA, USA, May 23-25, 2016. (Submission Due 13 November 2015)
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
ASIACCS 2016 11th ACM Asia Conference on Computer and Communications Security, Xi'an, China, May 31 - June 3, 2016. (Submission Due 20 November 2015)
Building on the success of ACM Conference on Computer and Communications Security (CCS) and ACM Transactions on Information and System Security (TISSEC), the ACM Special Interest Group on Security, Audit, and Control (SIGSAC) formally established the annual ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS). The inaugural ASIACCS was held in Taipei (2006). Since then ASIACCS has been held in Singapore (2007), Tokyo (2008), Sydney (2009), Beijing (2010), Hong Kong (2011), Seoul (2012), Hangzhou (2013), Kyoto (2014), and Singapore (2015). Considering that this series of meetings has moved beyond a symposium and it is now widely regarded as the Asia version of CCS, the full name of AsiaCCS is officially changed to ACM Asia Conference on Computer and Communications Security starting in June 2015. The 11th ACM Asia Conference on Computer and Communications Security (ASIACCS 2016) will be held in 31 May - 3 June, 2016 in Xi'an, China. We invite submissions from academia, government, and industry presenting novel research on all theoretical and practical aspects of computer and network security. Areas of interest for ASIACCS 2016 include, but are not limited to:
ACM Transactions on Internet Technology, Special Issue on Internet of Things (IoT): Secure Service Delivery. (Submission Due 30 November 2015)
Editors: Elisa Bertino (Purdue University, USA),
Kim-Kwang Raymond Choo (University of South Australia, Australia),
Dimitrios Georgakopoulos (RMIT University, Australia),
and Surya Nepal (CSIRO, Australia).
The aim of this special section is to bring together cutting-edge research with particular emphasis on novel and innovative techniques to ensure the security and privacy of IoT services and users. We solicit research contributions and potential solutions for IoT-based secure service delivery anywhere and at any time. This special section emphasizes service-level considerations. Topics of interest include, but are not limited to:
IFIP SEC 2016 31th IFIP TC-11 SEC 2016 International Information Security and Privacy Conference, Ghent, Belgium, May 30 - June 1, 2016. (Submission Due 24 December 2015)
The IFIP SEC conference is the flagship event of the International Federation for Information Processing (IFIP) Technical Committee 11 on Security and Privacy Protection in Information Processing Systems (TC-11, www.ifiptc11.org). We seek submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of security and privacy protection in ICT Systems. Topics of interest:
Staying in touch....
IEEE Computer Society's Technical Committee on Security and Privacy
|TC home page||TC Officers|
|How to join the TCSP||TC publications available online|
|TC Publications for sale||Cipher past issues archive|